secure.empirefinancialresearch.com
Open in
urlscan Pro
2606:4700::6812:1a8
Public Scan
Effective URL: https://secure.empirefinancialresearch.com/?cid=MKT541025&eid=MKT550787
Submission: On July 22 via manual from IN
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time secure.empirefinancialresearch.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN22606 (EXACT-7, US)
PTR: click.s11.exacttarget.com
click.email-travelingstocktrader.com |
ASN13335 (CLOUDFLARENET, US)
secure.empirefinancialresearch.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
secure-prod-assets.s3.amazonaws.com |
ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com
s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-72.fra2.r.cloudfront.net
gsdpeazjjf.execute-api.us-east-1.amazonaws.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-122.deploy.static.akamaitechnologies.com
players.brightcove.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-240-234.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-192-146.eu-central-1.compute.amazonaws.com
rtb-eu.mfadsrvr.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-31.dus51.r.cloudfront.net
edge.api.brightcove.com |
ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com
metrics.brightcove.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-146.fra2.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net |
ASN16509 (AMAZON-02, US)
house-cloudfront.us-east-1.prod.boltdns.net |
Domain | Requested by | |
---|---|---|
20 | secure.empirefinancialresearch.com |
secure.empirefinancialresearch.com
|
5 | metrics.brightcove.com | |
5 | c.lytics.io |
secure.empirefinancialresearch.com
c.lytics.io |
5 | s3.amazonaws.com |
secure.empirefinancialresearch.com
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | secure-prod-assets.s3.amazonaws.com |
secure.empirefinancialresearch.com
|
3 | manifest.prod.boltdns.net |
secure.empirefinancialresearch.com
|
3 | code.jquery.com |
secure.empirefinancialresearch.com
|
2 | house-cloudfront.us-east-1.prod.boltdns.net |
secure.empirefinancialresearch.com
|
2 | edge.api.brightcove.com |
secure.empirefinancialresearch.com
|
2 | rtb.mfadsrvr.com | 2 redirects |
2 | dev.visualwebsiteoptimizer.com |
secure.empirefinancialresearch.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
secure.empirefinancialresearch.com |
2 | marketingassets.cloudsna.com |
secure.empirefinancialresearch.com
s3.amazonaws.com |
1 | cf-images.us-east-1.prod.boltdns.net | |
1 | widget.us.criteo.com | |
1 | sslwidget.criteo.com | 1 redirects |
1 | vjs.zencdn.net |
players.brightcove.net
|
1 | gum.criteo.com |
static.criteo.net
|
1 | ups.analytics.yahoo.com | |
1 | rtb-eu.mfadsrvr.com | 1 redirects |
1 | static.criteo.net |
secure.empirefinancialresearch.com
|
1 | players.brightcove.net |
secure.empirefinancialresearch.com
|
1 | www.googletagmanager.com |
secure.empirefinancialresearch.com
|
1 | gsdpeazjjf.execute-api.us-east-1.amazonaws.com |
secure.empirefinancialresearch.com
|
1 | fonts.googleapis.com |
secure.empirefinancialresearch.com
|
1 | cdn.mxpnl.com |
secure.empirefinancialresearch.com
|
1 | cdnjs.cloudflare.com |
secure.empirefinancialresearch.com
|
1 | marketshakernews.com | 1 redirects |
1 | click.email-travelingstocktrader.com | 1 redirects |
74 | 30 |
This site contains links to these domains. Also see Links.
