exchange.gemini.com
Open in
urlscan Pro
99.83.200.252
Public Scan
Effective URL: https://exchange.gemini.com/signin?redirect=ad36a16be0767c139b6c9d9a1b82b3e338e5e8cc-1634473894749-%2F%3F_branch_match_id%3D...
Submission: On October 17 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon on September 1st 2021. Valid for: a year.
This is the only time exchange.gemini.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-250-58.compute-1.amazonaws.com
ablink.news.gemini.com |
ASN16509 (AMAZON-02, US)
geminiexchange.app.link |
ASN16509 (AMAZON-02, US)
PTR: a4793faec64193924.awsglobalaccelerator.com
exchange.gemini.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-115.fra2.r.cloudfront.net
static.gemini.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api.mixpanel.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-90.fra2.r.cloudfront.net
sc-static.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-162.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com | |
identity.mparticle.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-250-168.compute-1.amazonaws.com
data.adxcel-ec2.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
14 | exchange.gemini.com |
1 redirects
exchange.gemini.com
static.gemini.com |
6 | static.gemini.com |
exchange.gemini.com
|
4 | analytics.tiktok.com |
static.gemini.com
analytics.tiktok.com |
3 | bat.bing.com |
static.gemini.com
bat.bing.com exchange.gemini.com |
2 | tr.snapchat.com |
exchange.gemini.com
|
2 | identity.mparticle.com |
static.gemini.com
|
2 | sdk.iad-03.braze.com |
static.gemini.com
|
2 | connect.facebook.net |
static.gemini.com
connect.facebook.net |
2 | api.mixpanel.com |
static.gemini.com
|
2 | www.google-analytics.com |
static.gemini.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.facebook.com |
exchange.gemini.com
|
1 | stats.g.doubleclick.net |
static.gemini.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | alb.reddit.com |
exchange.gemini.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | data.adxcel-ec2.com |
exchange.gemini.com
|
1 | jssdkcdns.mparticle.com |
static.gemini.com
|
1 | www.redditstatic.com |
static.gemini.com
|
1 | sc-static.net |
static.gemini.com
|
1 | www.googletagmanager.com |
static.gemini.com
|
1 | fonts.googleapis.com |
exchange.gemini.com
|
1 | geminiexchange.app.link | 1 redirects |
1 | ablink.news.gemini.com | 1 redirects |
0 | cx.atdmt.com Failed | |
0 | www.google.de Failed |
exchange.gemini.com
|
0 | www.google.com Failed |
exchange.gemini.com
|
0 | static.ads-twitter.com Failed |
static.gemini.com
|
0 | snap.licdn.com Failed |
static.gemini.com
|
60 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
gemini.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
exchange.gemini.com Amazon |
2021-09-01 - 2022-09-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.mixpanel.com GeoTrust RSA CA 2018 |
2020-04-20 - 2022-04-21 |
2 years | crt.sh |
sc-static.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-11 - 2022-02-15 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-09-09 - 2021-12-08 |
3 months | crt.sh |
*.tiktok.com RapidSSL RSA CA 2018 |
2019-11-14 - 2022-01-12 |
2 years | crt.sh |
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-05 - 2022-04-02 |
6 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-09-30 - 2022-03-30 |
6 months | crt.sh |
jssdkcdns.mparticle.com R3 |
2021-08-29 - 2021-11-27 |
3 months | crt.sh |
adxcel-ec2.com Amazon |
2021-06-04 - 2022-07-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-05 - 2022-04-02 |
6 months | crt.sh |
*.iad-03.braze.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-05-03 - 2022-06-04 |
a year | crt.sh |
identity.mparticle.com Go Daddy Secure Certificate Authority - G2 |
2021-07-07 - 2022-08-08 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-19 - 2022-01-23 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
https://exchange.gemini.com/signin?redirect=ad36a16be0767c139b6c9d9a1b82b3e338e5e8cc-1634473894749-%2F%3F_branch_match_id%3D978261294042014221%26utm_source%3Demail%26utm_campaign%3DOnboarding%26utm_medium%3DSSN
