![](/screenshots/d542255b-6792-4033-9564-5360ccbcc040.png)
www.thomsonreuters.com
Open in
urlscan Pro
2600:9000:2190:a200:14:3ae0:e280:93a1
Public Scan
Effective URL: https://www.thomsonreuters.com/en-us/posts/investigation-fraud-and-risk/forum-fight-fraud-data-analytics/
Submission: On August 18 via api from US
Summary
TLS certificate: Issued by COMODO RSA Organization Validation Se... on May 9th 2020. Valid for: 2 years.
This is the only time www.thomsonreuters.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN33517 (DYNDNS, US)
PTR: vip.track6-01-ussnn1.prod.dc.dyndns.com
link.email.dynect.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-38-37.compute-1.amazonaws.com
ettugyydami.hatchbuck.com |
ASN16509 (AMAZON-02, US)
www.thomsonreuters.com |
ASN16509 (AMAZON-02, US)
app-data.gcs.trstatic.net |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
dpm.demdex.net | |
westthomson.demdex.net |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com
j.6sc.co | |
c.6sc.co | |
b.6sc.co |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
westthomsoncom.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-88-158.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
ml314.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net |
ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com |
Domain | Requested by | |
---|---|---|
16 | app-data.gcs.trstatic.net |
www.thomsonreuters.com
app-data.gcs.trstatic.net |
15 | www.thomsonreuters.com |
www.thomsonreuters.com
|
11 | b.6sc.co | |
7 | dpm.demdex.net |
assets.adobedtm.com
www.thomsonreuters.com |
6 | cdn.cookielaw.org |
www.thomsonreuters.com
cdn.cookielaw.org |
2 | sync.crwdcntrl.net | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
2 | idsync.rlcdn.com | 2 redirects |
2 | westthomsoncom.sc.omtrdc.net |
assets.adobedtm.com
www.thomsonreuters.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | assets.adobedtm.com |
www.thomsonreuters.com
assets.adobedtm.com |
1 | c.6sc.co |
j.6sc.co
|
1 | secure.adnxs.com |
j.6sc.co
|
1 | bttrack.com |
www.thomsonreuters.com
|
1 | ml314.com | 1 redirects |
1 | pixel.quantserve.com | 1 redirects |
1 | www.google.de |
www.thomsonreuters.com
|
1 | www.google.com |
www.thomsonreuters.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | cm.everesttech.net | 1 redirects |
1 | westthomson.demdex.net |
assets.adobedtm.com
|
1 | j.6sc.co |
www.thomsonreuters.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | www.googletagmanager.com |
www.thomsonreuters.com
|
1 | ettugyydami.hatchbuck.com | 1 redirects |
1 | link.email.dynect.net | 1 redirects |
0 | partner.mediawallahscript.com Failed | |
72 | 27 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.thomsonreuters.com COMODO RSA Organization Validation Secure Server CA |
2020-05-09 - 2022-05-09 |
2 years | crt.sh |
app-data.gcs.trstatic.net COMODO RSA Organization Validation Secure Server CA |
2020-08-17 - 2022-08-17 |
2 years | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2021-06-01 - 2022-05-31 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2021-02-12 - 2022-02-11 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
*.6sc.co DigiCert SHA2 Secure Server CA |
2021-03-09 - 2022-03-16 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-10-29 - 2021-11-29 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA |
2021-03-29 - 2022-03-29 |
a year | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2021-03-05 - 2022-02-19 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.thomsonreuters.com/en-us/posts/investigation-fraud-and-risk/forum-fight-fraud-data-analytics/
Frame ID: 0C6BA15AFDEA653AC47F71A4885E7CE3
Requests: 64 HTTP requests in this frame
Frame:
https://westthomson.demdex.net/dest5.html?d_nsid=0
Frame ID: 383C7B45A7327778EBDBFC050617E940
Requests: 8 HTTP requests in this frame
Screenshot
![](/screenshots/d542255b-6792-4033-9564-5360ccbcc040.png)
Page URL History Show full URLs
-
http://link.email.dynect.net/link.php?DynEngagement=true&H=ltqmAiFyUus3V9RIZo7G2GvP5ZEKnzR2GJf36yV3Tq825o...
