itshandsdown.com
Open in
urlscan Pro
35.233.136.169
Public Scan
Submission: On February 06 via manual from KG — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 4th 2022. Valid for: 3 months.
This is the only time itshandsdown.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 169.136.233.35.bc.googleusercontent.com
itshandsdown.com |
ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com | |
forms-na1.hsforms.com |
ASN15169 (GOOGLE, US)
www.googleoptimize.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-77.ams1.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-92-30.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-52.ams1.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
gtm-pbcml2g-ytazy.uc.r.appspot.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-104.ams54.r.cloudfront.net
vars.hotjar.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com
ct.pinterest.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-37-119.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-27-162.eu-west-1.compute.amazonaws.com
content.hotjar.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
itshandsdown.com
itshandsdown.com |
285 KB |
6 |
gstatic.com
fonts.gstatic.com |
118 KB |
5 |
pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 779 |
3 KB |
4 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 776 |
82 KB |
4 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 620 script.hotjar.com — Cisco Umbrella Rank: 815 vars.hotjar.com — Cisco Umbrella Rank: 855 in.hotjar.com — Cisco Umbrella Rank: 1661 |
72 KB |
4 |
hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 3843 forms-na1.hsforms.com — Cisco Umbrella Rank: 6017 |
4 KB |
4 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 |
4 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 107 |
265 B |
3 |
appspot.com
gtm-pbcml2g-ytazy.uc.r.appspot.com |
2 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456 |
20 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
223 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
2 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146 |
136 KB |
2 |
pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 724 |
21 KB |
1 |
mixpanel.com
api-js.mixpanel.com |
371 B |
1 |
hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6598 |
161 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 5986 |
455 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
455 B |
1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 623 |
394 B |
1 |
t.co
t.co — Cisco Umbrella Rank: 531 |
375 B |
1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 625 |
15 KB |
1 |
googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 925 |
44 KB |
1 |
mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 2931 |
18 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359 |
3 KB |
1 |
hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 5772 |
159 KB |
86 | 25 |
Domain | Requested by | |
---|---|---|
30 | itshandsdown.com |
itshandsdown.com
|
6 | fonts.gstatic.com |
fonts.googleapis.com
|
5 | ct.pinterest.com |
s.pinimg.com
itshandsdown.com |
4 | analytics.tiktok.com |
itshandsdown.com
analytics.tiktok.com |
4 | fonts.googleapis.com |
itshandsdown.com
|
3 | www.facebook.com |
itshandsdown.com
|
3 | gtm-pbcml2g-ytazy.uc.r.appspot.com |
www.googletagmanager.com
|
3 | forms.hsforms.com |
js.hsforms.net
itshandsdown.com |
3 | www.googletagmanager.com |
itshandsdown.com
www.googletagmanager.com |
2 | connect.facebook.net |
itshandsdown.com
connect.facebook.net |
2 | s.pinimg.com |
www.googletagmanager.com
s.pinimg.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | api-js.mixpanel.com |
cdn.mxpnl.com
|
1 | content.hotjar.io |
script.hotjar.com
|
1 | www.google.de |
itshandsdown.com
|
1 | www.google.com |
itshandsdown.com
|
1 | in.hotjar.com |
script.hotjar.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | analytics.twitter.com |
itshandsdown.com
|
1 | t.co |
itshandsdown.com
|
1 | forms-na1.hsforms.com |
itshandsdown.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | www.googleoptimize.com |
www.googletagmanager.com
|
1 | cdn.mxpnl.com |
itshandsdown.com
|
1 | cdn.jsdelivr.net |
itshandsdown.com
|
1 | js.hsforms.net |
itshandsdown.com
|
86 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
app.itshandsdown.com |
www.facebook.com |
www.instagram.com |
pin.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
itshandsdown.com R3 |
2022-12-04 - 2023-03-04 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-15 - 2023-06-15 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2022-07-11 - 2023-07-28 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
*.hotjar.com Amazon |
2022-10-25 - 2023-11-23 |
a year | crt.sh |
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-28 - 2023-08-08 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-11-15 - 2023-02-13 |
3 months | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2022-12-15 - 2024-01-15 |
a year | crt.sh |
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.appspot.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.hotjar.io Amazon |
2022-11-28 - 2023-12-26 |
a year | crt.sh |
*.mixpanel.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-03-28 - 2023-04-28 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://itshandsdown.com/
Frame ID: 9C8D26CB0AF9C9FF3285FBD0FDF7192B
Requests: 83 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 00735D81BAAA8894E6E8F75230B01760
Requests: 1 HTTP requests in this frame
Frame:
https://ct.pinterest.com/ct.html
Frame ID: EFD7403DAE2D13E0E8414086076D3635
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: A825DB5743DC7C5F815DDEEDF556F7A2
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Get StartedDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Optimize (A/B Testing) Expand
Detected patterns
- googleoptimize\.com/optimize\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Join Now!