Frame ID: 57F77E3D6C674ACC50EE17C3743536C0
Requests: 49 HTTP requests in this frame
Frame:
https://exchange.gemini.com/collect-csp
Frame ID: E5E01F3EB60AA79F7BD1282A92D70D98
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=a6f1d525-34a9-431b-889e-1e7495e83eab
Frame ID: 61C326816ECA2D1AD1FBE83EBC4FC85D
Requests: 2 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: BBD7C6AA9B9040A35F4E36646A0BC41B
Requests: 2 HTTP requests in this frame
Frame:
https://exchange.gemini.com/collect-csp
Frame ID: 60AC61BDB319E6F4F8DA99E8F8AC983B
Requests: 1 HTTP requests in this frame
Frame:
https://exchange.gemini.com/collect-csp
Frame ID: 05BAD731551F6555F2C03CEECEC87BC0
Requests: 1 HTTP requests in this frame
Frame:
https://exchange.gemini.com/collect-csp
Frame ID: 7BB32F5F7E59A6E7920B3F7A86E0ADBF
Requests: 1 HTTP requests in this frame
Frame:
https://exchange.gemini.com/collect-csp
Frame ID: E6A3AD9E9CCFCDF33A5602D95AC4D90D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Gemini - Sign InPage URL History Show full URLs
-
https://ablink.news.gemini.com/ls/click?upn=T9IAXW2s7zzgi1VjPjz4O-2FGHYxluw6s9prqT1cxKMsVXyQny2DcFTFs9fGan4...
HTTP 302
https://geminiexchange.app.link/4gJUEYKkX4 HTTP 307
https://exchange.gemini.com/?_branch_match_id=978261294042014221&utm_source=email&utm_campaign=Onboardin... HTTP 303
https://exchange.gemini.com/signin?redirect=ad36a16be0767c139b6c9d9a1b82b3e338e5e8cc-1634473894749-%2F%3... Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Mixpanel (Analytics) Expand
Detected patterns
- api\.mixpanel\.com/track
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Legal Notice
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ablink.news.gemini.com/ls/click?upn=T9IAXW2s7zzgi1VjPjz4O-2FGHYxluw6s9prqT1cxKMsVXyQny2DcFTFs9fGan4pfsGc9QJkCNtjmqKiPctGKjOA-3D-3DyFbv_EoYTzKPAfOrKYDqYJFwg2y9MNXwusvLD1Im04KUvvJJ-2BGAvagDyhVVrV2OE3EyS6sDE20vF4tsKTnRd6A4TirpjcAW507PuX1ynSLUfLZCMKtGy4uoJ6xvVbpPIEBszDZHPlufUuX-2BowZZ4yQK-2F-2BIMtW46zJnXiuUeqaJKyYtRuLYoNBCs47-2BKE5h1JgtImrNIaZ7ULVtayx72PanDv3FdE0KC-2FWVLdpuHSmAENw-2BN8lnzM-2BgTDcZ6ToR-2FOTCp5cl6ZYyEjeLikHVJl6NFSjrISOQyjzw-2BHysrLqxPPJgZNbKQRKJu9uYSAuCDi2HwSYukIlQTUq0dJDRayQptHbTgf3wwLSPt8EPmUceXJm-2FTPyvPoUxe0-2BqPSBpmvRzvVoSf6H180prYInaSXnJCFBw8bHvyjv1TvS-2B-2FUwdnftDNQlv-2BroySbltJv7oOTP5vxE90ruuJxwGHIp90U1vJtTArdaF7wu8dxpYAJ-2F-2BAYmNCDm7CRpjw0SL-2Fg-2F5-2F58rkjux7zJLmTCoaMWEfb2t3gWpEme2i-2BUpNqjjUhwj5TV0dbLChz9hnZ2FvLsEifmxp5xSTsuh-2FUABTtGfFakubOVgZfkI0NOAVJmWgEkq0qmY6u1SLBElnavW6F16-2B5fppx7dgc-2Fwg6sQtUA8t9625L2n-2BmNwkhAVGmgFTitnqVjKUj-2By2wbEcp7HpdI2F50BZd3ODH-2Fp3BdT7J4Yu3mgDKUnDWPcu-2BE7f37VOvikfAMI2k-3D
HTTP 302
https://geminiexchange.app.link/4gJUEYKkX4 HTTP 307
https://exchange.gemini.com/?_branch_match_id=978261294042014221&utm_source=email&utm_campaign=Onboarding&utm_medium=SSN HTTP 303
https://exchange.gemini.com/signin?redirect=ad36a16be0767c139b6c9d9a1b82b3e338e5e8cc-1634473894749-%2F%3F_branch_match_id%3D978261294042014221%26utm_source%3Demail%26utm_campaign%3DOnboarding%26utm_medium%3DSSN Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 57- https://www.facebook.com/tr/?id=330632917740535&ev=Microdata&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3Dad36a16be0767c139b6c9d9a1b82b3e338e5e8cc-1634473894749-%252F%253F_branch_match_id%253D978261294042014221%2526utm_source%253Demail%2526utm_campaign%253DOnboarding%2526utm_medium%253DSSN&rl=&if=false&ts=1634473897050&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gemini%20-%20Sign%20In%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634473895546.1481672632&it=1634473895466&coo=false&es=automatic&tm=3&exp=p0&rqm=GET HTTP 0
- https://cx.atdmt.com/?c=5159006362825312396&f=AYxrP7nrlb0z81im8i59Th5Ep47EPmbsrM9t6T9aWY9CP_2-9vrS_rEpBufqSOqvRgGWaI68UgohHv9oDuoON842&id=330632917740535&l=3&v=0
60 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
signin
exchange.gemini.com/ Redirect Chain
|
117 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.4d2a6b32db24af30e23e.css