HTTP 302
https://ettugyydami.hatchbuck.com/TrackLinkClick?ID2=4l3mP_B8Bz4oazfH3JumJSmqKzENy7J-S10URupEPTV31FDgmoteRA2sM... HTTP 302
https://www.thomsonreuters.com/en-us/posts/investigation-fraud-and-risk/forum-fight-fraud-data-analytics/ Page URL
Detected technologies
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Detected patterns
- url /\.php(?:$|\?)/i
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Detected patterns
- headers via /\(CloudFront\)$/i
Detected patterns
- headers via /\(CloudFront\)$/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: 2021 Government Fraud, Waste, and Abuse Study
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Annual report
Search URL Search Domain Scan URL
Title: Investor relations
Search URL Search Domain Scan URL
Title: Core publishing solutions
Search URL Search Domain Scan URL
Title: Innovation @ Thomson Reuters
Search URL Search Domain Scan URL
Title: Investors
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: For CA: Do not sell my information
Search URL Search Domain Scan URL
Title: More information
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://link.email.dynect.net/link.php?DynEngagement=true&H=ltqmAiFyUus3V9RIZo7G2GvP5ZEKnzR2GJf36yV3Tq825obIDAJ0ygBcrkD9dy3Ple7zSs6xNwwgogWMrcENMvqNZUJUkFS9iLXu0NiSOu6rTwRUDg4U0TrR006GTyLfYzexnwLJNac%3D&G=0&R=https%3A%2F%2FETTUGYYDAMI.hatchbuck.com%2FTrackLinkClick%3FID2%3D4l3mP_B8Bz4oazfH3JumJSmqKzENy7J-S10URupEPTV31FDgmoteRA2sMzeLbJso0&I=20210818190215.0000000cc92a%40mail6-61-ussnn1&X=MHwxMjU5MjE4OjIwMjc0NDU2MDE7MXwxMjU5MjE5OjE3MTEwNDA2NDs%3D&V=3&S=aEvGyF2YA2s3ai3PfqMXUlEuk7ViuafqWYrND1_4gko
HTTP 302
https://ettugyydami.hatchbuck.com/TrackLinkClick?ID2=4l3mP_B8Bz4oazfH3JumJSmqKzENy7J-S10URupEPTV31FDgmoteRA2sMzeLbJso0 HTTP 302
https://www.thomsonreuters.com/en-us/posts/investigation-fraud-and-risk/forum-fight-fraud-data-analytics/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 42- https://cm.everesttech.net/cm/dd?d_uuid=29544561313733206573055700461417906523 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YR1gggADm2sURABg&d_uuid=29544561313733206573055700461417906523
- https://idsync.rlcdn.com/365868.gif?partner_uid=29544561313733206573055700461417906523 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMjk1NDQ1NjEzMTM3MzMyMDY1NzMwNTU3MDA0NjE0MTc5MDY1MjMQABoNCIPB9YgGEgUI6AcQAEIASgA HTTP 307
- https://dpm.demdex.net/ibs:dpid=477&dpuuid=1d91c1bb0cd210e7195a793f8931e1222d96edb2b884efb7cfb7ee71ca00078bb0da87c991749652
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
- https://dpm.demdex.net/ibs:dpid=903&dpuuid=e3a6c991-284f-46d7-a314-cfc6041b4761
- https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=ikTAyYpFyZmRQZWUj0Lcz4lCyZ-RTcCYhUXeQWM4
- https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
- https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3620965810259886100
- https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=29544561313733206573055700461417906523?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=29544561313733206573055700461417906523?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d9b657f83cc33b1ce2d6b72cf06ca763
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.thomsonreuters.com/en-us/posts/investigation-fraud-and-risk/forum-fight-fraud-data-analytics/ Redirect Chain
|
95 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
www.thomsonreuters.com/en-us/posts/wp-includes/css/dist/block-library/ |
50 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tac.css
www.thomsonreuters.com/en-us/posts/wp-content/themes/tac/assets/css/ |
97 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
app-data.gcs.trstatic.net/emcm-ui/bundle/v20.3.1/ |
240 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.thomsonreuters.com/en-us/posts/wp-content/themes/tac/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
head.js
app-data.gcs.trstatic.net/emcm-ui/bundle/v20.3.1/ |
1 KB 1020 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
app-data.gcs.trstatic.net/emcm-ui/bundle/v20.3.1/ |
542 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
www.thomsonreuters.com/en-us/posts/wp-content/themes/tac/assets/js/ |
170 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.thomsonreuters.com/en-us/posts/wp-content/themes/tac/assets/js/ |
151 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
