www.savingmyretirement-native.com
Open in
urlscan Pro
3.69.136.55
Public Scan
Effective URL: https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_s...
Submission: On September 18 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 12th 2022. Valid for: 3 months.
This is the only time www.savingmyretirement-native.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rs-stripe.tradebriefs.com | |
tr.rev-stripe.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com
track.roitrketer.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
www.savingmyretirement-native.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-104.fra60.r.cloudfront.net
builder-assets.unbounce.com |
ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: 119.80.111.34.bc.googleusercontent.com
www.gcjdjhs3e.com |
ASN54113 (FASTLY, US)
0f45c382aad447eca80d744b72deadb8.js.ubembed.com | |
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13335 (CLOUDFLARENET, US)
js.hubspot.com | |
track.hubspot.com | |
api.hubspot.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-231.fra53.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-100-80.compute-1.amazonaws.com
events.ub-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-45.fra53.r.cloudfront.net
assets.ubembed.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
amplify.outbrain.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-166-21.compute-1.amazonaws.com
0f45c382aad447eca80d744b72deadb8.events.ubembed.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-198-133.us-west-2.compute.amazonaws.com
p.alocdn.com |
Domain | Requested by | |
---|---|---|
9 | d9hhrg4mnvzow.cloudfront.net |
www.savingmyretirement-native.com
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com |
6 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | builder-assets.unbounce.com |
www.savingmyretirement-native.com
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com |
2 | api.hubspot.com |
js.usemessages.com
|
2 | p.alocdn.com | 1 redirects |
2 | www.google.de |
www.savingmyretirement-native.com
|
2 | www.google.com |
www.savingmyretirement-native.com
|
2 | us-central1-adaptive-growth.cloudfunctions.net |
cdn.pdst.fm
|
2 | tr.outbrain.com |
amplify.outbrain.com
www.savingmyretirement-native.com |
2 | connect.facebook.net |
www.savingmyretirement-native.com
connect.facebook.net |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | fonts.googleapis.com |
builder-assets.unbounce.com
|
2 | www.googletagmanager.com |
www.savingmyretirement-native.com
www.googletagmanager.com |
2 | d34qb8suadcc4g.cloudfront.net |
www.savingmyretirement-native.com
d34qb8suadcc4g.cloudfront.net |
1 | js.usemessages.com |
js-na1.hs-scripts.com
|
1 | js.hs-banner.com |
js-na1.hs-scripts.com
|
1 | track.hubspot.com | |
1 | js-na1.hs-scripts.com |
js.hubspot.com
|
1 | 0f45c382aad447eca80d744b72deadb8.events.ubembed.com |
assets.ubembed.com
|
1 | www.facebook.com |
www.savingmyretirement-native.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | analytics.twitter.com |
www.savingmyretirement-native.com
|
1 | t.co |
www.savingmyretirement-native.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | 0f45c382aad447eca80d744b72deadb8.pages.ubembed.com |
assets.ubembed.com
|
1 | cdn.pdst.fm |
www.savingmyretirement-native.com
|
1 | cdn1.decide.dev |
www.googletagmanager.com
|
1 | static.ads-twitter.com |
www.savingmyretirement-native.com
|
1 | df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com |
www.googletagmanager.com
|
1 | amplify.outbrain.com |
www.googletagmanager.com
|
1 | assets.ubembed.com |
0f45c382aad447eca80d744b72deadb8.js.ubembed.com
|
1 | events.ub-analytics.com |
www.savingmyretirement-native.com
|
1 | s3-us-west-2.amazonaws.com |
www.savingmyretirement-native.com
|
1 | js.hubspot.com |
www.savingmyretirement-native.com
|
1 | 0f45c382aad447eca80d744b72deadb8.js.ubembed.com |
www.savingmyretirement-native.com
|
1 | www.gcjdjhs3e.com |
www.savingmyretirement-native.com
|
1 | www.savingmyretirement-native.com | |
1 | track.roitrketer.com | 1 redirects |
1 | tr.rev-stripe.com | 1 redirects |
1 | rs-stripe.tradebriefs.com | 1 redirects |
66 | 41 |
This site contains links to these domains. Also see Links.