Domain |
---|
empirefinancialresearch.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-11 - 2022-06-10 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-07-15 - 2022-07-28 |
a year | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-01-11 - 2022-02-11 |
a year | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-06-23 - 2022-07-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.execute-api.us-east-1.amazonaws.com Amazon |
2020-10-22 - 2021-11-21 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2020-06-19 - 2022-07-06 |
2 years | crt.sh |
players.brightcove.net DigiCert SHA2 Secure Server CA |
2020-09-03 - 2021-10-03 |
a year | crt.sh |
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-06-27 - 2021-09-24 |
3 months | crt.sh |
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-03-22 - 2021-09-15 |
6 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-06-27 - 2021-09-24 |
3 months | crt.sh |
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-02-22 - 2022-03-26 |
a year | crt.sh |
*.api.brightcove.com Amazon |
2020-10-08 - 2021-11-07 |
a year | crt.sh |
metrics.brightcove.com GTS CA 1D4 |
2021-06-29 - 2021-09-27 |
3 months | crt.sh |
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-06-08 - 2021-09-05 |
3 months | crt.sh |
*.prod.boltdns.net Amazon |
2020-12-08 - 2022-01-06 |
a year | crt.sh |
*.adapter.ooyala.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-05-13 - 2022-06-14 |
a year | crt.sh |
house-cloudfront.us-east-1.prod.boltdns.net Amazon |
2021-05-23 - 2022-06-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://secure.empirefinancialresearch.com/?cid=MKT541025&eid=MKT550787
Frame ID: 55CEA009328DC3FFF25C531231967B47
Requests: 72 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=secure.empirefinancialresearch.com&origin=onetag
Frame ID: F4C3DD48221E60C6D53292D733433A08
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://click.email-travelingstocktrader.com/?qs=5e230e12f5644ce32d851bfe4aa455f637342d25eb1473a037ad63dafcbbebb2c5ba0ce9...
HTTP 302
https://marketshakernews.com/1esicipo/dberroya@stc.com.sa/exacttarget/ad4/AL HTTP 301
https://secure.empirefinancialresearch.com/?cid=MKT541025&eid=MKT550787 Page URL
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: DMCA Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://click.email-travelingstocktrader.com/?qs=5e230e12f5644ce32d851bfe4aa455f637342d25eb1473a037ad63dafcbbebb2c5ba0ce9d29ba6fc037bc702027107af8f20a4b6f3deca8b
HTTP 302
https://marketshakernews.com/1esicipo/dberroya@stc.com.sa/exacttarget/ad4/AL HTTP 301
https://secure.empirefinancialresearch.com/?cid=MKT541025&eid=MKT550787 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 44- https://rtb.mfadsrvr.com/pixel?id=359034&type=img HTTP 302
- https://rtb.mfadsrvr.com/ul_cb/pixel?id=359034&type=img HTTP 302
- https://rtb-eu.mfadsrvr.com/sync?ssp=vmx&initiator=me HTTP 302
- https://ups.analytics.yahoo.com/ups/58275/sync?uid=107a4365-a6e6-4b6b-bea7-5c567548cbaf&_origin=1&redir=true
- https://sslwidget.criteo.com/event?a=85846&v=5.7.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=empirefinancialresearch.com&dtycbr=53918 HTTP 302
- https://widget.us.criteo.com/event?a=85846&v=5.7.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&tld=empirefinancialresearch.com&dtycbr=53918
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
secure.empirefinancialresearch.com/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsencrypt.min.js
cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/ |
55 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zuora-min.js
secure.empirefinancialresearch.com/store/PROD/js/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postToIframe.js
secure.empirefinancialresearch.com/store/PROD/js/ |
2 KB 980 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
encryption_util.js
secure.empirefinancialresearch.com/store/PROD/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HPM2Security-min.js
secure.empirefinancialresearch.com/store/PROD/js/ |
44 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.payment.min.js
secure.empirefinancialresearch.com/store/PROD/plugins/jquery-payment/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
store.min.js
secure.empirefinancialresearch.com/store/PROD/js/revampstore/ |
119 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mygtm.js
secure.empirefinancialresearch.com/store/PROD/js/ |
474 B 704 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
listrak.js
secure.empirefinancialresearch.com/store/PROD/js/ |
1 KB 944 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mymixpanel.js
secure.empirefinancialresearch.com/store/PROD/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.js
