www.rafflecopter.com
Open in
urlscan Pro
173.255.204.176
Public Scan
Submission: On May 18 via api from US
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 4th 2021. Valid for: a year.
This is the only time www.rafflecopter.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li214-176.members.linode.com
www.rafflecopter.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-111.fra2.r.cloudfront.net
widget-prime.rafflecopter.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-142.fra2.r.cloudfront.net
homepage.rafflecopter.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-224-81.iad79.r.cloudfront.net
cdn.segment.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-121-72.bud50.r.cloudfront.net
customizer-css.rafflecopter.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-84-107-14.bud50.r.cloudfront.net
d1bg42r4siwejx.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-59-51.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org | |
d.adroll.com |
ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
track.customer.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com
pixel.advertising.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-81-184.eu-central-1.compute.amazonaws.com
eb2.3lift.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-36.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Domain | Requested by | |
---|---|---|
16 | d.adroll.com | 14 redirects |
12 | www.rafflecopter.com |
www.rafflecopter.com
|
5 | s.adroll.com |
1 redirects
www.rafflecopter.com
s.adroll.com |
5 | widget-prime.rafflecopter.com |
www.rafflecopter.com
widget-prime.rafflecopter.com |
5 | use.typekit.net |
www.rafflecopter.com
|
4 | connect.facebook.net |
cdn.segment.com
widget-prime.rafflecopter.com connect.facebook.net |
3 | www.google-analytics.com |
www.rafflecopter.com
www.google-analytics.com cdn.segment.com |
3 | homepage.rafflecopter.com |
www.rafflecopter.com
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | us-u.openx.net | 1 redirects |
2 | ib.adnxs.com | 1 redirects |
2 | x.bidswitch.net | 1 redirects |
2 | eb2.3lift.com | 1 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | pixel.advertising.com | 2 redirects |
1 | www.facebook.com | |
1 | idsync.rlcdn.com | |
1 | sync.taboola.com | |
1 | ads.yahoo.com | |
1 | simage2.pubmatic.com | |
1 | sync.outbrain.com | |
1 | pixel.rubiconproject.com | |
1 | ups.analytics.yahoo.com | |
1 | track.customer.io | |
1 | d.adroll.mgr.consensu.org | 1 redirects |
1 | d1bg42r4siwejx.cloudfront.net | |
1 | customizer-css.rafflecopter.com |
widget-prime.rafflecopter.com
|
1 | assets.customer.io |
cdn.segment.com
|
1 | cdn.mxpnl.com |
cdn.segment.com
|
1 | p.typekit.net |
www.rafflecopter.com
|
1 | www.google.de |
www.rafflecopter.com
|
1 | www.google.com |
www.rafflecopter.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | cdn.segment.com |
www.rafflecopter.com
|
1 | ajax.googleapis.com |
www.rafflecopter.com
|
1 | cdn.jsdelivr.net |
www.rafflecopter.com
|
63 | 36 |
This site contains links to these domains. Also see Links.
Domain |
---|
fbflash.rafflecopter.com |
jobs.rafflecopter.com |
facebook.com |
twitter.com |
blog.rafflecopter.com |
kb.rafflecopter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.rafflecopter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-04 - 2022-02-16 |
a year | crt.sh |
use.typekit.net DigiCert SHA2 Secure Server CA |
2020-01-28 - 2022-02-01 |
2 years | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-05-18 - 2022-03-26 |
10 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.segment.com DigiCert SHA2 Secure Server CA |
2020-06-12 - 2021-07-27 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
adroll.com R3 |
2021-03-30 - 2021-06-28 |
3 months | crt.sh |
*.mxpnl.com RapidSSL RSA CA 2018 |
2019-07-29 - 2021-07-28 |
2 years | crt.sh |
*.customer.io R3 |
2021-04-30 - 2021-07-29 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2021-02-22 - 2022-02-21 |
a year | crt.sh |
adroll.mgr.consensu.org Amazon |
2020-10-08 - 2021-11-07 |
a year | crt.sh |
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-03-22 - 2021-09-15 |
6 months | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2021-02-05 - 2022-02-09 |
a year | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-18 - 2022-01-18 |
a year | crt.sh |
*.outbrain.com Thawte RSA CA 2018 |
2019-10-29 - 2021-11-23 |
2 years | crt.sh |
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2020-12-07 - 2021-12-14 |
a year | crt.sh |
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-05-11 - 2021-06-30 |
2 months | crt.sh |
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2020-11-25 - 2021-12-26 |
a year | crt.sh |
*.3lift.com Amazon |
2020-07-04 - 2021-08-05 |
a year | crt.sh |
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2020-04-23 - 2022-05-04 |
2 years | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2021-03-05 - 2022-02-19 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2021-02-25 - 2022-03-28 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.rafflecopter.com/rafl/display/0687d3d62/
Frame ID: EC3AEBDE8510081490B3387B10DFFFF1
Requests: 56 HTTP requests in this frame
Frame:
https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 867D953257AB88ABEF02A93CD978C58D
Requests: 7 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
AdRoll (Advertising Networks) Expand
Detected patterns
- script /(?:a|s)\.adroll\.com/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Segment (Analytics) Expand
Detected patterns
- script /cdn\.segment\.com\/analytics\.js/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: FB Flash
Search URL Search Domain Scan URL