www.thomsonreuters.com/en-us/posts/wp-content/themes/tac/assets/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc36dccc-c0f7-4c85-a77d-8ecb434e7023.json
cdn.cookielaw.org/consent/bc36dccc-c0f7-4c85-a77d-8ecb434e7023/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-46a89e0a20a8.min.js
assets.adobedtm.com/fcbff6e82c08/143f2e35b297/ |
173 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
110 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_h_lg_rgb_ps.svg
www.thomsonreuters.com/en-us/posts/wp-content/themes/tac/assets/media/svg/ |
24 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tac-sprite.png
www.thomsonreuters.com/en-us/posts/wp-content/themes/tac/assets/media/png/ |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_h_lg_rgb_rv.svg
www.thomsonreuters.com/en-us/posts/wp-content/themes/tac/assets/media/svg/ |
24 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knowledge2017-regular-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ |
38 KB 39 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knowledge2017-medium-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ |
38 KB 39 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knowledge2017-bold-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ |
36 KB 37 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knowledge2017-light-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ |
38 KB 39 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knowledge2017-mediumitalic-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ |
40 KB 40 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knowledge2017-bolditalic-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ |
40 KB 41 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knowledge2017-black-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ |
39 KB 39 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
knowledge2017-regularitalic-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ |
42 KB 43 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Better-Way-to-Fight-Fraud-image-800x450.jpg
www.thomsonreuters.com/en-us/posts/wp-content/uploads/sites/20/2021/06/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image-7-370x208.jpg
www.thomsonreuters.com/en-us/posts/wp-content/uploads/sites/20/2021/07/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
covid-19-virus-2-370x208.jpg
www.thomsonreuters.com/en-us/posts/wp-content/uploads/sites/20/2020/04/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Money-Laundering-370x208.jpg
www.thomsonreuters.com/en-us/posts/wp-content/uploads/sites/20/2019/05/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BEPS-Action-370x208.jpg
www.thomsonreuters.com/en-us/posts/wp-content/uploads/sites/20/2016/08/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
app-data.gcs.trstatic.net/emcm-ui/bundle/v20.3.1/ |
24 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.js
app-data.gcs.trstatic.net/emcm-ui/bundle/v20.3.1/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.js
app-data.gcs.trstatic.net/emcm-ui/bundle/v20.3.1/ |
42 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.js
app-data.gcs.trstatic.net/emcm-ui/bundle/v20.3.1/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21.js
app-data.gcs.trstatic.net/emcm-ui/bundle/v20.3.1/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
164 B 224 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EX216a9a1b8de649629413ebb8335208b9-libraryCode_source.min.js
assets.adobedtm.com/fcbff6e82c08/143f2e35b297/cd7d8bdb87e9/ |
43 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6si.min.js
j.6sc.co/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.5.0/ |
325 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
westthomson.demdex.net/ Frame 383C |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
westthomsoncom.sc.omtrdc.net/ |
2 B 321 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YR1gggADm2sURABg&d_uuid=29544561313733206573055700461417906523
dpm.demdex.net/ Redirect Chain
|
0 849 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/bc36dccc-c0f7-4c85-a77d-8ecb434e7023/ff059805-8ecd-4595-8c8d-1d261c8669b7/ |
76 KB 13 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ |
12 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ |
61 KB 15 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 93 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s22873179758484