code.jquery.com/ui/1.12.1/ |
509 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.470216de971b1efa0c1f.css
secure.empirefinancialresearch.com/ |
114 B 443 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.06daa30a2963fa413676.js
secure.empirefinancialresearch.com/ |
1 KB 991 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.b01b7f661f74b700d095.js
secure.empirefinancialresearch.com/ |
187 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.929bc4bfc2c92752abf9.js
secure.empirefinancialresearch.com/ |
445 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
75 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getSiteDetails
secure.empirefinancialresearch.com/site/api/v1/ |
104 KB 7 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EmpireExternalJS.js
marketingassets.cloudsna.com/prod/javascript/Empire/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bss-px.min.js
secure.empirefinancialresearch.com/store/PROD/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.4.3.1.css
secure-prod-assets.s3.amazonaws.com/common/css/bootstrap/ |
152 KB 153 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
psi-digerati.css
s3.amazonaws.com/assets.stansberryresearch.com/mkt/SIR/digerati/ |
32 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 474 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1621345946131.css
s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/ESI/inlinecss/ |
9 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
versionId=5QYtcs1Ls1aoCFoXXiJb70dGWt7t1aYY
gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/ESI/VideoLandingPage/1619613832584.html/ |
3 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
159 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
generic
secure.empirefinancialresearch.com/snowflake/ |
21 B 418 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
logger
secure.empirefinancialresearch.com/snowflake/ |
21 B 249 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.min.js
c.lytics.io/api/tag/ead5eca80332b79e7e168400567ce51f/ |
56 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 52 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ead5eca80332b79e7e168400567ce51f
c.lytics.io/c/ |
35 B 537 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u_803349079840398600
c.lytics.io/api/personalize/ead5eca80332b79e7e168400567ce51f/user/_uid/ |
2 KB 1 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ead5eca80332b79e7e168400567ce51f
c.lytics.io/c/ |
35 B 312 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1621346268619.js
s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/ESI/inlinejs/ |
973 B 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exitpopManager.js
secure-prod-assets.s3.amazonaws.com/common/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analyticsCore.js
secure-prod-assets.s3.amazonaws.com/common/js/ |
598 B 1019 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rtrCoptionsManager.js
secure-prod-assets.s3.amazonaws.com/common/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.min.js
players.brightcove.net/5298920694001/k7kYTMBz75_default/ |
779 KB 208 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.js
static.criteo.net/js/ld/ |
39 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ESI-Citizen-Background.png
s3.amazonaws.com/assets.empirefinancialresearch.com/mkt/ESI/Citizen-IP0-May-2021/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
ups.analytics.yahoo.com/ups/58275/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EF-logo.svg
s3.amazonaws.com/assets.stansberryresearch.com/mkt/Empire/ESI/ |
19 KB 19 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v11/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wlprgwHKFkZgtmSR3NB0oRJfajDqDuNS_LU.woff2
fonts.gstatic.com/s/crimsontext/v11/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wlpogwHKFkZgtmSR3NB0oRJfajhRK_Y.woff2
fonts.gstatic.com/s/crimsontext/v11/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
wlppgwHKFkZgtmSR3NB0oRJX1C1GDNNQ.woff2
fonts.gstatic.com/s/crimsontext/v11/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gibson-semibold-webfont.woff
marketingassets.cloudsna.com/prod/fonts/stansberry/gibson/ |
30 KB 31 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame F4C3 |
291 B 724 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vtt.global.min.js
vjs.zencdn.net/vttjs/0.12.5/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6254581702001
edge.api.brightcove.com/playback/v1/accounts/5298920694001/videos/ |
6 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 94 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 175 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
6254581702001