Title: Work with Us
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Knowledge Base
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 41- https://s.adroll.com/j/exp/GMHKO672IFDXXL2J6IGA2A/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/GMHKO672IFDXXL2J6IGA2A?_s=a56830cfa56c661ac7041d48a56fd7e3&_b=2 HTTP 302
- https://d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/?_s=a56830cfa56c661ac7041d48a56fd7e3&_b=2
- https://d.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&pv=55520079042.455414&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/YIJVELYQHBAH7PT3DEIY5A.js
- https://d.adroll.com/cm/aol/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP75de8199-b821-11eb-be68-0297f18d7a9a
- https://d.adroll.com/cm/index/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&expiration=1652909941 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&expiration=1652909941&C=1
- https://d.adroll.com/cm/n/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&expires=365
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/taboola/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/b/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU
- https://d.adroll.com/cm/x/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=YjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYjZmZDk5MDdkZjBlYTdmZjQwNTVjMzZmZTMxMmFiMzU
- https://d.adroll.com/cm/l/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=b6fd9907df0ea7ff4055c36fe312ab35
- https://d.adroll.com/cm/o/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=b6fd9907df0ea7ff4055c36fe312ab35 HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=b6fd9907df0ea7ff4055c36fe312ab35
- https://d.adroll.com/cm/g/out?adroll_fpc=7cf360687d3a02d780f4a28c0c27080e-1621373941418&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2F0687d3d62%2F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A&google_nid=adroll4 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=tv2ZB98Op_9AVcNv4xKrNQ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=tv2ZB98Op_9AVcNv4xKrNQ&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.rafflecopter.com/rafl/display/0687d3d62/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bdl5nui.js
use.typekit.net/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
cdn.jsdelivr.net/modernizr/2.7.1/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
www.rafflecopter.com/static/styles/css/ |
444 B 511 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rafl.css
www.rafflecopter.com/static/styles/css/ |
336 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-logo.png
www.rafflecopter.com/static/img/newhome/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch.js
widget-prime.rafflecopter.com/ |
361 B 805 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-footer.png
homepage.rafflecopter.com/img/ |
714 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-main.png
www.rafflecopter.com/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boulder-love.png
homepage.rafflecopter.com/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.js
www.rafflecopter.com/static/js/rafl-new/build/min/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
support.js
www.rafflecopter.com/static/js/rafl-new/build/min/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segmentalicious.js
www.rafflecopter.com/static/js/rafl-new/build/min/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load.js
widget-prime.rafflecopter.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tn-start.png
www.rafflecopter.com/static/img/newhome/ |
354 B 591 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tn-login.png
www.rafflecopter.com/static/img/newhome/ |
340 B 577 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue.jpg
www.rafflecopter.com/static/img/newhome/bg/ |
101 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-social-sprite.png
homepage.rafflecopter.com/img/ |
500 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue.png
www.rafflecopter.com/static/img/newhome/bg/ |
533 KB 534 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/40a5d0/00000000000000003b9ad1af/27/ |
14 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/vSxDQ9MHTpnuGDst7AIGarT1lV5M8fUF/ |
409 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.html
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 867D |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 867D |
221 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load.gif
widget-prime.rafflecopter.com/static/img/ Frame 867D |
6 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 450 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 293 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 505 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
41 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
75 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.js
assets.customer.io/assets/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
92 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 867D |
70 KB 70 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ Frame 867D |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 867D |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/ |
0 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/ Redirect Chain
|
394 B 862 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sdk.js
connect.facebook.net/en_US/ Frame 867D |
213 KB 63 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.gif
track.customer.io/events/ |
0 0 |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
YIJVELYQHBAH7PT3DEIY5A.js
s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
747428811997279
