audidirect.us
Open in
urlscan Pro
75.2.37.149
Public Scan
Submitted URL: http://audidirect.com/
Effective URL: https://audidirect.us/landing
Submission: On January 08 via manual from US — Scanned from DE
Effective URL: https://audidirect.us/landing
Submission: On January 08 via manual from US — Scanned from DE
Summary
This website contacted 25 IPs
in 5 countries
across 30 domains to perform 86 HTTP transactions.
The main IP is 75.2.37.149, located in
United States and
belongs to AMAZON-02, US.
The main domain is audidirect.us.
The Cisco Umbrella rank of the primary domain is 635868.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 11th 2023. Valid for: a year.
This is the only time audidirect.us was scanned on urlscan.io!
TLS certificate: Issued by Amazon RSA 2048 M01 on April 11th 2023. Valid for: a year.
This is the only time audidirect.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
2600:1f16:b2f:b00:3725:bc33:eee:13f8
(Columbus, United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| audidirect.com |
3
75.2.37.149
(United States)
ASN16509 (AMAZON-02, US)
PTR: ab7aa1641c4223cf9.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: ab7aa1641c4223cf9.awsglobalaccelerator.com
| audidirect.us |
15
18.211.229.47
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-229-47.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-229-47.compute-1.amazonaws.com
| prod.flex.cafe | |
| signalr.prod.flex.cafe |
9
2a02:26f0:480:980::1e80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| assets.adobedtm.com |
15
52.51.166.94
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-166-94.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-166-94.eu-west-1.compute.amazonaws.com
| dpm.demdex.net | |
| manheim.demdex.net | |
| adobe.demdex.net |
1
2a02:26f0:480:58b::13b8
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| cdn.optimizely.com |
3
63.140.62.108
(United States)
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-108.data.adobedc.net
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-108.data.adobedc.net
| smetrics.manheim.com |
2
34.253.139.156
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-139-156.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-139-156.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
3
142.250.185.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
| cm.g.doubleclick.net |
12
151.101.66.49
(United States)
ASN54113 (FASTLY, US)
ASN54113 (FASTLY, US)
| rtd.tubemogul.com | |
| rtd-tm.everesttech.net | |
| sync-tm.everesttech.net |
1
35.71.131.137
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| match.adsrvr.org |
1
23.215.22.232
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-232.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-232.deploy.static.akamaitechnologies.com
| servedby.flashtalking.com |
1
34.117.77.79
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
| ml314.com |
2
18.238.243.57
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-57.ams58.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-57.ams58.r.cloudfront.net
| cr-p10060.ladsp.com |
6
104.17.208.240
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| zn9p29wvt2w2aiji9-coxauto.siteintercept.qualtrics.com | |
| siteintercept.qualtrics.com |
1
69.173.144.138
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
2
37.252.171.52
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| ib.adnxs.com |
1
34.98.64.218
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
1
2a03:2880:f176:181:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 313 manheim.demdex.net — Cisco Umbrella Rank: 201613 adobe.demdex.net — Cisco Umbrella Rank: 24882 |
17 KB |
| 15 |
flex.cafe
prod.flex.cafe — Cisco Umbrella Rank: 441234 signalr.prod.flex.cafe — Cisco Umbrella Rank: 507436 |
13 MB |
| 13 |
audioeye.com
wsmcdn.audioeye.com — Cisco Umbrella Rank: 11911 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 7109 analytics.audioeye.com |
256 KB |
| 12 |
everesttech.net
11 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1969 rtd-tm.everesttech.net — Cisco Umbrella Rank: 5343 sync-tm.everesttech.net — Cisco Umbrella Rank: 1396 |
2 KB |
| 9 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 572 |
197 KB |
| 6 |
qualtrics.com
zn9p29wvt2w2aiji9-coxauto.siteintercept.qualtrics.com — Cisco Umbrella Rank: 158986 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1531 |
67 KB |
| 3 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 338 |
1 KB |