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Explore
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
86 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
itshandsdown.com/ |
55 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
itshandsdown.com/wp-includes/css/dist/block-library/ |
93 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
classic-themes.min.css
itshandsdown.com/wp-includes/css/ |
217 B 366 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/css/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing-page-v2.css
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/css/ |
54 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hands-Down-Logo.svg
itshandsdown.com/wp-content/uploads/2022/05/ |
15 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newProfile1.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newbook1.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
744 B 946 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newten1.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newshareit1.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsave1.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newarchive1.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Handsdown_PartyGamenews1.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
19 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2.js
js.hsforms.net/forms/ |
505 KB 159 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.svg
itshandsdown.com/wp-content/uploads/2022/05/ |
560 B 568 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram.svg
itshandsdown.com/wp-content/uploads/2022/05/ |
506 B 549 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pinrest.svg
itshandsdown.com/wp-content/uploads/2022/05/ |
1 KB 831 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@17.8.3/dist/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
itshandsdown.com/wp-includes/js/jquery/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/js/ |
49 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
itshandsdown.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 594 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 690 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
17 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
276 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
50 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tss5ApVBdCYD5Q7hcxTE1ArZ0Zz8oY2KRmwvKhhvLFG6o3ms.woff2
fonts.gstatic.com/s/archivonarrow/v28/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bigpop2.svg
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bigscreen.svg
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bigpop4.svg
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Giftingbig.svg
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/img/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
giftfrying.svg
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
forms.hsforms.com/embed/v3/form/20967412/c419e754-45a5-4b7a-864f-d755fb69ba8d/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
forms.hsforms.com/embed/v3/form/20967412/c419e754-45a5-4b7a-864f-d755fb69ba8d/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GTWalsheimPro-Medium.woff
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/font/ |
58 KB 59 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Phone_Illustration_Rehoboths.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Person-pinknew.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
826 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
connect-friendsnews.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Phone_Illustration_Recipenews1.webp
itshandsdown.com/wp-content/uploads/2022/09/ |
23 KB 23 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize.js
www.googleoptimize.com/ |
110 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2979052.js
static.hotjar.com/c/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
s.pinimg.com/ct/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
106 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
172 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
184 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
218 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
581157979806751
connect.facebook.net/signals/config/ |
378 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
counters.gif
forms.hsforms.com/embed/v3/ |
35 B 392 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buffalo-regular-webfont.woff2
itshandsdown.com/wp-content/themes/handsdown-wp-v2/library/font/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
counters.gif
forms-na1.hsforms.com/embed/v3/ |
35 B 438 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 375 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 394 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.bca0d1c28285412bb689.js
