www.rafflecopter.com
Open in
urlscan Pro
69.164.195.169
Public Scan
Submission: On April 07 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 28th 2020. Valid for: a year.
This is the only time www.rafflecopter.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li110-169.members.linode.com
www.rafflecopter.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com
use.typekit.net | |
p.typekit.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-118.fra50.r.cloudfront.net
widget-prime.rafflecopter.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-142.fra2.r.cloudfront.net
homepage.rafflecopter.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net
cdn.segment.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-149.deploy.static.akamaitechnologies.com
s.adroll.com |
ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
track.customer.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-11.fra2.r.cloudfront.net
customizer-css.rafflecopter.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-30.fra2.r.cloudfront.net
d1bg42r4siwejx.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-46-216.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org | |
d.adroll.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-74-203.eu-central-1.compute.amazonaws.com
pixel.advertising.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-44.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-108-20.eu-central-1.compute.amazonaws.com
eb2.3lift.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-143-82.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN29990 (ASN-APPNEX, US)
PTR: 318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com
us-u.openx.net |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
cm.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
17 | d.adroll.com | 14 redirects |
12 | www.rafflecopter.com |
www.rafflecopter.com
|
6 | widget-prime.rafflecopter.com |
www.rafflecopter.com
widget-prime.rafflecopter.com |
5 | s.adroll.com |
1 redirects
www.rafflecopter.com
s.adroll.com |
5 | use.typekit.net |
www.rafflecopter.com
use.typekit.net |
4 | connect.facebook.net |
cdn.segment.com
widget-prime.rafflecopter.com connect.facebook.net |
3 | homepage.rafflecopter.com |
www.rafflecopter.com
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | us-u.openx.net | 1 redirects |
2 | ib.adnxs.com | 1 redirects |
2 | x.bidswitch.net | 1 redirects |
2 | eb2.3lift.com | 1 redirects |
2 | sync.outbrain.com | 1 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | pixel.advertising.com | 2 redirects |
2 | api-js.mixpanel.com |
cdn.mxpnl.com
|
2 | www.google-analytics.com |
1 redirects
www.rafflecopter.com
|
1 | www.facebook.com | |
1 | idsync.rlcdn.com | |
1 | trc.taboola.com | |
1 | ads.yahoo.com | 1 redirects |
1 | simage2.pubmatic.com | |
1 | pixel.rubiconproject.com | |
1 | ups.analytics.yahoo.com | |
1 | d.adroll.mgr.consensu.org | 1 redirects |
1 | d1bg42r4siwejx.cloudfront.net | |
1 | customizer-css.rafflecopter.com |
widget-prime.rafflecopter.com
|
1 | track.customer.io | |
1 | assets.customer.io |
cdn.segment.com
|
1 | cdn.mxpnl.com |
cdn.segment.com
|
1 | p.typekit.net |
www.rafflecopter.com
|
1 | www.google.de |
www.rafflecopter.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | cdn.segment.com |
www.rafflecopter.com
|
1 | ajax.googleapis.com |
www.rafflecopter.com
|
1 | cdn.jsdelivr.net |
www.rafflecopter.com
|
62 | 37 |
This site contains links to these domains. Also see Links.