static.gemini.com/js/ |
156 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
54.f5c54ee3714ddd737095.css
static.gemini.com/js/ |
19 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.19cf2cf62ae39a9dec05.js
static.gemini.com/js/ |
1 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.4d2a6b32db24af30e23e.js
static.gemini.com/js/ |
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.525f4948f514441c6eb5.js
static.gemini.com/js/ |
17 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
54.f5c54ee3714ddd737095.js
static.gemini.com/js/ |
17 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect-csp
exchange.gemini.com/ Frame E5E0 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
96 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.mixpanel.com/decide/ |
65 B 140 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.mixpanel.com/track/ |
1 B 347 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
113 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js
www.redditstatic.com/ads/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
34 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-9341b563b906e240959bd329502851f2/ |
366 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
uwt.js
static.ads-twitter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
data.adxcel-ec2.com/pixel/ |
43 B 131 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ |
36 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 211 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
330632917740535
connect.facebook.net/signals/config/ |
490 KB 144 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56372295.js
bat.bing.com/p/action/ |
0 109 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 150 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp.gif
alb.reddit.com/ |
42 B 125 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
sdk.iad-03.braze.com/api/v3/data/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
identify
identity.mparticle.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
sdk.iad-03.braze.com/api/v3/data/ |
268 B 444 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
identify
identity.mparticle.com/v1/ |
175 B 274 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect-csp
exchange.gemini.com/ Frame 61C3 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
37 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame 61C3 |
0 262 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect-csp
exchange.gemini.com/ Frame BBD7 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ Frame BBD7 |
0 205 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 426 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.com/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.de/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify.js
analytics.tiktok.com/i18n/pixel/ |
114 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ Frame 60AC |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ Frame 05BA |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ Frame 7BB3 |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ Frame E6A3 |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
analytics.tiktok.com/i18n/pixel/ |
695 B 914 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.google.com/pagead/1p-user-list/538501539/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.google.de/pagead/1p-user-list/538501539/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 568 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
cx.atdmt.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect-csp
exchange.gemini.com/ |
0 3 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- exchange.gemini.com
- URL
- https://exchange.gemini.com/collect-csp
- Domain
- snap.licdn.com
- URL
- https://snap.licdn.com/li.lms-analytics/insight.min.js
- Domain
- static.ads-twitter.com
- URL
- https://static.ads-twitter.com/uwt.js
- Domain
- exchange.gemini.com
- URL
- https://exchange.gemini.com/collect-csp
- Domain
- exchange.gemini.com