script.hotjar.com/ |
260 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.73589e70.js
s.pinimg.com/ct/lib/ |
56 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10904995822/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
gtm-pbcml2g-ytazy.uc.r.appspot.com/g/ |
65 B 561 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
gtm-pbcml2g-ytazy.uc.r.appspot.com/g/ |
0 555 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-e031119f9e9e307a08fa610f85dbfb52.html
vars.hotjar.com/ Frame 0073 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 346 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/user/ |
533 B 855 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/user/ |
533 B 855 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/v3/ |
35 B 333 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/2979052/ |
148 B 323 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify.js
analytics.tiktok.com/i18n/pixel/ |
114 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
analytics.tiktok.com/i18n/pixel/ |
872 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/10904995822/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/10904995822/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
content.hotjar.io/ |
56 B 161 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ct.pinterest.com/v3/ |
35 B 580 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 688 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ct.html
ct.pinterest.com/ Frame EFD7 |
565 B 591 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ Frame A825 |
0 49 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.mixpanel.com/track/ |
25 B 371 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
gtm-pbcml2g-ytazy.uc.r.appspot.com/g/ |
65 B 477 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontentvisibilityautostatechange object| _wpemojiSettings object| dataLayer object| mixpanel object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady function| LazyLoad object| lazyLoadInstance undefined| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq function| hj object| _hjSettings function| pintrk function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| CopyToClipboard string| current_url function| getCookie function| checkCookie object| twemoji object| wp object| regeneratorRuntime object| twttr object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| google_optimize object| gaGlobal object| gaData function| gtag object| GooglebQhCsO function| onYouTubeIframeAPIReady object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| tagConfig21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.itshandsdown.com/ | Name: mp_3da571f17e542953c8ca4f38cd178243_mixpanel Value: %7B%22distinct_id%22%3A%20%2218625ad76741e7-012b9721522024-60325d57-1d4c00-18625ad76759ec%22%2C%22%24device_id%22%3A%20%2218625ad76741e7-012b9721522024-60325d57-1d4c00-18625ad76759ec%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
.itshandsdown.com/ | Name: _gcl_au Value: 1.1.333164645.1675669371 |
|
.itshandsdown.com/ | Name: _gid Value: GA1.2.1910662804.1675669371 |
|
.itshandsdown.com/ | Name: _gat_UA-213166260-1 Value: 1 |
|
.itshandsdown.com/ | Name: _ga Value: GA1.1.691518939.1675669371 |
|
.itshandsdown.com/ | Name: _ga_ESM795J71X Value: GS1.1.1675669371.1.1.1675669371.0.0.0 |
|
.itshandsdown.com/ | Name: _fbp Value: fb.1.1675669371067.1419431710 |
|
.t.co/ | Name: muc_ads Value: edabe93e-a1ee-4a40-a2fc-2e30383d2ad4 |
|
.twitter.com/ | Name: personalization_id Value: "v1_gQMjvyONJM7sx1kEvYOgkg==" |
|
.itshandsdown.com/ | Name: _hjSessionUser_2979052 Value: eyJpZCI6ImE4MDRiMjdhLWY3ZDUtNTZmNC1iZjgwLWQyMjU4NmJiZDY0YSIsImNyZWF0ZWQiOjE2NzU2NjkzNzExMDksImV4aXN0aW5nIjpmYWxzZX0= |
|
.itshandsdown.com/ | Name: _hjFirstSeen Value: 1 |
|
itshandsdown.com/ | Name: _hjIncludedInSessionSample Value: 1 |
|
.itshandsdown.com/ | Name: _hjSession_2979052 Value: eyJpZCI6IjlhZGEyZjNlLTk5MDctNGRiOS1iMDMzLTJmZTIzZTYzZmVmMiIsImNyZWF0ZWQiOjE2NzU2NjkzNzExNjMsImluU2FtcGxlIjp0cnVlfQ== |
|
itshandsdown.com/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.itshandsdown.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.itshandsdown.com/ | Name: _pin_unauth Value: dWlkPU5XSTJaalZpWkRVdE1HWTJOUzAwWTJSbUxUazFNbVl0T1dNNVkyVmlZakV6WkdOaQ |
|
.tiktok.com/ | Name: _ttp Value: 2LM80vnBX5gs2jHH6KjZ7EPPQB8 |
|
.itshandsdown.com/ | Name: _tt_enable_cookie Value: 1 |
|
.itshandsdown.com/ | Name: _ttp Value: TQFpUxELuoPMm5DB56tSQ8IQ5hJ |
|
.ct.pinterest.com/ | Name: _pinterest_ct_ua Value: "TWc9PSY2NUNKQU1OazBGcXRic2xtMmtXK2JEL0FjbXVGZnRYemNuWnZRZkg5MWFFZFpONXhkNk9nNWZ6OEN1c2VrKy9POUp5QzVqKzVkYys0S3pGNGhlaUdKL21qT3lEcXNZaVJvZVZEK1VFRzc5UT0mbnEyZW1DWlM5K2dwNTJtYXhicEFEZXA1enhnPQ==" |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
analytics.twitter.com