edge.api.brightcove.com/playback/v1/accounts/5298920694001/videos/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 94 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
widget.us.criteo.com/ Redirect Chain
|
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 94 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
generic
secure.empirefinancialresearch.com/snowflake/ |
21 B 300 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5298920694001/4301e84f-8864-496b-9a5d-ab6c669e27ea/275897d1-3ff2-43c1-a2b4-f6b4c12751e7/1280x720/match/ |
166 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5298920694001/4301e84f-8864-496b-9a5d-ab6c669e27ea/10s/ |
6 KB 6 KB |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
c80429d2-9539-42db-80c9-718b685ced83
https://secure.empirefinancialresearch.com/ |
6 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
69b7bbb5-6ff5-47a2-b686-c1631e40d49c
https://secure.empirefinancialresearch.com/ |
83 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
4778519a-4f76-4d2a-b7ee-c7c9cf8e2ff4
https://secure.empirefinancialresearch.com/ |
83 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 94 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5298920694001/4301e84f-8864-496b-9a5d-ab6c669e27ea/708b33c9-7587-4901-9411-9c1ab34f383a/10s/ |
231 KB 231 KB |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5298920694001/4301e84f-8864-496b-9a5d-ab6c669e27ea/1ffb00ad-670c-4ee8-bcea-3eb4d2e9e556/10s/ |
232 KB 233 KB |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segment0.ts
house-cloudfront.us-east-1.prod.boltdns.net/media/v1/hls/v4/clear/5298920694001/4301e84f-8864-496b-9a5d-ab6c669e27ea/708b33c9-7587-4901-9411-9c1ab34f383a/5x/ |
1 MB 1 MB |
XHR
video/mp2t |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segment0.ts
house-cloudfront.us-east-1.prod.boltdns.net/media/v1/hls/v4/clear/5298920694001/4301e84f-8864-496b-9a5d-ab6c669e27ea/1ffb00ad-670c-4ee8-bcea-3eb4d2e9e556/5x/ |
218 KB 219 KB |
XHR
video/mp2t |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.js
c.lytics.io/static/ |
100 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
logger
secure.empirefinancialresearch.com/snowflake/ |
21 B 273 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
256 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| KJUR object| Hex object| Base64 function| ASN1 function| JSEncrypt string| __z_version string| ifrmId boolean| threedRedirected object| ZLOG object| ZXD object| Z object| ZFB function| postToHostedPage function| postToIframe function| postToOfflinePage object| EncryptionUtil function| pidCrypt function| Stream number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| SecureRandom function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize function| parseBigInt function| linebrk function| byte2Hex function| pkcs1unpad2 function| pkcs1pad2 object| pidCryptUtil object| Store object| dataLayer function| loadGTMScript function| loadListrak object| mixpanel object| webpackJsonp function| URLPolyfill object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| __zone_symbol__Promise function| __zone_symbol__Error function| Zone function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm object| DD_LOGS object| ng object| __zone_symbol__eventTasks object| globalStoreData function| onOFSubmitSucceeded function| onOFSubmitFailed function| loadAssetByUrl function| loadInterFunnelAssetByUrl function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| bsspxClass object| bsspx function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _vwo_code number| settings_timer number| _vwo_settings_timer object| jstag object| gaplugins object| gaGlobal object| gaData undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| __lytics__jstag__ undefined| u_938165927380015600 object| criteo_q boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs function| videojsFlash object| videojsFlashlsSourceHandler object| httpStreaming function| videojsPerSourceBehaviors function| videojsContextmenu function| videojsContextmenuUi function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog function| videojsPlaylist function| bc function| WebVTT number| buttonTime string| htmlLink string| deviceType object| vttjs object| urlParams function| WaitForFunction function| AutoAdvance function| timeJumper function| ButtonReveal function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secure.empirefinancialresearch.com/ | Name: _dd_s Value: logs=1&id=29275057-8df2-4188-aa40-896f39bc6a73&created=1626977272734&expire=1626978172734 |
|
secure.empirefinancialresearch.com/ | Name: dd_cookie_test Value: test |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.lytics.io
cdn.mxpnl.com
cdnjs.cloudflare.com
cf-images.us-east-1.prod.boltdns.net