| 3 |
manheim.com
smetrics.manheim.com — Cisco Umbrella Rank: 156904 |
865 B |
| 3 |
audidirect.us
1 redirects
audidirect.us — Cisco Umbrella Rank: 635868 |
53 KB |
| 2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 356 |
2 KB |
| 2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194 |
1 KB |
| 2 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 604 |
1018 B |
| 2 |
ladsp.com
2 redirects
cr-p10060.ladsp.com — Cisco Umbrella Rank: 132926 |
956 B |
| 2 |
tubemogul.com
2 redirects
rtd.tubemogul.com — Cisco Umbrella Rank: 13426 |
378 B |
| 2 |
lr-ingest.io
cdn.lr-ingest.io — Cisco Umbrella Rank: 23542 |
193 KB |
| 2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115 |
2 KB |
| 1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
1 KB |
| 1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1555 |
225 B |
| 1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 930 |
264 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 620 |
239 B |
| 1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1593 |
15 KB |
| 1 |
socdm.com
1 redirects
tg.socdm.com — Cisco Umbrella Rank: 2129 |
695 B |
| 1 |
ml314.com
1 redirects
ml314.com — Cisco Umbrella Rank: 3210 |
339 B |
| 1 |
flashtalking.com
1 redirects
servedby.flashtalking.com — Cisco Umbrella Rank: 1579 |
552 B |
| 1 |
quantserve.com
1 redirects
cms.quantserve.com — Cisco Umbrella Rank: 1348 |
490 B |
| 1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594 |
149 B |
| 1 |
optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 853 errors.client.optimizely.com Failed |
86 KB |
| 1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1761 |
7 KB |
| 1 |
audidirect.com
1 redirects
audidirect.com |
786 B |
| 0 |
spotxchange.com
Failed
sync.search.spotxchange.com Failed |
|
| 86 | 30 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| audidirect.us Amazon RSA 2048 M01 |
2023-04-11 - 2024-05-09 |
a year | crt.sh |
| prod.flex.cafe Amazon RSA 2048 M02 |
2023-02-28 - 2024-03-28 |
a year | crt.sh |
| bootstrapcdn.com GTS CA 1P5 |
2023-11-30 - 2024-02-28 |
3 months | crt.sh |
| assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| *.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
| lr-ingest.io E1 |
2023-12-03 - 2024-03-02 |
3 months | crt.sh |
| cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-01 - 2024-09-04 |
a year | crt.sh |
| smetrics.manheim.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-10-03 - 2024-11-02 |
a year | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
| js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-04-13 - 2024-05-14 |
a year | crt.sh |
| *.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-27 - 2024-03-26 |
a year | crt.sh |
| *.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-15 - 2024-03-14 |
a year | crt.sh |
| report-prod.audioeye.com Amazon RSA 2048 M02 |
2023-09-17 - 2024-10-16 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://audidirect.us/landing
Frame ID: 1E617EF17E09F7989D67EE05582BF815
Requests: 63 HTTP requests in this frame
Frame:
https://manheim.demdex.net/dest5.html?d_nsid=0
Frame ID: 60FDB6A2C42B24967C74210185670FBF
Requests: 1 HTTP requests in this frame
Frame:
https://adobe.demdex.net/dest5.html?d_nsid=0
Frame ID: 31E6B811A0C6EC3AF5F1DAFACD2A231D
Requests: 19 HTTP requests in this frame
Frame:
https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=226ebee
Frame ID: 96AAD189A85465AE133862185C606CAB
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Audi DirectPage URL History Show full URLs
-
http://audidirect.com/
HTTP 302
https://audidirect.us/ HTTP 302
https://audidirect.us/landing Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
LogRocket
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.lr-ingest\.io
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
Optimizely
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- optimizely\.com.*\.js
PubMatic
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://audidirect.com/
HTTP 302
https://audidirect.us/ HTTP 302
https://audidirect.us/landing Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1704754917580 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1704754917580
- https://cm.everesttech.net/cm/dd?d_uuid=56812159146224702122243532381403766643 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZx_5gAAAIZzfgN6
- https://cm.everesttech.net/cm/dd?d_uuid=44641452793147074961686781570358804205 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZx_5gAAAEWxPgNe
