www.2nd.md
Open in
urlscan Pro
52.42.134.91
Public Scan
Effective URL: https://www.2nd.md/sweepstakes/unisys
Submission: On January 12 via api from US
Summary
TLS certificate: Issued by Amazon on October 21st 2020. Valid for: a year.
This is the only time www.2nd.md was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-134-91.us-west-2.compute.amazonaws.com
www.2nd.md |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-222-207.us-west-2.compute.amazonaws.com
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-96.zrh50.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-39.zrh50.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: 225.180.186.35.bc.googleusercontent.com
apgb2b-reachcodeandproxy.gannettdigital.com |
ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi |
ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com
tag.simpli.fi | |
i.simpli.fi |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com | |
track.hubspot.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-30.zrh50.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-1-140.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com |
ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-76-228.eu-central-1.compute.amazonaws.com
aa.agkn.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-81.fra2.r.cloudfront.net
sync.intentiq.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-136-82.compute-1.amazonaws.com
sync.bfmio.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-210-81.deploy.static.akamaitechnologies.com
stags.bluekai.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net |
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net |
This site contains links to these domains. Also see Links.
Domain |
---|
2nd.md |
www.facebook.com |
twitter.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
2nd.md Amazon |
2020-10-21 - 2021-11-19 |
a year | crt.sh |
*.rlets.com DigiCert SHA2 High Assurance Server CA |
2018-01-26 - 2021-02-03 |
3 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-18 - 2021-07-18 |
a year | crt.sh |
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-08-07 - 2021-04-24 |
9 months | crt.sh |
*.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.reachlocalservices.com DigiCert SHA2 High Assurance Server CA |
2018-01-26 - 2021-02-03 |
3 years | crt.sh |
gannettdigital.com R3 |
2020-12-05 - 2021-03-05 |
3 months | crt.sh |
*.simpli.fi DigiCert SHA2 Secure Server CA |
2019-09-18 - 2021-12-12 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
chatbot.com Amazon |
2020-09-26 - 2021-10-28 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
hubspot.com Cloudflare Inc ECC CA-3 |
2020-07-27 - 2021-07-27 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.tremorhub.com Amazon |
2020-07-25 - 2021-08-25 |
a year | crt.sh |
*.tapad.com DigiCert SHA2 Secure Server CA |
2020-10-05 - 2021-11-06 |
a year | crt.sh |
*.intentiq.com Amazon |
2020-04-10 - 2021-05-10 |
a year | crt.sh |
*.exelator.com Go Daddy Secure Certificate Authority - G2 |
2019-05-17 - 2021-06-25 |
2 years | crt.sh |
*.bfmio.com Amazon |
2020-06-14 - 2021-07-14 |
a year | crt.sh |
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1 |
2020-10-15 - 2021-04-09 |
6 months | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2019-06-13 - 2021-06-28 |
2 years | crt.sh |
*.lijit.com Go Daddy Secure Certificate Authority - G2 |
2020-03-11 - 2021-05-10 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
*.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.search.spotxchange.com GeoTrust RSA CA 2018 |
2019-03-20 - 2021-04-21 |
2 years | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-18 - 2022-01-18 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
https://www.2nd.md/sweepstakes/unisys
Frame ID: 03CA2586F9CD7B90020FA873B7267B38
Requests: 68 HTTP requests in this frame
Frame:
https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html
Frame ID: D83C9572DFD30A04489D885608242DCB
Requests: 1 HTTP requests in this frame
Frame:
https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0
Frame ID: 3AA51AFDD6014A42BE35C4C718C5912F
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 9CC398AC6BFEECC9522B8B45A9677FC0
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: 0739D5E9BBD1F496D85B7068DE1FD70B
Requests: 1 HTTP requests in this frame
Frame:
https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html
Frame ID: 865346D29F8F4FB6DF22400309D2DA27