click.email-travelingstocktrader.com
code.jquery.com
dev.visualwebsiteoptimizer.com
edge.api.brightcove.com
fonts.googleapis.com
fonts.gstatic.com
gsdpeazjjf.execute-api.us-east-1.amazonaws.com
gum.criteo.com
house-cloudfront.us-east-1.prod.boltdns.net
manifest.prod.boltdns.net
marketingassets.cloudsna.com
marketshakernews.com
metrics.brightcove.com
players.brightcove.net
rtb-eu.mfadsrvr.com
rtb.mfadsrvr.com
s3.amazonaws.com
secure-prod-assets.s3.amazonaws.com
secure.empirefinancialresearch.com
sslwidget.criteo.com
static.criteo.net
ups.analytics.yahoo.com
vjs.zencdn.net
widget.us.criteo.com
www.google-analytics.com
www.googletagmanager.com
13.111.71.11
13.224.193.146
13.225.74.72
13.226.132.31
178.250.2.151
18.185.192.146
18.195.240.234
2.18.234.122
2001:4de0:ac18::1:a:2b
2600:1901:0:498c::
2600:9000:20eb:1200:5:7a9b:fec0:93a1
2606:4700:20::681a:216
2606:4700:3032::ac43:998f
2606:4700::6810:135e
2606:4700::6810:f51b
2606:4700::6812:1a8
2a00:1450:4001:800::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2008
2a00:1450:4001:831::200a
2a02:2638::1c
2a02:2638::3
2a04:4e42:3::539
2a04:4e42:3::729
3.126.56.137
3.5.0.117
34.96.102.137
35.244.232.184
52.217.82.196
74.119.119.150
013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
09d86cfefba0405146d67ab6ea11e37bcccd4888c569e9967dd6929bc5eace45
0a80b1216d019738d3efccf4788d13fac87c295798eb75d88246b1a3ff927a48
0fb03cbcdc60b7793cccae4c52ae72e87ae9a86323a66c50850dfa7f558a6c88
107d5db6ef6f75ce092d40e3f49e25fbd2ae52d9571c75a81ba5e403420c4738
13fe680d9f1caa168ea0d36483c18ffd452ce852b6d270f50573745daca38e8e
262c4235e948c3755b69cd31333474e2abdf2d28f0d8d332458211436b0241ea
27baa7c8627a7ac5df7d6a2014464090f91368e19d345f0b5cfa9f5bd6ae3205
27ef41c7c9cd30ae17ed595a2a14a3b25d5fd693ea2101c37e4dc9f81bad5212
2b7814ff4095929daa141654f5b08e09087fcf68d00611d0706bce5091cb4d36
30deb0d75d0622b5eef0c7e690fa3dbfc5a1ef10825e5bdf5c1df342c6d83547
358d9f2e6b9cd982c4e3bc049d08adfc3572421f38dde2436505598f06602309
361498302b9c707bb004ca6578cb06d7793a0dbe705f9ca1f7855d1969711946
37fa6661a6e7c186d52ab596843ccdc519b3727dfba110912a03719108cdb2ee
3c2a0b5889e3fc479d2033c7e4ec5bebe65db78c96d59b17d8600aeb28ab2c31
3e89be3e7e81cbe028f7509d0071b08bac6f8a42794c6f2d3259fabef3f8ec31
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4520f86eb317db12c541281b851f631c7621c81eff4a7c986dcbf8014e455804
462d9418372ff78bb0b00d528548a260269a58b76bdb851b25e5a245f886c847
4c47a0bde2683ad2063750abec6c55c2d40397fb1876f6ecc8191911ea8bec64
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
59a3c133e4cac9c2ebcdfa3c933490237b5429628e45402a1ca9c13dc3c7f99c
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389
5d11a5df665c4ef0071b192871c06a7d8ce65bbd99da9d26c483e28e153cac37
5fd89eea9d4407d8e02fa8dcafed9e3c1fdf5930a409c3abc3df9e1f74a85ede
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
63fee3402feed91feae7e1d7d3eb330d76b0432bbe80185ec715c2b34b7da3a4
64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6fb4a5ed73890ce881e4b94a3e971684a44fdead6c1c2a45b31e96ab32de4a
718196a53559c6380e9687c135acaa0b7c8387dcd3a0502b02dfa8293bbb046e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
76c79d3af714cd2570cdee0ff55daf2022f51477a4b5a89de470068280f8ddb1
8085ff4deefedbc5bff592f8b08f4f2eeee2f744aefd78f888a9a274bb4b2253
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867d82bdba22097978ef9807164b30044d315fef0a579eaa092e73e3d167ed7e
8717eadc3b97c75e83d74067e6e042bbca4febc6b6dc4e267b536fb76571b2b5
8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8
8d9467488cac1353edd0bfe37814dd9b01b3ae86a566594eb89e40885e9d8753
8df464ba71d177b566dad9ca693c98a3315a7b1b1696a491f5d0983a8ffb153c
910b9c735ace4ecf379feb5df13a67914b08da934128f4152db91be5468bbda4
98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2
9a382534f1ec7f47774f0bb51fa57c16ddc47778e377b69307090fdbc3dba26b
9fdf7805c71dbcfc3473ed899316a6d44e993f570c4c94fe3569d3432555096d
a87d4fb0b4b9341b96e363be37b3eee8e74d8ec8ad576a37ae0d15a314692b65
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
b4aa1913d5c2150f54b960403bfb0c04619a3d412eb61c25d8ba7e33dfef1580
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bb8a0bbd7a50ec4a691beb78583e5dc6190ffc23c0a9f9c481f5dc600b79381d
bc63628837d25121c9e9bd7f7969d30c9274ba03246888b86daa6875e9a0fa35
c1051689d0db3579820a97b54e9d424bd851f53516cb3ba414cc732f2aa52637
c5a756d81d51dd591fd8f79834b84854eb38ad8907a424ce061e5260af5a53c5
c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0
cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273
d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec03b210980bfa938666244013e56010a2ebca2b1b7a67bef7c9646a6d422427
f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada
fba0a522f78554dc4bacfb984f763e4063eb78c663e8733cc819708cf2142fa1