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDQ2NDE0NTI3OTMxNDcwNzQ5NjE2ODY3ODE1NzAzNTg4MDQyMDU= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDQ2NDE0NTI3OTMxNDcwNzQ5NjE2ODY3ODE1NzAzNTg4MDQyMDU=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBL5zJjaHCHCoyrUyuO8tQg&google_cver=1?gdpr=0&gdpr_consent=
- https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZZx_5gAAAEWxPgNe
- https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=NlEjbjcBfzstUSJuMgE3bDJWfGktAiM-YQHO_XgK
- https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=3047&dpuuid=585157A670583D&gdpr=0&gdpr_consent=
- https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
- https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3641216504337268796
- https://cr-p10060.ladsp.com/pid/10060 HTTP 302
- https://cr-p10060.ladsp.com/cr/10060 HTTP 302
- https://dpm.demdex.net/ibs:dpid=57289&dpuuid=ATaj_CAMgdKjks8AED1M9KJyPM0nTA
- https://tg.socdm.com/aux/idsync?proto=adobeam HTTP 302
- https://dpm.demdex.net/ibs:dpid=61283&dpuuid=ZZx.58Co5ukAAG3lNX4AAAAA
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZZx_5gAAAEWxPgNe
- https://rtd.tubemogul.com/migrate_et3/ HTTP 302
- https://rtd-tm.everesttech.net/migrate_et3/
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wlp4XzVnQUFBRVd4UGdOZQ==
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZZx_5gAAAEWxPgNe&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZx_5gAAAEWxPgNe HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZx_5gAAAEWxPgNe&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=ZZx_5gAAAEWxPgNe HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZZx_5gAAAEWxPgNe
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZx_5gAAAEWxPgNe
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZZx_5gAAAEWxPgNe
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZZx_5gAAAEWxPgNe&img=1
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZZx_5gAAAEWxPgNe&t=2592000&o=0
86 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
landing
audidirect.us/ Redirect Chain
|
53 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
global.bundle.css
prod.flex.cafe/content/shared/css/ |
1 MB 330 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
skin.css
prod.flex.cafe/content/skins/audi/css/ |
378 KB 376 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-EN54f2ba75a0d2456c9b6a76794f4d72be.min.js
assets.adobedtm.com/ |
785 KB 177 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shared.bundle.js
prod.flex.cafe/content/shared/js/ |
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
public.bundle.js
prod.flex.cafe/content/public/js/ |
414 KB 160 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
25 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
3 KB 989 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
a863e886-8bfe-49a4-8015-0cc0d76bbb3e
https://audidirect.us/ |
19 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
ping
prod.flex.cafe/api/v1/auth/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Org-VCI
audidirect.us/resource/text/en-US/ |
16 KB 16 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ping
prod.flex.cafe/api/v1/auth/ |
214 B 422 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
getsession
prod.flex.cafe/api/v1/auth/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
getsession
prod.flex.cafe/api/v1/auth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
dpm.demdex.net/ |
366 B 912 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ |
34 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
LogRocket.min.js
cdn.lr-ingest.io/ |
111 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rd
dpm.demdex.net/id/ Redirect Chain
|
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
24685280250.js
cdn.optimizely.com/js/ |
274 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
getlandingpageimages
prod.flex.cafe/api/v1/org/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
getpubliccontenttemplates
prod.flex.cafe/api/v1/post/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
getlandingpageimages
prod.flex.cafe/api/v1/org/ |
717 B 937 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
getpubliccontenttemplates
prod.flex.cafe/api/v1/post/ |
134 B 354 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC68a1b4c8057347f5b62e78e302b2f6b7-source.min.js
assets.adobedtm.com/a162b9a7e516/fa8985725664/4b5ed181ee3e/ |
590 B 567 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCe72ec4d6544f40f7810aacbfd0ba4b5f-source.min.js