westthomsoncom.sc.omtrdc.net/b/ss/thacctrglobalprod,thacctrcomprod/1/JS-2.9.0-LBSQ/ |
43 B 223 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=477&dpuuid=1d91c1bb0cd210e7195a793f8931e1222d96edb2b884efb7cfb7ee71ca00078bb0da87c991749652
dpm.demdex.net/ Frame 383C Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=903&dpuuid=e3a6c991-284f-46d7-a314-cfc6041b4761
dpm.demdex.net/ Frame 383C Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1175&gdpr=0&dpuuid=ikTAyYpFyZmRQZWUj0Lcz4lCyZ-RTcCYhUXeQWM4
dpm.demdex.net/ Frame 383C Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=22052&dpuuid=3620965810259886100
dpm.demdex.net/ Frame 383C Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user
bttrack.com/dmp/adobe/ Frame 383C |
35 B 380 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=121998&dpuuid=d9b657f83cc33b1ce2d6b72cf06ca763
dpm.demdex.net/ Frame 383C Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuidj
secure.adnxs.com/ |
29 B 869 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
c.6sc.co/ |
47 B 378 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
partner.mediawallahscript.com/ Frame 383C |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.gif
b.6sc.co/v1/beacon/ |
43 B 774 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- partner.mediawallahscript.com
- URL
- https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=29544561313733206573055700461417906523&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb
Verdicts & Comments Add Verdict or Comment
75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| gform object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| digitalData function| getKeyValue function| allowPerformanceCookies string| launchScriptSrc object| launchScript string| gtmID object| gtmScript object| webpackJsonp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| ewp function| $ function| jQuery function| FastClick object| pym object| trLocalized object| global object| System function| asap function| Observable boolean| _babelPolyfill object| tr object| jQuery112003047365902398793 function| jsonFeed object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| _6si object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| otStubData function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media string| domain string| s_account object| s number| s_objectID number| s_giq object| gaplugins object| gaGlobal object| gaData function| _UA-49136336-6_sendHitTask object| Optanon object| OneTrust object| s_i_thacctrglobalprod_thacctrcomprod16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: dextp Value: 144230-1-1629315202224|144231-1-1629315202325|144232-1-1629315202426|144233-1-1629315202527|144234-1-1629315202632|144235-1-1629315202733|144236-1-1629315202834|144237-1-1629315202935|134084-1-1629315203036|60-1-1629315203630|477-1-1629315203731|903-1-1629315203834|1175-1-1629315203935|22052-1-1629315204036|49276-1-1629315204137|121998-1-1629315204238 |
|
.thomsonreuters.com/ | Name: s_ppv Value: trcorp-blog%253Ainvestigation-fraud-and-risk%253Aforum-fight-fraud-data-analytics%2C23%2C23%2C1200%2C1%2C4 |
|
.thomsonreuters.com/ | Name: _ga Value: GA1.2.173327125.1629315203 |
|
.thomsonreuters.com/ | Name: s_ips Value: 1200 |
|
.thomsonreuters.com/ | Name: gpv_pu Value: https%3A%2F%2Fwww.thomsonreuters.com%2Fen-us%2Fposts%2Finvestigation-fraud-and-risk%2Fforum-fight-fraud-data-analytics%2F |
|
.thomsonreuters.com/ | Name: AMCV_A7D63BC75245AE300A490D4D%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18858%7CMCMID%7C29851076821577889353027943751222392717%7CMCAAMLH-1629920003%7C6%7CMCAAMB-1629920003%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1629322403s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0 |
|
.demdex.net/ | Name: demdex Value: 29544561313733206573055700461417906523 |
|
.thomsonreuters.com/ | Name: _gat_UA-49136336-6 Value: 1 |
|
.thomsonreuters.com/ | Name: _gid Value: GA1.2.626315283.1629315203 |
|
.thomsonreuters.com/ | Name: s_tp Value: 5242 |
|
www.thomsonreuters.com/ | Name: AWSALBCORS Value: lZu3FIFyWaqRcyI1xXoqmtiyS6Yq66gNC0B0LMiyao781lZKK8SLT+yZXvZVyX3D5REUTT9CvteJM7c6+kDrUCHMDnpWGxicgetfYBANZHBegYiJzEnq0WI216zp |
|
.thomsonreuters.com/ | Name: AMCVS_A7D63BC75245AE300A490D4D%40AdobeOrg Value: 1 |
|