- URL
- https://exchange.gemini.com/collect-csp
- Domain
- www.google.com
- URL
- https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-57271391-1&cid=1744275538.1634473895&jid=1077627235&_u=IEBAAEAAAAAAAC~&z=1925802970
- Domain
- www.google.de
- URL
- https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-57271391-1&cid=1744275538.1634473895&jid=1077627235&_u=IEBAAEAAAAAAAC~&z=1925802970
- Domain
- www.google.com
- URL
- https://www.google.com/pagead/1p-user-list/538501539/?random=1634473895581&cv=9&fst=1634472000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaad0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3Dad36a16be0767c139b6c9d9a1b82b3e338e5e8cc-1634473894749-%252F%253F_branch_match_id%253D978261294042014221%2526utm_source%253Demail%2526utm_campaign%253DOnboarding%2526utm_medium%253DSSN&tiba=Gemini%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=42603580&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
- Domain
- www.google.de
- URL
- https://www.google.de/pagead/1p-user-list/538501539/?random=1634473895581&cv=9&fst=1634472000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaad0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3Dad36a16be0767c139b6c9d9a1b82b3e338e5e8cc-1634473894749-%252F%253F_branch_match_id%253D978261294042014221%2526utm_source%253Demail%2526utm_campaign%253DOnboarding%2526utm_medium%253DSSN&tiba=Gemini%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=42603580&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
- Domain
- cx.atdmt.com
- URL
- https://cx.atdmt.com/?c=5159006362825312396&f=AYxrP7nrlb0z81im8i59Th5Ep47EPmbsrM9t6T9aWY9CP_2-9vrS_rEpBufqSOqvRgGWaI68UgohHv9oDuoON842&id=330632917740535&l=3&v=0
Verdicts & Comments Add Verdict or Comment
64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ function| sprintf function| vsprintf function| jQuery function| $ function| debugTool object| initialData object| optimizelyData string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer string| _linkedin_partner_id object| _linkedin_data_partner_ids function| snaptr function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| rdt object| uetq object| mParticle function| twq function| applyFocusVisiblePolyfill object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| triedToSendCookieToNative object| WebJSBridge object| google_tag_manager function| UET function| UET_init function| UET_push object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| mpAppboyKit object| appboy object| JSON3 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sc-static.net/scevent.min.js | Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e |
|
.app.link/ | Name: _s Value: AUwJgmTC%2FsVFA4LGHr887MztT%2BXd3ewpPPBw%2BzI5FjedeMIGSt2SL6RZJlv90Iuk |
|
.exchange.gemini.com/ | Name: GEMINI_SESSION2 Value: eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6ImViYzU0M2ZjMWU0MjA0NzBkYTE0YjllYzVkYjYyNWRhYjk1MjE3OWItMTYzNDQ3Mzg5NDkxNC1hNDFjMGRjZDQ0YjdkZTU4MTczMmI5ZDUifSwibmJmIjoxNjM0NDczODk0LCJpYXQiOjE2MzQ0NzM4OTR9.2nUqTTr6wfKVUeYXenKUi-pABTdVe5v3a5b4dc5CkSs |
|
.gemini.com/ | Name: mp_d63e727b7647b63c44007c4c8876cb81_mixpanel Value: %7B%22distinct_id%22%3A%20%2217c8e3c65286ce-0b639cc06a8822-a7d193d-1d4c00-17c8e3c652910e2%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22Feature%3A%20web_mparticle%22%3A%20true%7D |
|
.bing.com/ | Name: MUID Value: 2B5E9DF391126B0F219D8D2090796A5C |
|
.gemini.com/ | Name: _ga Value: GA1.2.1744275538.1634473895 |
|
.gemini.com/ | Name: _gid Value: GA1.2.601108247.1634473895 |
|
.gemini.com/ | Name: _gat Value: 1 |
|
.gemini.com/ | Name: _uetsid Value: 2ad89da02f4611ec96a747664c314369 |
|
.gemini.com/ | Name: _uetvid Value: 2ad8a8602f4611ec86a051f7f59a65e3 |
|
.gemini.com/ | Name: _rdt_uuid Value: 1634473895472.bdd578cb-0106-4b64-afff-e43159987328 |
|
.gemini.com/ | Name: ab.storage.sessionId.f7c7991a-0419-4e08-acae-40e64d232a89 Value: %7B%22g%22%3A%22f66eae66-d2f1-44d0-0db3-a2525960cb0c%22%2C%22e%22%3A1634475695486%2C%22c%22%3A1634473895487%2C%22l%22%3A1634473895487%7D |