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=670
Frame ID: F901AA18543011BE0133AB6DDFC9C10E
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.2nd.md/sweepstakes/unisys
HTTP 301
https://www.2nd.md/sweepstakes/unisys Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: 2nd.md/activate/aetna
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.2nd.md/sweepstakes/unisys
HTTP 301
https://www.2nd.md/sweepstakes/unisys Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 52- https://um.simpli.fi/telaria_p HTTP 302
- https://simplifi.partners.tremorhub.com/sync?UISF=CC0FA7D163134803A3F6BD0884BFE6A0
- https://um.simpli.fi/tapad HTTP 302
- https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CC0FA7D163134803A3F6BD0884BFE6A0 HTTP 302
- https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CC0FA7D163134803A3F6BD0884BFE6A0
- https://um.simpli.fi/ad_advisor HTTP 302
- https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=CC0FA7D163134803A3F6BD0884BFE6A0 HTTP 302
- https://um.simpli.fi/aa_px?sk=165021003664001021866
- https://um.simpli.fi/intentiq HTTP 302
- https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CC0FA7D163134803A3F6BD0884BFE6A0
- https://um.simpli.fi/dtnx HTTP 302
- https://fei.pro-market.net/engine?du=24;csync=CC0FA7D163134803A3F6BD0884BFE6A0;mimetype=img; HTTP 302
- https://fei.pro-market.net/engine?du=24;csync=CC0FA7D163134803A3F6BD0884BFE6A0;mimetype=img;sr HTTP 302
- https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-1405040837858800755
- https://um.simpli.fi/exelatem HTTP 302
- https://loadm.exelator.com/load/?p=204&g=2191&simid=CC0FA7D163134803A3F6BD0884BFE6A0&j=0 HTTP 302
- https://loadm.exelator.com/load/?p=204&g=2191&simid=CC0FA7D163134803A3F6BD0884BFE6A0&j=0&xl8blockcheck=1
- https://um.simpli.fi/beachfront HTTP 302
- https://sync.bfmio.com/sync?pid=141&uid=CC0FA7D163134803A3F6BD0884BFE6A0
- https://um.simpli.fi/bluekai HTTP 302
- https://stags.bluekai.com/site/29931?id=CC0FA7D163134803A3F6BD0884BFE6A0
- https://um.simpli.fi/crwdcntrl HTTP 302
- https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CC0FA7D163134803A3F6BD0884BFE6A0 HTTP 302
- https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CC0FA7D163134803A3F6BD0884BFE6A0
- https://um.simpli.fi/lj_match HTTP 302
- https://ce.lijit.com/merge?pid=2&3pid=CC0FA7D163134803A3F6BD0884BFE6A0 HTTP 302
- https://ce.lijit.com/merge?pid=2&3pid=CC0FA7D163134803A3F6BD0884BFE6A0&dnr=1
- https://um.simpli.fi/liveramp_match HTTP 302
- https://idsync.rlcdn.com/419566.gif?partner_uid=CC0FA7D163134803A3F6BD0884BFE6A0
- https://www.googleadservices.com/pagead/conversion/1026675585/?random=1610465890155&cv=7&fst=1610465890155&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2074225377&cv=7&fst=1610465890155&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YsL9X6eDDIOL7_UP0sOGsAE&sscte=1&crd= HTTP 302
- https://www.google.com/pagead/1p-conversion/1026675585/?random=2074225377&cv=7&fst=1610465890155&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YsL9X6eDDIOL7_UP0sOGsAE&cid=CAQSKQCNIrLMNryyiFl__92pZOZtT0AFgy05rqOPbUwKN9905d4QgkIsDQxj&random=4132643656 HTTP 302
- https://www.google.de/pagead/1p-conversion/1026675585/?random=2074225377&cv=7&fst=1610465890155&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YsL9X6eDDIOL7_UP0sOGsAE&cid=CAQSKQCNIrLMNryyiFl__92pZOZtT0AFgy05rqOPbUwKN9905d4QgkIsDQxj&random=4132643656&ipr=y
- https://um.simpli.fi/spotx_match HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7797&uid=CC0FA7D163134803A3F6BD0884BFE6A0 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7797&uid=CC0FA7D163134803A3F6BD0884BFE6A0&__user_check__=1&sync_id=2cbf1237-54ec-11eb-8069-1a7cb9e30806
- https://um.simpli.fi/an HTTP 302
- https://ib.adnxs.com/setuid?entity=66&code=CC0FA7D163134803A3F6BD0884BFE6A0 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCC0FA7D163134803A3F6BD0884BFE6A0
- https://um.simpli.fi/rb_match HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CC0FA7D163134803A3F6BD0884BFE6A0&expires=365
- https://um.simpli.fi/ox_match HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537072966&val=CC0FA7D163134803A3F6BD0884BFE6A0 HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=CC0FA7D163134803A3F6BD0884BFE6A0
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
- https://um.simpli.fi/g_match?id=&google_gid=CAESEPkDn0DAkkjrmUacs-G8bdM&google_cver=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CC0FA7D163134803A3F6BD0884BFE6A0 HTTP 302