assets.adobedtm.com/a162b9a7e516/fa8985725664/4b5ed181ee3e/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logger-1.min.js
cdn.lr-ingest.io/ |
827 KB 164 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dest5.html
manheim.demdex.net/ Frame 60FD |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.manheim.com/ |
48 B 456 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=411&dpuuid=ZZx_5gAAAIZzfgN6
dpm.demdex.net/ Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dest5.html
adobe.demdex.net/ Frame 31E6 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.manheim.com/ |
48 B 208 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=411&dpuuid=ZZx_5gAAAEWxPgNe
dpm.demdex.net/ Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=771&dpuuid=CAESEBL5zJjaHCHCoyrUyuO8tQg&google_cver=1
dpm.demdex.net/ Frame 31E6 Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Audi_LandingImage_4.jpg
prod.flex.cafe/content/shared/img/audi/ |
11 MB 11 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCb766bbc03a374ceb8088cd97a3bfa90b-source.min.js
assets.adobedtm.com/a162b9a7e516/fa8985725664/4b5ed181ee3e/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
s7942200614524
smetrics.manheim.com/b/ss/mhiprod/1/JS-2.25.0-LDQM/ |
43 B 201 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
prod.flex.cafe/content/shared/img/audi/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
27 KB 27 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
70364bf6-31fe-4145-a5f0-1362688f5d87
https://audidirect.us/ |
461 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=782&dpuuid=ZZx_5gAAAEWxPgNe
dpm.demdex.net/ Frame 31E6 Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 31E6 |
70 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=1175&&dpuuid=NlEjbjcBfzstUSJuMgE3bDJWfGktAiM-YQHO_XgK
dpm.demdex.net/ Frame 31E6 Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=3047&dpuuid=585157A670583D&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 31E6 Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=22052&dpuuid=3641216504337268796
dpm.demdex.net/ Frame 31E6 Redirect Chain
|
42 B 718 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=57289&dpuuid=ATaj_CAMgdKjks8AED1M9KJyPM0nTA
dpm.demdex.net/ Frame 31E6 Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=61283&dpuuid=ZZx.58Co5ukAAG3lNX4AAAAA
dpm.demdex.net/ Frame 31E6 Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=782&dpuuid=ZZx_5gAAAEWxPgNe
dpm.demdex.net/ Frame 31E6 Redirect Chain
|
42 B 718 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS |
log
errors.client.optimizely.com/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nr-spa-1184.min.js
js-agent.newrelic.com/ |
37 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
negotiate
signalr.prod.flex.cafe/api/v1/signalr/connect/ |
406 B 752 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC9c3ef1d344e6402eabf5092c16656d19-source.min.js
assets.adobedtm.com/a162b9a7e516/fa8985725664/4b5ed181ee3e/ |
813 B 653 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zn9p29wvt2w2aiji9-coxauto.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RCae4c7ba21690453e8dd2e76088516e49-source.min.js
assets.adobedtm.com/a162b9a7e516/fa8985725664/4b5ed181ee3e/ |
1 KB 836 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC8d6fde8a72fb4ebeb74d77c4293c2ad0-source.min.js
assets.adobedtm.com/a162b9a7e516/fa8985725664/4b5ed181ee3e/ |
837 B 715 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
log
errors.client.optimizely.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
rtd-tm.everesttech.net/migrate_et3/ Frame 31E6 Redirect Chain
|
0 58 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5e7c6abb2b
bam.nr-data.net/1/ |
56 B 617 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aem.js
wsmcdn.audioeye.com/ |
1 KB 694 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
12.d4c11cd65f6f6fc513bb.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
72 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 31E6 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 31E6 Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
10 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rum
dsum-sec.casalemedia.com/ Frame 31E6 Redirect Chain
|
43 B 336 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.js
wsv3cdn.audioeye.com/ |
56 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
101 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bounce