Domain |
---|
goldco.com |
submit.optout-goldco.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.savingmyretirement-native.com R3 |
2022-09-12 - 2022-12-11 |
3 months | crt.sh |
*.unbounce.com Amazon |
2022-02-08 - 2023-03-09 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
gcjdjhs3e.com Starfield Secure Certificate Authority - G2 |
2022-05-13 - 2023-05-13 |
a year | crt.sh |
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2022-01-04 - 2023-02-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
hubspot.com Cloudflare Inc ECC CA-3 |
2022-03-08 - 2023-03-07 |
a year | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon |
2021-12-17 - 2022-11-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
*.ub-analytics.com Amazon |
2022-04-10 - 2023-05-09 |
a year | crt.sh |
assets.ubembed.com Amazon |
2022-02-04 - 2023-03-05 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-03 - 2023-04-04 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-28 - 2022-09-26 |
3 months | crt.sh |
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
*.decide.dev Amazon |
2022-01-24 - 2023-02-22 |
a year | crt.sh |
cdn.pdst.fm GTS CA 1D4 |
2022-08-08 - 2022-11-06 |
3 months | crt.sh |
*.pages.ubembed.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-28 - 2023-03-31 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
misc.google.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
*.events.ubembed.com Amazon |
2022-05-13 - 2023-06-11 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-03 - 2023-06-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF
Frame ID: 0C03B77EE6769634AF0AB8D188312CCE
Requests: 51 HTTP requests in this frame
Frame:
https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ae.html?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF&closedAt=0
Frame ID: 1BE625FB06A8CB8D593986F85EA72522
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
This Could Be The Most Important Message You Read All Year! | GoldcoPage URL History Show full URLs
-
http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-...
HTTP 301
http://tr.rev-stripe.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-... HTTP 303
https://track.roitrketer.com/21ed1c26-2621-4e24-a1d8-70cbf00d2d74?tardev=email_&pub=3328&cst=0.76&pi_adid... HTTP 302
https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&c... Page URL
Detected technologies
Unbounce (Editors) ExpandDetected patterns
- ubembed\.com
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: T&C
Search URL Search Domain Scan URL
Title: click here
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rs-stripe.tradebriefs.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-18&cs_offset=1&cs_esp=custom&articletb=tb_banner
HTTP 301
http://tr.rev-stripe.com/stripe/redirect?cs_email=63272bf9ab331&cs_stripeid=123366&cs_sendid=2022-09-18&cs_offset=1&cs_esp=custom&articletb=tb_banner HTTP 303
https://track.roitrketer.com/21ed1c26-2621-4e24-a1d8-70cbf00d2d74?tardev=email_&pub=3328&cst=0.76&pi_adid=813607&pi_clickid=d7183c6598b84cf1aaa0d0d8e5fdc991 HTTP 302
https://www.savingmyretirement-native.com/biden-warning-shot-122921/?sfcid=7014T000000kxPF&ls=001-Native-Power-Inbox&cn=855-910-6027&utm_source=Power-Inbox&utm_medium=Native&utm_campaign=7014T000000kxPF Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 60- https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522b29eb0fc-55be-42fa-893b-a9e091569b93%2522%257D&title=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year!%20%7C%20Goldco&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF HTTP 302
- https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=NXGH2ZQ-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252Fnxgh2zq%252Fge.js%2522%252C%2522ver%2522%253A%25221.5.0%2522%252C%2522guid%2522%253A%2522b29eb0fc-55be-42fa-893b-a9e091569b93%2522%257D&title=This%20Could%20Be%20The%20Most%20Important%20Message%20You%20Read%20All%20Year%21%20%7C%20Goldco&url=https%3A%2F%2Fwww.savingmyretirement-native.com%2Fbiden-warning-shot-122921%2F%3Fsfcid%3D7014T000000kxPF%26ls%3D001-Native-Power-Inbox%26cn%3D855-910-6027%26utm_source%3DPower-Inbox%26utm_medium%3DNative%26utm_campaign%3D7014T000000kxPF&tdc=1