- https://um.simpli.fi/g_match?id=
78 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
unisys
www.2nd.md/sweepstakes/ Redirect Chain
|
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.js
www.2nd.md/assets/webLayout/js/ |
281 KB 282 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.js
www.2nd.md/assets/webLayout/js/ |
218 KB 218 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5014927a5dbf0855d40cd00.js
cdn.rlets.com/capture_configs/9f2/f60/d18/ |
173 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 884 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.2nd.md/assets/webLayout/css/ |
152 KB 153 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/ |
67 KB 68 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webLayout.css
www.2nd.md/assets/webLayout/css/ |
94 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping.js
ping.kickfactory.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plain-banner.png
www.2nd.md/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_2nd_md_white.png
www.2nd.md/assets/webLayout/img/ |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb_icon.png
www.2nd.md/assets/webLayout/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter_icon.png
www.2nd.md/assets/webLayout/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin_icon.png
www.2nd.md/assets/webLayout/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
player.js
player.vimeo.com/api/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4455734.js
js.hs-scripts.com/ |
1 KB 896 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.html
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/ Frame D83C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1426662.js
static.hotjar.com/c/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
84 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
301039111
player.vimeo.com/video/ Frame 3AA5 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-background.jpg
www.2nd.md/assets/webLayout/img/ |
118 KB 119 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
www.2nd.md/assets/webLayout/fontawesome-5.8.2/webfonts/ |
73 KB 73 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.f24e95ebbea0a3617008.js
script.hotjar.com/ |
223 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
originCountry
capture-api.reachlocalservices.com/ |
36 B 555 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
originCountry
capture-api.reachlocalservices.com/ Frame |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
insights
apgb2b-reachcodeandproxy.gannettdigital.com/capture_logger/api/v1/ |
0 541 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
insights
apgb2b-reachcodeandproxy.gannettdigital.com/capture_logger/api/v1/ Frame |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
gannett
um.simpli.fi/ Frame |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gannett
um.simpli.fi/ |
33 B 537 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
90 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3f25cc00-b9ab-0134-0eba-0cc47a63c1a4
tag.simpli.fi/sifitag/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2314438768818997
connect.facebook.net/signals/config/ |
240 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 267 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visits
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/api/v1/ |
142 B 542 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
visits
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/api/v1/ Frame |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 158 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin.js
cdn.chatbot.com/widget/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4455734.js
js.hs-analytics.net/analytics/1610465700000/ |
60 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4455734.js
js.hs-banner.com/ |
54 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collectedforms.js
js.hscollectedforms.net/ |
87 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 65 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 85 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
forms.hubspot.com/collected-forms/v1/config/ |
115 B 329 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 9CC3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/1426662/ |
178 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.js