ib.adnxs.com/ Frame 31E6 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7.c677f83c9eec0bfd12b3.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.222db855180bcd258b60.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 31E6 Redirect Chain
|
43 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
5e7c6abb2b
bam.nr-data.net/events/1/ |
24 B 401 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 31E6 Redirect Chain
|
0 225 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
start
signalr.prod.flex.cafe/api/v1/signalr/connect/ |
25 B 371 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.js
wsv3cdn.audioeye.com/v2/scripts/ |
33 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
startup.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ |
428 KB 115 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
partner
sync.search.spotxchange.com/ Frame 31E6 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b.php
www.facebook.com/fr/ Frame 31E6 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
smartrems.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ |
135 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tangoEngine.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ |
108 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookieStorage.html
wsv3cdn.audioeye.com/v2/frame/ Frame 96AA |
813 B 590 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
send
analytics.audioeye.com/air/v0/ |
0 61 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1856.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ |
372 B 296 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3772.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ |
480 B 335 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5121.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ |
382 B 310 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
874.bundle.226ebee.js
wsv3cdn.audioeye.com/v2/build/ |
193 B 224 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- prod.flex.cafe
- URL
- https://prod.flex.cafe/api/v1/auth/getsession?_=1704754917388
- Domain
- errors.client.optimizely.com
- URL
- https://errors.client.optimizely.com/log
- Domain
- errors.client.optimizely.com
- URL
- https://errors.client.optimizely.com/log
- Domain
- sync.search.spotxchange.com
- URL
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZZx_5gAAAEWxPgNe&img=1
Verdicts & Comments Add Verdict or Comment
124 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture object| NREUM object| newrelic function| __nr_require object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| flex object| odometerOptions function| BootstrapTable function| TableHeaderColumn function| InsertModalHeader function| InsertModalBody function| InsertModalFooter function| InsertButton function| DeleteButton function| ShowSelectedOnlyButton function| ExportCSVButton function| ClearSearchButton function| SearchField function| ButtonGroup function| SizePerPageDropDown function| iFrameResize function| ApiRequest function| FlexApiRequest object| __environment function| jQuery object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| appEventData boolean| consoleSiteCodeWarn object| mediaAnalytics function| alloy object| __alloyNS object| webData function| UAParser function| getPageName object| analyticsSupportFunctions object| internalAnalyticsFunctions function| trim function| trimLc function| scTrackPage function| crossVisitParticipation function| flattenToString function| parseListData function| flattenToString2 function| parentKeysOrEmptyString function| flattenShallowArrayToString string| item string| arg object| _tpDST function| parseSRPData object| __decipher object| decipher number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s function| getGeoCoordinates function| cleanStr function| getResponsiveLayout function| getTimeParting function| getNewRepeat object| webDataDecipher function| inList function| cookieWrite function| cookieRead string| g string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ object| LogRocket object| optimizely function| registerFyusionViewerWithAdobe undefined| decipherRuleName number| a object| s_i_mhiprod function| _LRLogger boolean| _lr_loaded number| linkName undefined| regionName string| AMClickName object| QSI object| qualtricsEmbeddedData string| audioEyeSiteHash string| __AudioEyeSiteHash object| WAFQualtricsWebpackJsonP-cloud-1.104.0 boolean| __audioEyeInitialized function| readyCallback object| _qsie object| __audioEyeContext boolean| __audioEyeRunnerComplete number| __AudioEyeInitialLoadTime object| __AudioEyePerformance string| aecb string| pscb function| ae_choose function| ae_loadScript function| loaderFunction function| $ae function| ae_jQuery29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .audidirect.us/ | Name: s_plt Value: 2.52 |