Domain |
---|
fbflash.rafflecopter.com |
jobs.rafflecopter.com |
facebook.com |
twitter.com |
blog.rafflecopter.com |
kb.rafflecopter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.rafflecopter.com DigiCert SHA2 Secure Server CA |
2020-01-28 - 2021-02-08 |
a year | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-04-06 - 2020-10-09 |
6 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.segment.com DigiCert SHA2 Secure Server CA |
2019-06-24 - 2020-07-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.mxpnl.com RapidSSL RSA CA 2018 |
2019-07-29 - 2021-07-28 |
2 years | crt.sh |
*.customer.io Let's Encrypt Authority X3 |
2020-03-04 - 2020-06-02 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-03-01 - 2020-05-30 |
3 months | crt.sh |
*.mixpanel.com RapidSSL RSA CA 2018 |
2018-01-11 - 2020-05-01 |
2 years | crt.sh |
*.adroll.com DigiCert SHA2 Secure Server CA |
2020-01-29 - 2021-04-29 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
adroll.mgr.consensu.org Amazon |
2019-11-06 - 2020-12-06 |
a year | crt.sh |
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-02-13 - 2020-08-11 |
6 months | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2020-03-02 - 2021-04-01 |
a year | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2019-01-10 - 2021-01-14 |
2 years | crt.sh |
*.outbrain.com Thawte RSA CA 2018 |
2019-10-29 - 2021-11-23 |
2 years | crt.sh |
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA |
2019-02-22 - 2021-02-21 |
2 years | crt.sh |
*.taboola.com DigiCert SHA2 Secure Server CA |
2020-02-19 - 2020-09-10 |
7 months | crt.sh |
*.3lift.com Amazon |
2019-07-17 - 2020-08-17 |
a year | crt.sh |
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2019-04-17 - 2020-05-04 |
a year | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-24 - 2020-04-23 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2018-01-04 - 2020-07-09 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.rafflecopter.com/rafl/display/e4c992cd29/
Frame ID: 3AE3D820726D903E912577419DC04C4C
Requests: 54 HTTP requests in this frame
Frame:
https://widget-prime.rafflecopter.com/classic/02f6849/main.html
Frame ID: DB1895DB56D5DDFFD85A090A3613B81A
Requests: 8 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
AdRoll (Advertising Networks) Expand
Detected patterns
- script /(?:a|s)\.adroll\.com/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Segment (Analytics) Expand
Detected patterns
- script /cdn\.segment\.com\/analytics\.js/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: FB Flash
Search URL Search Domain Scan URL
Title: Work with Us
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Knowledge Base
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=558638101&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F&ul=en-us&de=UTF-8&dt=Giveaway%20%7C%20Rafflecopter%20%3A)&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1042004598&gjid=1500368268&cid=27656693.1586300039&tid=UA-2050882-5&_gid=710519660.1586300039&_r=1&z=1789497313 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_gid=710519660.1586300039&gjid=1500368268&_v=j81&z=1789497313 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_v=j81&z=1789497313 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_v=j81&z=1789497313&slf_rd=1&random=4136476856
- https://s.adroll.com/j/exp/GMHKO672IFDXXL2J6IGA2A/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/GMHKO672IFDXXL2J6IGA2A?_s=20bdb80c1562a7f116deb3402f6371ee&_b=2 HTTP 302
- https://d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/?_s=20bdb80c1562a7f116deb3402f6371ee&_b=2
- https://d.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&pv=61910954053.92382&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/OGA5LFWPVFASVJRYK5IB2G.js
- https://d.adroll.com/cm/aol/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab5d5211-7922-11ea-9499-02de1677167c
- https://d.adroll.com/cm/index/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expiration=1617836039 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expiration=1617836039&C=1
- https://d.adroll.com/cm/n/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expires=365
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&rdrctExp=true
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/taboola/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/b/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE
- https://d.adroll.com/cm/x/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DY2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE
- https://d.adroll.com/cm/l/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=cd4f4a2dbca39c0c284ef8d1d3934651
- https://d.adroll.com/cm/o/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=cd4f4a2dbca39c0c284ef8d1d3934651 HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=cd4f4a2dbca39c0c284ef8d1d3934651
- https://d.adroll.com/cm/g/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A&google_nid=adroll4 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=zU9KLbyjnAwoTvjR05NGUQ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=zU9KLbyjnAwoTvjR05NGUQ&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.rafflecopter.com/rafl/display/e4c992cd29/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bdl5nui.js
use.typekit.net/ |
19 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
cdn.jsdelivr.net/modernizr/2.7.1/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
www.rafflecopter.com/static/styles/css/ |
444 B 511 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rafl.css
www.rafflecopter.com/static/styles/css/ |
336 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-logo.png
www.rafflecopter.com/static/img/newhome/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch.js
widget-prime.rafflecopter.com/ |
361 B 807 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-footer.png
homepage.rafflecopter.com/img/ |
714 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-main.png
www.rafflecopter.com/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boulder-love.png
homepage.rafflecopter.com/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.js
www.rafflecopter.com/static/js/rafl-new/build/min/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