|
.gemini.com/ | Name: ab.storage.deviceId.f7c7991a-0419-4e08-acae-40e64d232a89 Value: %7B%22g%22%3A%2211a40a8a-c593-171a-8395-c0af3e9cecf1%22%2C%22c%22%3A1634473895488%2C%22l%22%3A1634473895488%7D |
|
.gemini.com/ | Name: _gcl_au Value: 1.1.497616650.1634473896 |
|
.gemini.com/ | Name: _scid Value: 45fc68ee-ce8b-4794-807f-4bda10939909 |
|
.gemini.com/ | Name: _fbp Value: fb.1.1634473895546.1481672632 |
|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIlPccB0WnYHjbxyc9hlCWBCnfQ4AV1fSdC8YK754uqiFY1uMD2KFDuTIAAAA= |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.facebook.com/ | Name: fr Value: 0V7aNwktop9IXZaTU..BhbBen..GFs.1.0.BhbBen. |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.mparticle.com *.braze.com static.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com static.gemini.com www.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.mparticle.com *.braze.com wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://js.verygoodvault.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com static.gemini.com www.gemini.com |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload; |
X-Content-Security-Policy | report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.mparticle.com *.braze.com static.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com static.gemini.com www.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.mparticle.com *.braze.com wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://js.verygoodvault.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com static.gemini.com www.gemini.com |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ablink.news.gemini.com
alb.reddit.com
analytics.tiktok.com
api.mixpanel.com
bat.bing.com
connect.facebook.net
cx.atdmt.com
data.adxcel-ec2.com
exchange.gemini.com
fonts.googleapis.com
fonts.gstatic.com
geminiexchange.app.link
googleads.g.doubleclick.net
identity.mparticle.com
jssdkcdns.mparticle.com
sc-static.net
sdk.iad-03.braze.com
snap.licdn.com
static.ads-twitter.com
static.gemini.com
stats.g.doubleclick.net
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
cx.atdmt.com
exchange.gemini.com
snap.licdn.com
static.ads-twitter.com
www.google.com
www.google.de
13.225.87.115
13.225.87.90
130.211.34.183
142.250.184.194
151.101.1.208
151.101.193.140
2.16.186.162
2600:9000:20eb:d400:19:9934:6a80:93a1
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:808::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::645
2a04:4e42:600::396
34.195.250.58
35.186.226.184
54.86.250.168
99.83.200.252
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13d5338edaecffcf1c877dca45fa5c2b750f98be6a2165b2f85de825a6df2035
23cd089a52661be726f2aa483f79a071a918c1b7362ee05b6cf005dcaf417026
37d83f683d5b07733bc0441b6581fc51dcd59d850828bf27f78af6b7a69ab07d
43019a72dcb1655cbc4ffeb9398d92acdc74acf734abc0a9d248a9364b8761f7
43a16049875ee5ba17139319ca5619f92604e6419af62a438023571cf1c0b2c8
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
5a3a746e908970b22d52c48c94e2dfae214c4592932104decab50fdfa85a80c9
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
648a0c8aeb6115e9abfc80460234f019af3ced5d454785682d1be65633b09f7f
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9645a941af7b17bae7a09b724cd62fe65fb92bea6098f57180ae1322d64cff
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9e94bcf97e2334d694d44134d717c234f6dd65add0951cb80fb6f8af1d3c095c
a192f064097fe9d748a2c1fe2293a004016761fe24402a54c0e5b24d33e4e5fd
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b90958b205b086c9e90031f146cb33adfa39e67445b36923291e816e6ef991b7
c9afff5df4b4645b82df53592d3db9e641c1393027d0224db719a2e6f9aeefcb
cebdf860f802ba3a8a596176e5050bb9244f4c4c6ae90bf922c8de1a9dbe5e12
d3eb497da76218eef054324a3383eba493b26695453c3f520a05e743c5bbbb83
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
ebec946f4adb13b35b62d573ec1c6fdbdd34cd63cff82f745334b43d5e630e2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd7cb07fa2fcdc2b67a079d305a625582ef67bccd3d17a53c63293cb183b9cfc