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.savingmyretirement-native.com/biden-warning-shot-122921/ Redirect Chain
|
57 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ub.js
d34qb8suadcc4g.cloudfront.net/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
everflow.js
www.gcjdjhs3e.com/scripts/sdk/ |
58 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bundle-384ff03.z.js
builder-assets.unbounce.com/published-js/ |
103 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
0f45c382aad447eca80d744b72deadb8.js.ubembed.com/ |
2 KB 2 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
304 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3704751.js
js.hubspot.com/analytics/ |
63 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ |
98 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ge.js
s3-us-west-2.amazonaws.com/storejs/a/NXGH2ZQ/ |
32 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f0136264-fc85-4169-b135-9b4f43a24d07
https://www.savingmyretirement-native.com/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1yrc952-limied-time-offer_103t03p000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1h17tum-white-goldco-logo-gold-flame_104401k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg034s-goldco-2017-logo_104a01n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4bd15a85-guide-mockup28-2_10db098000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.savingmyretirement-native.com/biden-warning-shot-122921/ |
54 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
events.ub-analytics.com/ |
43 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.2/ |
174 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obtp.js
amplify.outbrain.com/cp/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
163 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
101 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com/ |
479 B 629 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rainmakeradventures_goldco_lander.js
cdn1.decide.dev/tracking/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping.min.js
cdn.pdst.fm/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ae.html
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 |
23 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cachedClickId
tr.outbrain.com/ |
35 B 239 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unifiedPixel
tr.outbrain.com/ |
43 B 256 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 338 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 356 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame 1BE6 |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bundle-384ff03.z.js
builder-assets.unbounce.com/published-js/ Frame 1BE6 |
103 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
952351091531861
connect.facebook.net/signals/config/ |
25 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964382751/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1BE6 |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ed93cbdc-red-bar-stars-v2_10ud00u0p000u02o00001o.jpg
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
37e1b699-bg-1_116h0nw0p00nw08q00001o.jpg
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
ce4b6690-c136-47a1-ad29-9605e2c3a84a
https://0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/ Frame 1BE6 |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css
fonts.googleapis.com/ Frame 1BE6 |
13 KB 1008 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
784ed609-hannity-edited_10880pv07l0ml00c000028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
922c03ab-hannity-square_102x02w02x01800000v028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2041c23a-asset-5-3x_10ek02z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/0f45c382aad447eca80d744b72deadb8.pages.ubembed.com/7a7a3fae-e580-4489-b1bd-795bfbe1f56f/ Frame 1BE6 |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 455 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/964382751/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/964382751/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddableActivated
0f45c382aad447eca80d744b72deadb8.events.ubembed.com/ |
0 115 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ Frame 1BE6 |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 1BE6 |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 1BE6 |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PbynFmL8HhTPqbjUzux3JEuR9ls.woff2
fonts.gstatic.com/s/passionone/v16/ Frame 1BE6 |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/ Redirect Chain
|
42 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3704751.js
js-na1.hs-scripts.com/ |
1 KB 865 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__ptq.gif
track.hubspot.com/ |
45 B 490 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3704751.js
js.hs-banner.com/ |
60 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversations-embed.js
js.usemessages.com/ |
73 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
public
api.hubspot.com/livechat-public/v1/message/ |
436 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
public
api.hubspot.com/livechat-public/v1/message/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
74 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ub object| module object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow object| EF object| geq string| tcpa string| disclosure function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| obApi function| obTag function| fbq function| _fbq function| twq function| getParam function| getExpiryRecord function| addGclid function| pdst object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| ube function| gtag object| regeneratorRuntime object| twttr object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| _0x58d607 function| GeAnalytics function| geLoadLi function| _0xe878 function| _0xa556 boolean| geqpreprun function| run_ge object| _geq boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime object| e boolean| hubspot_live_messages_running object| HubSpotConversations boolean| _hspb_ran boolean| _hspb_loaded24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.savingmyretirement-native.com/biden-warning-shot-122921/ | Name: ubpv Value: o%2Cd18ee5ff-ee53-46d2-8a27-d1705756d9b5 |
|
.rev-stripe.com/ | Name: eid3197 Value: d7183c6598b84cf1aaa0d0d8e5fdc991 |
|
.track.roitrketer.com/ | Name: 21ed1c26-2621-4e24-a1d8-70cbf00d2d74-v4 Value: -O8m_o4U4jIdRhwMdvHuIpjvxTDC05Kfvk-3MvQHiQw |
|
.track.roitrketer.com/ | Name: cc-v4 Value: FcjfIz1Wox2eaiOU8%2FeeXiVSfdZnTrzqDuYkl7AytpmTlL0Xf6iD8xPkzedCVyOnB8Mt9ZqNXq2a2WaHp1e33DL2yyvtkhXeXpEgKOtCMLRrJFwi3MBI8hYkVxrSnkAXxcmrW1WyBWywGPNRbCA9Kg%3D%3D |
|
www.savingmyretirement-native.com/ | Name: ubvs Value: c815d0ab-1495-44f3-b749-6e5212505a3b |
|
.savingmyretirement-native.com/ | Name: ubvt Value: c815d0ab-1495-44f3-b749-6e5212505a3b |
|
.hubspot.com/ | Name: __cf_bm Value: llp7wB2aLmCJxp.P1cySidRrR.aGqbhPsJq9fDQc_0k-1663538947-0-AUT3d2iVIOUGn+/VzibmYt0fsMoQXIo8sPREyjYSh8hvMxzbeDwDEaovbOY2EYoUN3Z68I847mdFjTimZHwonxY= |
|
.savingmyretirement-native.com/ | Name: _gcl_au Value: 1.1.499471706.1663538947 |
|
www.savingmyretirement-native.com/ | Name: __pdst Value: c13c249468fe475789828f98c7dd9025 |
|
.savingmyretirement-native.com/ | Name: _ga Value: GA1.2.1643747763.1663538947 |
|
.savingmyretirement-native.com/ | Name: _gid Value: GA1.2.231661189.1663538947 |
|
.savingmyretirement-native.com/ | Name: _gat_UA-27499361-13 Value: 1 |
|
.savingmyretirement-native.com/ | Name: _fbp Value: fb.1.1663538947609.1241766885 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.t.co/ | Name: muc_ads Value: b197c8b8-f534-4004-81a7-67957fc0464d |
|
www.savingmyretirement-native.com/ | Name: outbrain_cid_fetch Value: true |
|
.twitter.com/ | Name: personalization_id Value: "v1_oK+y4HdGHLqvgE/7ZUALaQ==" |
|
www.savingmyretirement-native.com/ | Name: _geuid Value: b29eb0fc-55be-42fa-893b-a9e091569b93 |
|
www.savingmyretirement-native.com/ | Name: _geps Value: true |
|
.alocdn.com/ | Name: uuid Value: 33aa42fe-ce9b-4aa9-8f58-d90a5fee3ba4 |