api-js.mixpanel.com
cdn.jsdelivr.net
cdn.mxpnl.com
connect.facebook.net
content.hotjar.io
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
googleads.g.doubleclick.net
gtm-pbcml2g-ytazy.uc.r.appspot.com
in.hotjar.com
itshandsdown.com
js.hsforms.net
region1.google-analytics.com
s.pinimg.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
104.244.42.67
104.244.42.69
108.156.60.77
13.227.219.104
18.65.39.52
199.232.16.157
2001:4860:4802:32::36
23.62.220.203
2600:1901:0:bc29::
2606:4700::6810:5505
2606:4700::6811:b649
2a00:1450:4001:800::200e
2a00:1450:4001:809::2014
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9b
2a00:1450:400d:806::2008
2a00:1450:400d:808::2003
2a00:1450:400d:80c::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:41::84
2a04:4e42:600::485
34.241.37.119
35.186.241.51
35.233.136.169
52.30.27.162
88.221.92.30
01301fb85c9b13161f1b30546f132ae71dc74243a7e5417c8b291b573b9f41c4
04601b83f5f30e9b84570e2af6463b937dcce4def6ccddb2e944da6e9a71e2d6
04ce853d625412686c8ca3ef2ed13b4f0c569d44630d10dd9175afee9ee94be2
07664fd6a9195b3edd30b67c88838d1322752e5ae983c4bca5ae5fad4b6b4f34
0f082d8a6132e2105b24687e64789dd865dfbd27650004214e76eb79c21fc4ef
10ce4eebad658d110390362de166c6a45b6c121d0c629adba8efcd323eeea58f
11418ed3449e025805be6bd22832d16d8a9795eee007dafc3cc51f8bc669d230
139b9dc67908833abc4865f62cc6872668264d754b50eded9b9a1ed5dfc683d7
1f2360f56dedf6994756f1f2cb56d499274538169d2f347b89bbf2a9e99a120e
1f879d22359cf3f47b73a661fa51e39b264cdfb37fc34fe1944abf5553f117f6
24c4a769988307213accf47bc8188db4ad99730a6ce4b394fc718703c9551106
26abbed0a0564d19f79e52fa8e5618d22543a606e7808fb62e14e0844ec55d80
2dc45c076718e8dda9f4183e4cbc361f8304664f495a36f9a907b78b2732097d
3209c2546edf5e8daa461c9da71d6e1beb948f3b7119bea0b4b705e63a9dedb4
33024d4c4fb42360df1d0518b959c8efbe9647c0b0fb798dc16066af2f8dfe5c
34e0b6846da3a1a7bfed9583041bc00b3b7f8d6fd66d7b29186a283c9717cd20
36fc7793fa84b62fdae1e0ab8dcd935f165bcdad5196220ce9deaf089816a09c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
41992046ae2075423f7dc9aabf3096c77459ffda0a9dc9e71784b1317b7956e7
501f3b99ed6581ff48a65b598beda5a5d9067d354277ca6100d9662c0c7550bb
5394fb3bc4a771616937b9eb7f501ee29cc9498eae3a971e6d64d6cee5c8b0d7
5736f20e2a413433b3af338e6cccd1318197981ce66e68ac810e723ccbf9c10c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a30930501e8431e499624955938694e58134890f1fa38b796156dcfb0412aa9
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
60bb80b88ea41a3c0ad6351c02e16bdb2444d765da19bfe7ffbc6886197b1f21
633e4851a987734f44b639b282c48e33a453fb621c6d8f0ef2e4604d4ba70cb5
6955481a79c2deddc433eba5679a8e6ff8991fff16feb5b0de62a3f3dc498f48
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d506c0a95ea6e4de253acf02e2576ffdf120a0e55bda7c7ce210392784cc1d1
713e2c6155eac02be752f8ef34bc9977a862f686df1f803cb626e708953d9443
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7398d13de9b7dd9fa7112b40472b5f444420224a1401b2794778469e11f7ae7f
766843b18869fcb2a9579588e3b672d2d53711bc64ab52dfb0feec859cf8bf10
77710d015f16c927adda55d424b8b52dedde6ce078c0e2351a9abe10bbd2223e
796092191b850ed4f6a386c8fc2adfedf6f7fa5a01a89525abaade85da039afe
859464edd1890d516125492b20230878825d7524a28605c2c512c7926d136941
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a2eec716594a088e751fb0238d964df99bbab6d347cd0ad8f61316ae4caa0b9
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
9cc3c4dadb589d80035486660fd2ead0f754793c1c393eeb6e9d501bd71875bb
a0068a2343e6929cb2a16fce58ddccf4ab4e965969acc6b566d358a288a350b0
a3f5c0fd1ceed666bd192b2ca0767f09ee1af99a6a10476ed8a6113107deaac4
a5fd1c64f23eb8ac79016f79f36a6485d7fb914311d344583aaddaebce6a544e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
add6068a7b606475a19d23dbf83383afcb4bbbd3540e83224260e56b40631447
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0ee873dabe85e8efde99a7f6eaeadb38a873a812a7f2757117497e4da233f8f
b222921d67c364316de7ac1ad09ab84665dae2dc560bd6e0703ebfaef610b481
b7c81e985e8dd6bc1dce17831140f0b40837855324ad53b9d0bfbb640cab2e18
b863fec6240018e7a7a42cf0d5a952928dd03d7ce64a5976c6fcd0e1868bae07
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c
c8eb4283faa8c6bd01e05e13f6b35e89cb451c2c1c6a70cba940756b8e64fd13
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d12e9ee40767097c8708e452b1f00bfba1a6262ecc30edc7f72bcbece6171bae
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7b5afeb254a4e3167a4ab2dbbb81c969e69605dd6739c95ad11ae9cceada3fa
eea327221bab2e96b0fedd406b2e7a12bce273e6671c9b4bf43ffca5e65d34e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e06b76ba91ff6783c21e0b94e446c68bda6dc1a4a6a131dd80e6bd40dbec86
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fc5f1160bf430506318c0eed31702edf7c501587f1305eabbb59e6c5765ca6c6
fdf85d7c2572c064d848fd3ee3be8d0c0aa6bb5afb9e39dbcf52c41a0147c7e7
fe87faa0cb2e4946b3effc90623ba707294a9acbd373869a0a9ff5e9057d47b5