.thomsonreuters.com/ | Name: s_cc Value: true |
|
.thomsonreuters.com/ | Name: gpv_pn Value: trcorp-blog%3Ainvestigation-fraud-and-risk%3Aforum-fight-fraud-data-analytics |
|
www.thomsonreuters.com/ | Name: tr_ewp_tracking_params Value: {} |
|
www.thomsonreuters.com/ | Name: AWSALB Value: lZu3FIFyWaqRcyI1xXoqmtiyS6Yq66gNC0B0LMiyao781lZKK8SLT+yZXvZVyX3D5REUTT9CvteJM7c6+kDrUCHMDnpWGxicgetfYBANZHBegYiJzEnq0WI216zp |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app-data.gcs.trstatic.net
assets.adobedtm.com
b.6sc.co
bttrack.com
c.6sc.co
cdn.cookielaw.org
cm.everesttech.net
dpm.demdex.net
ettugyydami.hatchbuck.com
geolocation.onetrust.com
idsync.rlcdn.com
j.6sc.co
link.email.dynect.net
match.adsrvr.org
ml314.com
partner.mediawallahscript.com
pixel.quantserve.com
secure.adnxs.com
stats.g.doubleclick.net
sync.crwdcntrl.net
westthomson.demdex.net
westthomsoncom.sc.omtrdc.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.thomsonreuters.com
partner.mediawallahscript.com
104.111.233.140
13.248.242.197
15.236.176.210
162.88.175.18
185.33.221.91
192.132.33.46
2600:9000:2190:9200:15:d837:3240:93a1
2600:9000:2190:a200:14:3ae0:e280:93a1
2606:4700:10::6814:b944
2606:4700::6810:9440
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c08::9a
2a02:26f0:6c00:28a::1e80
34.193.38.37
35.244.174.68
52.19.22.209
52.212.101.97
52.51.88.158
54.229.143.145
91.228.74.189
00fc77eebce769b567c9410f0cd4e8ed65b2db13e62c0aadb9c709d754d87dd7
013958ae6391adf997b8c8288dc2252e78394caed4fdce6ae0ea5ec6959f13bb
03e2d3271df931375df30571523d14455fcd58326edbe79b1f03818a774eaacc
0d6b8e0f7a50fc4f47aa8cee532ff86ecb928e9d27901e43f822f1e69df94e52
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
20c0277f47505d84f3c620421e8ac5f1f0f19977d4a36c5fd77f59901788b105
23f49e4223bd50fd3e79e2098c171017f9f05185aa2a79b5fce534daae50fe73
23fae4dd534d36650ab18aaad79e5c9156027533d3bb9238333559619e0f15ac
2e6a0a9418dabb8a9c990fc942c54c811c0a200e2fc3fc576b56608c6c1bc66f
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4565897cd2f88696f4dbf1fbae875ff211e8a63794f0dd2af665c95a5e1933d4
4660eb3ad40f01dae470fe3b4ee4498e444f6fb87018372db86b2b544045c3a5
46eb6c599ce54e4f1d797c66231910817b93f2e66833184da74056139623ea0d
4909f07473c5ad2c8eeb0b0cdefa79a86602f7f702958badcc00a75b411b4128
4ee96dfcedf57f793fcbc9dbe3ceb1425538eedae55952a8cc5cbea393f8853a
53b30076eb50d2bcd947a7c3c5ac8621fc917582ac5c5ad54d0b384d28c15014
676736bf6734f185b443dc222c50bd889251808c5f80e0e0c1244792066b040a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
75543d33561f0cfaf1694099df2e0eef958036ec84e669a67908ecdcebf3aa5f
760e05de202d4c71c966158473cf030afe6de10c0723a55637bdea19b7c97258
774971968bfb2ae6b0eb067d3a164e4465769d6ba16c2f962c9c8f90f48ea0e3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8636d954d733e827de42c0ae4c32ac187635c23f9cdec11090e5a52e8ab9d697
890f0fd6ea3e3b14185ac5d5630c35d5bea12988f33079a1b63eee441e67bf8a
95a205870e9a1ac067da7aa0768d1a0979da85782672dc4920ca2dd065033563
9c17b63f2498c28f076be310982149501278e3decb9f44c53c47de65f7a923a8
9d4bafd2bec5f630d13e81afa5d26296ce2a4d09fc8763874f94af55cc92ded8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a27e78f73afaa14c06e72a2e1f457501a44631351c1c4f92b1ec1140ac880427
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a
ca65be045bff3db862e9f97c9da71e5f46311a7a4021d43ea4bc4be1e9889dcc
cabc8b0c739f1ed1dcfa2fc6091cde7631e1d22e58f17c85def4aa531792a7f8
cc402a6ffeb9a798f632364daec036c87534b50e35bdfc38a03a61ced04afe4b
ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d
cdfcbfb2e33cca8b28f5c72da5bda8a73954bb7ce522979d2f819ade5e0c5488
cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d2412d4daa6ff71bc49735a0e3bdb23ae2cb20c65ca350a3475c06206316f133
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221
db368c6ef9d9ca55e558d1c203d88eb4d0d3628a04e7649e3cd8fd8913c32e63
dc134e696951fb4b1c03e2feb33d185826a4fb5616f0e553bc8274dbf41bc066
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e048d5d2c6c4824c8210cc423ceafce341a4819fddbf41bffa611141da08c4b7
e235b55239848fba8f1a06552c443deab87586bf62da850cd3ef17fb8b11fd73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ec01701d765be04023093171472efd79cfbeddd93da9562a44d622ec2788db10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75c40b4bd8d1ae8b766cef49abc18e388569f3150f5b07858e4b3ca5809a970
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40