|
www.savingmyretirement-native.com/ | Name: __hstc Value: 233391809.96b0e8af0212123f70e197554d9fa4f1.1663538948561.1663538948561.1663538948561.1 |
|
www.savingmyretirement-native.com/ | Name: hubspotutk Value: 96b0e8af0212123f70e197554d9fa4f1 |
|
www.savingmyretirement-native.com/ | Name: __hssrc Value: 1 |
|
www.savingmyretirement-native.com/ | Name: __hssc Value: 233391809.1.1663538948562 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0f45c382aad447eca80d744b72deadb8.events.ubembed.com
0f45c382aad447eca80d744b72deadb8.js.ubembed.com
0f45c382aad447eca80d744b72deadb8.pages.ubembed.com
amplify.outbrain.com
analytics.twitter.com
api.hubspot.com
assets.ubembed.com
builder-assets.unbounce.com
cdn.pdst.fm
cdn1.decide.dev
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
df50e3ae405b4241b4af5546de3c50fa.js.ubembed.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-na1.hs-scripts.com
js.hs-banner.com
js.hubspot.com
js.usemessages.com
p.alocdn.com
rs-stripe.tradebriefs.com
s3-us-west-2.amazonaws.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
tr.rev-stripe.com
track.hubspot.com
track.roitrketer.com
us-central1-adaptive-growth.cloudfunctions.net
www.facebook.com
www.gcjdjhs3e.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.savingmyretirement-native.com
104.244.42.195
104.244.42.5
13.32.99.104
13.84.54.237
142.250.185.226
143.204.214.231
143.204.215.45
151.101.193.131
18.193.209.105
18.235.166.21
199.232.136.157
2001:4860:4802:36::36
23.35.237.86
2600:9000:2057:9e00:1d:11cf:5800:93a1
2600:9000:2304:5000:9:d7ff:bd00:93a1
2606:4700:4400::ac40:9a55
2606:4700::6811:d2cc
2606:4700::6811:eccc
2606:4700::6813:9b53
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
3.126.202.50
3.69.136.55
34.111.80.119
35.244.142.80
52.33.198.133
52.92.148.0
54.236.100.80
70.42.32.63
075fa22ba873c778fc327f926df69522adbc25d9c81b73dcef77fa0ed0b43e37
0a4972567d9ab811d841f5a31b857c5d6771f3ef25ac3ec3394f9f74a5226b9c
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0b6e524eadb68ef5ca9f5a116ed3b2ea157ecf1677ba8b5f8ba6017d95fcdf99
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1f82d885df95376603d17b3fe4923d951136d6895afabc827328c70e925e4bc3
215bbfc7f1f8dd69b61d6f929de0d0cc497553ef79ea820ba82c92e6439a25fc
2b043b100b3e73ada9434d2565bedc62cb1b765aa27fa1bd65e9961685d27808
2d160f4c6da67df6a5390596915e5127090fc653b0b11c346170950892032066
2de688068f0f7b3d01c177a2144448ec240d2dc2afa227f25311d7131416dd72
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35850a0a6038486150c986233027528a6371cac0e467ee424be3fee05ff55802
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
64966b8bc82723ee6064484ecfaf675b1fcaf327b78eaab6728dc451d218c490
6e7f282482c5740f0246beff05f0426296a17c51bced89d17bbb1b7fa33c1919
73683e3222bce5c708109379079fb5c26569f212b76d9df87757d2dae669afd2
74e39c2976396bb8faf541f69ab7b0138ebf16e9129b94c45260f407e634b0cb
79b74ebd2a4f14fd1ee393d789f007bbf79dc3192e89c16f3f4b92d81feca295
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9cbf49165a30b7b009c5671047b1b381ed001905e55155c6e2c78d08ec1581e7
9f675932b572ee7d57dcfcecdbd50bc252a1e46ed337eda6170eb048b01100b4
a13b7c2a64362e11b17f9489f8d1fe31e37d1728adca8735a309ab2a9966e1ce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3931d3e0be47f8b72a4b380a25a19e6569ea516c3578be36f8ded9a87176171
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcb1c89c13267a94e4f77807a36f80f52c196e9ea0ebbbc0f8b8030a651ff8c1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7c0106609ecdd4f366663e38fecc53224c2ae10b6450da01332a5680c179df
df6cacf6a0e593a8d63da77cdbbfde95d8e14084c2b2037cbf53fdd55fc60432
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b87aa58b2c1a92f5d366c2b120e447d173d03f19f4c45855c6e6e6505fcd83
ea2e0ea8742d4db015d40ec77e2a976a553d80f0aa31ec84af7ee30fc113cd0a
eb49ce211df074142d735927bb3e8b655ccf39a7cc444baf02e871bcd47986df
ec27d8dc307c9e039427dc431660516a3c1e104808845debd3deb0cc7582063f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa22679ba975a64c95d4f15e9fb042d9a02f97bc89a1f10b243bd83b3ec15091
fdbfde36a43a52a8be69a0aae36e40a1ceeec828a15868e940deb9c827b5dfa1