cdn.chatbot.com/widget/ |
72 B 392 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings.json
cdn.chatbot.com/widget/5d5ec2ba4f2cc853b4813015/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
i.simpli.fi/ |
746 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__ptq.gif
track.hubspot.com/ |
45 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
simplifi.partners.tremorhub.com/ Redirect Chain
|
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check
pixel.tapad.com/idsync/ex/receive/ Redirect Chain
|
95 B 414 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aa_px
um.simpli.fi/ Redirect Chain
|
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nexage
um.simpli.fi/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubmatic
um.simpli.fi/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
freewheel
um.simpli.fi/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
loadm.exelator.com/load/ Redirect Chain
|
0 2 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo
um.simpli.fi/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
sync.bfmio.com/ Redirect Chain
|
0 421 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
29931
stags.bluekai.com/site/ Redirect Chain
|
62 B 329 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tpid=CC0FA7D163134803A3F6BD0884BFE6A0
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Redirect Chain
|
49 B 712 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
merge
ce.lijit.com/ Redirect Chain
|
0 433 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
419566.gif
idsync.rlcdn.com/ Redirect Chain
|
0 42 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-conversion/1026675585/ Redirect Chain
|
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
42 B 775 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g_match
um.simpli.fi/ Redirect Chain
|
0 320 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capture.js
cdn.rlets.com/capture_static/mms/ Frame 0739 |
160 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.html
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/ Frame 8653 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin.js
cdn.chatbot.com/widget/v1/ |
34 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat.html
cdn.chatbot.com/widget/v1/ Frame F901 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap object| rl_widget_cfg object| RLCAP string| base_url boolean| isMobile boolean| isClient boolean| isSpecialist boolean| isCareUser boolean| isAdmin function| hj object| _hjSettings object| dataLayer string| csrf_token_name string| csrf_token_value object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager function| kf_ping function| kf_trackback boolean| h_v object| kf_data string| a function| fbq function| _fbq object| RL object| sifi_att_42656 object| Vimeo boolean| VimeoPlayerResizeEmbeds_ string| GoogleAnalyticsObject function| ga object| __be object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _hsp boolean| _hspb_loaded function| bindToWindowOnError function| OutpostErrorReporter object| __hsCollectedFormsDebug object| _hsq object| _paq boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| BE_CONFIG object| BE_API23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/ | Name: visitor_id Value: ae2bc392-377f-4ee6-8ae8-e07c2aa674c7 |
|
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/ | Name: test Value: test |
|
.2nd.md/ | Name: __hssc Value: 112361499.1.1610465890147 |
|
.2nd.md/ | Name: __hstc Value: 112361499.14767f147c6c09f9d1360cb9160d1b06.1610465890147.1610465890147.1610465890147.1 |
|
www.2nd.md/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.2nd.md/ | Name: _gid Value: GA1.2.1064682114.1610465890 |
|
.2nd.md/ | Name: __hssrc Value: 1 |
|
www.2nd.md/ | Name: sifi_user_id Value: FE5B2DE86EC54CB296772DD3EFBB3151 |
|
.2nd.md/ | Name: _hjFirstSeen Value: 1 |
|
www.2nd.md/ | Name: AWSALBCORS Value: k+LxBSREEW9oh7do8KJ42j/Y+UksNS0U7zVF+CyZyVKwlgkAcqUOCrvnLMTmVYkEipDJvugik99bVRVdcfYzGEVAsWbFVpbd5MK5X/OwlP1v5r0oJSO9oeUbuNCb |
|
.2nd.md/ | Name: hubspotutk Value: 14767f147c6c09f9d1360cb9160d1b06 |
|
www.2nd.md/ | Name: AWSALB Value: k+LxBSREEW9oh7do8KJ42j/Y+UksNS0U7zVF+CyZyVKwlgkAcqUOCrvnLMTmVYkEipDJvugik99bVRVdcfYzGEVAsWbFVpbd5MK5X/OwlP1v5r0oJSO9oeUbuNCb |
|
.2nd.md/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.2nd.md/ | Name: _ga Value: GA1.2.550083487.1610465890 |
|