|
| .audidirect.us/ | Name: s_pltp Value: undefined |
|
| .audidirect.us/ | Name: s_gpv Value: audidirect%2Flanding%2F |
|
| .audidirect.us/ | Name: s_ips Value: 1200 |
|
| .audidirect.us/ | Name: s_tp Value: 1200 |
|
| .audidirect.us/ | Name: s_ppv Value: audidirect%252Flanding%252F%2C100%2C100%2C1200%2C1%2C1 |
|
| .audidirect.us/ | Name: AMCVS_130C4673527845910A490D45%40AdobeOrg Value: 1 |
|
| .demdex.net/ | Name: demdex Value: 44641452793147074961686781570358804205 |
|
| .audidirect.us/ | Name: AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg Value: 1 |
|
| .audidirect.us/ | Name: s_cc Value: true |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZZx_5gAAAEWxPgNe |
|
| .dpm.demdex.net/ | Name: dpm Value: 44641452793147074961686781570358804205 |
|
| .audidirect.us/ | Name: AMCV_130C4673527845910A490D45%40AdobeOrg Value: 179643557%7CMCIDTS%7C19731%7CMCMID%7C47607178569870306581433390139029337013%7CMCAAMLH-1705359717%7C6%7CMCAAMB-1705359717%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1704762117s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19738%7CvVersion%7C5.5.0 |
|
| .audidirect.us/ | Name: AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg Value: 179643557%7CMCIDTS%7C19731%7CMCMID%7C44482165721822783101666419804154432099%7CMCAAMLH-1705359717%7C6%7CMCAAMB-1705359717%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1704762117s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19738%7CvVersion%7C5.5.0 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlVK75go8ZXBkozaf7zY423bAZGb2uCibWD95eE5oMGalcaFNj6dzQBiGjdF4E |
|
| .quantserve.com/ | Name: d Value: EK0BDAHtKrmvYA |
|
| .quantserve.com/ | Name: mc Value: 659c7ee6-58c2e-a22fd-f93ae |
|
| .flashtalking.com/ | Name: flashtalkingad1 Value: "GUID=585157A670583D" |
|
| .ladsp.com/ | Name: cr Value: 1 |
|
| .audidirect.us/ | Name: decipherSession Value: cpurl%3Dhttps%3A%2F%2Faudidirect.us%2Flanding |
|
| .casalemedia.com/ | Name: CMID Value: ZZx.6PSG94BDGqE6x.yNdwAA |
|
| .casalemedia.com/ | Name: CMPS Value: 3381 |
|
| .casalemedia.com/ | Name: CMPRO Value: 3381 |
|
| .adnxs.com/ | Name: uuid2 Value: 6983656418409592627 |
|
| .nr-data.net/ | Name: JSESSIONID Value: e6d7ddf249c1e8b7 |
|
| .adnxs.com/ | Name: XANDR_PANID Value: N76D_mCiw9459rAxyrRZ6xcdJJj4Hm_A-H2WJFP1q9V7aez3p18epyrSG10X7V4Zt3RAHrQ0Wzuqf4llVK2HnxrS6H0Esa4fEQ6zSLkioNw. |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2E?^u_'e-!]tbPl1MwL(!R7qUY#QP:H-CKYWJX#K]]r2CePt#cI?*6<QG=%9sk?bIRwi:w9Ld1Ig<A7_pSf?(lOfM!wywP+4vsm |
|
| .ladsp.com/ | Name: smn_uid Value: 1f1489SY4LQmE4WsHGFa4hA9TPSicjw |
|
| .demdex.net/ | Name: dextp Value: 771-1-1704754917948|782-1-1704754918049|903-1-1704754918149|1175-1-1704754918249|3047-1-1704754918350|22052-1-1704754918451|57289-1-1704754918551|61283-1-1704754918652|144228-1-1704754918752|144229-1-1704754920086|144230-1-1704754920186|144231-1-1704754920287|144232-1-1704754920387|144233-1-1704754920488|144234-1-1704754920588|144235-1-1704754920689|144236-1-1704754920790|144237-1-1704754920890 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adobe.demdex.net
analytics.audioeye.com
assets.adobedtm.com
audidirect.com
audidirect.us
bam.nr-data.net
cdn.lr-ingest.io
cdn.optimizely.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
cr-p10060.ladsp.com
dpm.demdex.net
dsum-sec.casalemedia.com
errors.client.optimizely.com
fonts.googleapis.com
ib.adnxs.com
image2.pubmatic.com
js-agent.newrelic.com
manheim.demdex.net
match.adsrvr.org
maxcdn.bootstrapcdn.com
ml314.com
pixel.rubiconproject.com
prod.flex.cafe
rtd-tm.everesttech.net
rtd.tubemogul.com
servedby.flashtalking.com
signalr.prod.flex.cafe
siteintercept.qualtrics.com
smetrics.manheim.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tg.socdm.com
us-u.openx.net
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.facebook.com
zn9p29wvt2w2aiji9-coxauto.siteintercept.qualtrics.com
errors.client.optimizely.com
prod.flex.cafe
sync.search.spotxchange.com
104.17.208.240
142.250.185.130
151.101.194.137
151.101.66.49
162.247.241.14
172.64.151.101
18.211.229.47
18.238.243.57
198.47.127.205