connect.facebook.net/signals/config/ |
254 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
42 B 798 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 477 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
simage2.pubmatic.com/AdServer/ Redirect Chain
|
1 B 549 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
ads.yahoo.com/cms/ Redirect Chain
|
0 446 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtb-h
sync.taboola.com/sg/adroll-network/1/ Redirect Chain
|
0 219 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 352 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 344 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
377928.gif
idsync.rlcdn.com/ Redirect Chain
|
0 66 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 536 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Typekit object| html5 object| Modernizr function| yepnope object| cptr function| $ function| jQuery object| RAFL string| adroll_adv_id string| adroll_pix_id object| $userDropdown object| $toggle object| analytics string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| mixpanel object| _cio function| _fbq function| fbq boolean| __adroll_loaded string| adroll_sid object| dataLayer object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback number| c_start number| c_end boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| adroll_exp_list string| adroll_seg_eid4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rafflecopter.com/ | Name: _gat Value: 1 |
|
.rafflecopter.com/ | Name: _gid Value: GA1.2.718265242.1621373940 |
|
www.rafflecopter.com/ | Name: mp_34f966f6c8e6eeddfba1554b9e006055_mixpanel Value: %7B%22distinct_id%22%3A%20%22179816af5f8b55-037bcea0df60b6-38395d0b-1d4c00-179816af5f9c20%22%2C%22%24device_id%22%3A%20%22179816af5f8b55-037bcea0df60b6-38395d0b-1d4c00-179816af5f9c20%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
.rafflecopter.com/ | Name: _ga Value: GA1.2.1370557669.1621373940 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
ajax.googleapis.com
assets.customer.io
cdn.jsdelivr.net
cdn.mxpnl.com
cdn.segment.com
cm.g.doubleclick.net
connect.facebook.net
customizer-css.rafflecopter.com
d.adroll.com
d.adroll.mgr.consensu.org
d1bg42r4siwejx.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
homepage.rafflecopter.com
ib.adnxs.com
idsync.rlcdn.com
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
track.customer.io
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
widget-prime.rafflecopter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.rafflecopter.com
x.bidswitch.net
108.161.187.71
13.224.193.111
13.225.74.142
141.226.228.48
142.250.185.130
173.255.204.176
18.156.0.31
18.158.81.184
18.195.73.36
18.197.99.6
185.33.220.240
185.64.189.110
2.18.234.21
2600:1901:0:bc29::
2a00:1288:80:800::7001
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c0a::9d
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
2a02:26f0:6c00::210:bac8
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:1b::621
34.98.64.218
35.227.225.220
35.244.174.68
52.84.107.14
52.85.121.72
54.220.59.51
64.202.112.95
69.173.144.138
99.86.224.81
01043c5ebd1190e2c15d1e2f8104872bed151a4433293608f9ce9769c8a414ec
06aed5a2e6491641a336d32bc3ea03a50494452072ef897e3241c8b137798196
071f941d6a8715858820ce94b3d128d72066698e3ab4520a833e189c826f2865
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11540676c1168ae2fe03e6ab35069c76961b6e4d165e179aa6b6c48152ffc382
14ac4b3b97114992a68308f399ba7e528723c20da99f7f74f2a4adb2cb844438
152125c136dc4c614d155a7693192357415a69baeefec8c16a953da06c8cb971
28c0bcdfa58f0e848538387f19ec1e66984e5adf4d1c4000e7109b6fc6534ec5
29d0b9a2f069ca6f012afefafdfa43181d220b3e8f601221cdd8eed1f4271c06
2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa
39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69
443e613fea1f228a7e215d063a4963eed8c7c7e9361be155a412b42fa9a58046
489a4386338e36f682ffe2d169f75c6edf2027e3b2cdb5f7e5cbf2ff5695c30a
493d2d902ad0cc122ae7fb0512b311338233aa1e5d75cec374deccc1b2b5e4cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53d05d7452c1832f21f706f581c2a1c9c26e9907a8249e0996aca3ac82b1ebdf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54900e560535516e101c12a4448262afb572008588f3e00e27b889b105789adb
5b3c07f3e9ce40618a50e21270e0d8b6cc9d84ce4f8040674f030cfa961fd1cd
6d3460aac8a2c16d3f31c72567adab0fc53d60c770b1678b15f83f34536ff780
76d71e3d521b290dcb2d335f4fddf74b71cfcaab7770b855f5e381e271819958
7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a
7f5098cd879aeff6511b4a42f3df48e78a4ee71787dd32068311e7d046b9d0c1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a
8a7698e5781653c534341c7c77e3aa80f9efcb6e1313c0e85f667e9e932b4caf
9a211dc743c4b96e0a9aa983afac1cee4c29966f5a50586b26d023f1893d8ec4
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b4f08338c001b25e59686f0499c2b109f5b50ed5f4340a8460c2969fd414624b
b508cfec92c76e781a975a1722460d09fb94e504d308edc01eed40276eee69a7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c296a7534362d49dd9bc5b6419228819eafc0e281b266031939b59510172a482
ca386af0b6e462f02569bf9a6b6ea69979b45f7987b1343612a8b05d026a22e5
dc9c0210472da908d21e73701c914e53781c4688a7f4595ef8d0189b0a5070f4
dd750ecd37b66bc3786e91d5c0a8a5dd7003d94c8917a719bd9c9c529762c87b
de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca
e3a930823005bc0f4d219c38fb47093bd8507505efc44b285cfdb0936408ba24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ead0ca5fed5e6bc04a7e2657eb61489bdee2d0ee469537517b17436637d290
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fbf7da85264f15bbc40961598c634373a43164130e28a022a8ecd144ae46b64b
fd2dcae00d595c62205c1e9c1c9479da45e7782ec52eeaa4676ee899dfe61c6a