www.2nd.md/ | Name: csrftokencookie Value: 0d0f4fb1eff5bf9e2b9aef6946686af8 |
|
.2nd.md/ | Name: _hjTLDTest Value: 1 |
|
.www.2nd.md/ | Name: kf_ch Value: 32f050cd-078d-4227-6788-c26b4a594ba1 |
|
.2nd.md/ | Name: _hjid Value: 025431f8-da87-44ff-8043-135e5df6da6d |
|
.2nd.md/ | Name: _fbp Value: fb.1.1610465887971.1877873062 |
|
www.2nd.md/ | Name: ci_session Value: vh21cn3rjl349i9q2flvbmjmcg776al9 |
|
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/ | Name: sifi_user_id Value: FE5B2DE86EC54CB296772DD3EFBB3151 |
|
.2nd.md/ | Name: _gat Value: 1 |
|
www.2nd.md/ | Name: rl_visitor_history Value: ae2bc392-377f-4ee6-8ae8-e07c2aa674c7 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
aa.agkn.com
apgb2b-reachcodeandproxy.gannettdigital.com
bcp.crwdcntrl.net
capture-api.reachlocalservices.com
cdn.chatbot.com
cdn.rlets.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
loadm.exelator.com
ping.kickfactory.com
pixel.rubiconproject.com
pixel.tapad.com
player.vimeo.com
script.hotjar.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
track.hubspot.com
um.simpli.fi
us-u.openx.net
vars.hotjar.com
www.2nd.md
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.94.30
13.224.94.39
13.224.94.96
13.225.80.81
136.144.49.28
142.250.74.194
151.101.112.217
159.253.128.188
169.50.137.176
172.67.196.132
18.203.1.140
184.30.210.81
185.33.221.13
185.94.180.125
216.58.212.130
2600:1901:0:8eee::
2600:1f18:612b:4200:88fd:e884:2151:cdbb
2600:9000:21f3:8a00:6:9a19:88c0:93a1
2606:4700::6811:45b0
2606:4700::6811:80ab
2606:4700::6811:d4cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2002
2a00:1450:4001:817::2004
2a00:1450:4001:81e::200a
2a00:1450:4001:824::2003
2a00:1450:400c:c0c::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.225.136.82
34.120.207.148
35.161.222.207
35.186.180.225
35.227.248.159
35.244.159.8
52.42.134.91
52.48.137.92
52.57.76.228
65.9.7.21
65.9.7.93
69.173.144.139
72.251.249.14
045c04b4ae37bf6f412e9496b605c7eb7a5f6fe8d584c8246be12f2664e7a6f1
064778e998427e1b24a5cdfcc4838be182c768a10336202cc85c18e169ad9bac
06baa575ce9042deb792c95789bb72d74bbc6ea92e585ab02e72cd938b83d527
0728c879991087edcdf1f4e5282fac4f03827a4f7ec312c3fe52e6c26af82d4a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12bad69ea4a493d28cec7eae66c96885a06e03ab0a0cb2efd97d3a5af759a6ff
202752fa7a5a30ee9a7583a23f045e61689f1c5f147f6d8d1fa05e6ab0153858
28218abf458dfaa037bdab364a5bbf1e3a3bf0cbaf65d78519ad1f63c110484e
2a8388f919b5adc030fd72c9645a620120576e2041ec5448755d3db5b1135d0f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
380ee64cf288aef5676771b624696f56868bbaa844c7a953649dc16d583e9e59
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
45c2367422f2c957dfeee525a5704b11621987066336ee5adba8b1429d563f6e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5699c1c6867f4cd2416b586cde3307d24db10d08bcacd62db2af27a96545f3
4db8cbec0dbce84dabdbe6b5d7352774de24c0de56fe76fcc32dc9ea22944a48
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50abc61e7b03242b830c87952972e98d34942ca1c4f9372ec7df14954fc5e912
532c05e2d9fcae01dd7264dc8b02f8cf101ab4ddde02adaa2361bd5091a437ab
556b8a36ce500fd3fed6661f1dcf5e9cdf44a2e5862fb6abf0984ece9c58e6ce
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
6ed34bd7920cb2a481844960a9c0c7c1657cb73c16f7d0e338b83e0f2b6b2fe9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9587590381f820bfed471a61ea1a6f29c1e4f32df48ac7d33a79d24ddd02c8ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
a85b3ac3e18572f1e737966a3b328f95748624e186859567c959079e24f1d23a
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd56241da1a9abe8d650d367e4eb8749664ff103c425f180d17a0b892bf09d1
b6ede40384c0b4d53c5da46f20b0e96750520778f60398de985c429baa1f2353
c033dedc3bf132d8e18ec6f02bd1c2238deb5a60bd188a1659d819395b14a975
c54fac230b996aaf38ce0a7f7b423c3c386b67b48e769ed7fdf6bd9c054b242c
c86950a6b78e26acf6490ea2995aa3934687ada2dd29d306c630e234b96f410e
ca49db8a816240b6bbd4cee919ae47ac83bf39afa9b9ac5f0800b39beb7f2306
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb4e3f37303cdaaff89b4f0d42aa67154be3ef40547051deafb4ef0afa7565
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ebddd17c3cefd87dec926c9e32d15e7dbc331731dbe279fb7fadbfe8aefac5a4
eee1d0ea2b37dacdce65731e1af270d3b965fd68e48dc57847489d345c085056
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef417acb1eb7a0b598a917566e8c2ae52e71b029ec145eed3527b5d73fdf7040
f49ed5154a95ba1e306ce12fe21fc83596bd55865a19a845a075d1a92738fbcd