211.120.53.205
23.215.22.232
2600:1f16:b2f:b00:3725:bc33:eee:13f8
2606:4700::6812:1c9b
2606:4700::6812:1d9b
2606:4700::6812:acf
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:82b::200a
2a02:26f0:480:58b::13b8
2a02:26f0:480:980::1e80
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
34.117.77.79
34.253.139.156
34.98.64.218
35.71.131.137
35.84.114.180
37.252.171.52
52.51.166.94
63.140.62.108
69.173.144.138
75.2.37.149
0254c443606200384ae5a3217a7934a9df2a2ce7cef0aa607ccf925a1d5bf2bc
04107434fba57146b3d431fc5affd56e49c174c48014e21dafa3b547e1fa7efc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be6b4d491d98d78771d25adc7af56fb417a8b841de67a49f59e3071edb09246
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
16864b3be81d2edf46c22f0ef1701b0b5328867e2528fbed325943de0f35accf
1cc2b6a4619d7d8dcc0266766571dfde15ef532f249845509c823583b578767b
1edc6090fdd977907affc372b84db4d4a5fa78f625ed1aca3363a4b38078c02f
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
2dd4ab869f39a276a4ff7f66d6412c2f157bb981a51ddc036ba5d21ee2f725f9
2f03812040eb99860094842f6927915d9f7b2957fd6880a9cade057761d7b22a
309d014ace18d95d83e4d5b5ffa0cf56db53eec25200b702fab8be54d862ee4e
3544f4831cde88e4e4bf43e2b1ab175f6ad8bb2c2599a950b9ee7480fe418796
49b56be5f9301b8299d1c6528b53ab55e382eddb2a7e4d7bea8ecd9ecf7adf6f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd246d6240a7d156830950a9bbee2121c5e62fdb76dd84d82d838fbf143cc5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1bc6d2ef60d701eae8d697ded42adc11642c299b3406a617b9ab3be6fabcf1
52dc8f0112859181b5e371aac9506c2753a48755e5f57c0a76b5e6f6a2193391
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55054dcedfeacfa6740438956a10cb1c7a8acfcdc642ea9cf91131ca4b93f3a4
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
680fcd85850906013938750127753f37f17bf6c45b49e7a58a5ade0fd0e84377
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6cc57cfc68f5635bb63a3e2fc7792cf5768065c3493c02fbf4ce3a4e07707a47
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
74df639b68d0c29ab68610e7d617f7129633ed4d118f8604c6017f5b7c94c850
769b215dba061d68d3c08ade143566bfc4a1ee0b4331e9d726c558f32277dfac
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
802de543fa4d782611da2c3676e620c19143aece817bbb52e8c14dd660e36ceb
849ef2f2291c62732e7e4cd98b1d944b49ca3e8172adb51e5cffda33339f9c1b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
966c5e8a5604b42d2b28fad9cb3395b4f5b522fed23752da420f0c2d7fe464fd
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
a1a4f04502f1bdfabfb988b34bf0abc99cc630c8fefd9d7128ef128dd0b63369
aceec9f1a79535561f9fc4d15e038eae5675fdd0e8cfee0657c4caa40a579d1a
b140159073eae1fbfb0c02be70cde66f749168d6205005d4761426bfefc434b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5742b6e4d6e02d73a6b61c00ca0b9fd5ec57331c850b963ce31e54c5b7503fd
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
c0b6d8baba82ee738e13f6a77c5acc2a6f3929a0fe336c13731263a77fdf4b40
c1b51a7ffd806a4edd7a0e2f4fff87f909bb6b71e5cfc24e807ecba0b4d2fd0b
c439891e9ca959c88a76af5bf4ffcf654f0e031d45d609046cf78d4a20900471
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
c7bfe654f8af21d1b1a587fd727c0d4c09b51ddbe8d8c86b23e0615e689ad1e3
cc39816977b7555eb156730f23aa7b0c8ee2dd016942594714ab612f8cfe6fcb
cdf7a32f12d272b172b90defe364d0c0ba51e78b7f2f87546708056282771af2
cff2d5da4c3aac6efc7b8842df6480b61e411b8d73dda8586942368d3c94e3a2
d484241d7a32916bba0fe284a8b75077edb5fc8417ba793977cde377ead3b519
d6581683cf6b7c8ed9b43bdf30f84d354e494c314108e9e0a381383cd4c7ef6c
d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7
d82afcafaad975b153b195e797408d5981782542d49debe01cbbdc912c40a88e
d8f70cac1e76ac3280748596cd660c82dcc7f272ac04699ca9a2fd92f8a09b7e
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de0bf4f84ed22c961a946ad19864d327aca611b47a3ab15e79387470e9cf82ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75e7b1eea77f8e0ff83657ee15bab24a4089434701c0ea42cfe0403b35fa5ec
e92e4432090d41a6444853dfc63091062a38ce4bea2fd35efa8f394c66a3f2f7
eb4d0c11feef144e18eaef5abf2635d772590bf0f28ff3016829fd7bac5b7078
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ec065a844b4be0a42913b9ba9b32757576fba278a1ebac0bbb4c3f1688e98
f298187ce93fabbae60655471d3fc920cc7aba4abfb87267220395af15659fc5
f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9
f93a2530316d454e4065e72d4c08b3751b5c156bebfc98b389a328174e450415
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
ff842a2aa19b4dafae52029bb46020b549982a3b16c2134652424cb98f1beb66