support.js
www.rafflecopter.com/static/js/rafl-new/build/min/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segmentalicious.js
www.rafflecopter.com/static/js/rafl-new/build/min/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load.js
widget-prime.rafflecopter.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tn-start.png
www.rafflecopter.com/static/img/newhome/ |
354 B 591 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tn-login.png
www.rafflecopter.com/static/img/newhome/ |
340 B 577 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue.jpg
www.rafflecopter.com/static/img/newhome/bg/ |
101 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-social-sprite.png
homepage.rafflecopter.com/img/ |
500 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue.png
www.rafflecopter.com/static/img/newhome/bg/ |
533 KB 534 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/40a5d0/00000000000000003b9ad1af/27/ |
14 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.html
widget-prime.rafflecopter.com/classic/02f6849/ Frame DB18 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/vSxDQ9MHTpnuGDst7AIGarT1lV5M8fUF/ |
399 KB 79 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
widget-prime.rafflecopter.com/classic/02f6849/ Frame DB18 |
208 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load.gif
widget-prime.rafflecopter.com/static/img/ Frame DB18 |
6 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
73 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.js
assets.customer.io/assets/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api-js.mixpanel.com/decide/ |
65 B 143 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.mixpanel.com/track/ |
1 B 326 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
34 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.gif
track.customer.io/events/ |
36 B 211 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
customizer-css.rafflecopter.com/-/02f6849/classic/ Frame DB18 |
70 KB 70 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ Frame DB18 |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame DB18 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ Frame DB18 |
388 KB 114 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/ |
0 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/ Redirect Chain
|
113 B 581 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.html
widget-prime.rafflecopter.com/classic/02f6849/ Frame DB18 |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OGA5LFWPVFASVJRYK5IB2G.js
s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
747428811997279
connect.facebook.net/signals/config/ |
447 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 977 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 1003 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 450 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Pug
simage2.pubmatic.com/AdServer/ Redirect Chain
|
1 B 1010 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/r/ Redirect Chain
|
42 B 500 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
trc.taboola.com/sg/adroll-network/1/rtb-h/ Redirect Chain
|
0 280 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 352 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 378 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
377928.gif
idsync.rlcdn.com/ Redirect Chain
|
0 62 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 536 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 248 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| Typekit object| html5 object| Modernizr function| yepnope object| cptr function| $ function| jQuery object| RAFL string| adroll_adv_id string| adroll_pix_id object| $userDropdown object| $toggle object| analytics string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| mixpanel object| _cio function| _fbq function| fbq boolean| __adroll_loaded number| c_start number| c_end string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| adroll_exp_list6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.rafflecopter.com/ | Name: mp_34f966f6c8e6eeddfba1554b9e006055_mixpanel Value: %7B%22distinct_id%22%3A%20%2217156d9af9a565-0c014f355124c1-37647e03-1d4c00-17156d9af9b817%22%2C%22%24device_id%22%3A%20%2217156d9af9a565-0c014f355124c1-37647e03-1d4c00-17156d9af9b817%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
.rafflecopter.com/ | Name: _ga Value: GA1.2.27656693.1586300039 |
|
.rafflecopter.com/ | Name: ajs_user_id Value: null |
|
.rafflecopter.com/ | Name: _gid Value: GA1.2.710519660.1586300039 |
|
.rafflecopter.com/ | Name: ajs_group_id Value: null |
|
.rafflecopter.com/ | Name: _gat Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
ajax.googleapis.com
api-js.mixpanel.com
assets.customer.io
cdn.jsdelivr.net
cdn.mxpnl.com
cdn.segment.com
cm.g.doubleclick.net
connect.facebook.net
customizer-css.rafflecopter.com
d.adroll.com
d.adroll.mgr.consensu.org
d1bg42r4siwejx.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
homepage.rafflecopter.com
ib.adnxs.com
idsync.rlcdn.com
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.outbrain.com
track.customer.io
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
widget-prime.rafflecopter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.rafflecopter.com
x.bidswitch.net
104.111.215.74
108.161.187.71
13.224.194.11
13.225.73.142
13.225.87.30
143.204.97.118
143.204.99.83
151.101.113.44
172.217.23.98
185.33.223.202
185.64.190.80
23.213.164.149
23.213.165.44
2600:1901:0:bc29::
2606:4700::6810:5814
2a00:1288:f03d:1fa::2000
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:825::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
34.95.120.147
35.157.108.20
35.186.241.51
35.190.72.21
35.227.225.220
52.30.46.216
52.59.143.82
52.59.74.203
64.202.112.95
69.164.195.169
69.173.144.165
00052b5ba6b232d5c88f9ac1815b5229104eb2606527db935343153703c57edf
01043c5ebd1190e2c15d1e2f8104872bed151a4433293608f9ce9769c8a414ec
06aed5a2e6491641a336d32bc3ea03a50494452072ef897e3241c8b137798196
071f941d6a8715858820ce94b3d128d72066698e3ab4520a833e189c826f2865
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14ac4b3b97114992a68308f399ba7e528723c20da99f7f74f2a4adb2cb844438
152125c136dc4c614d155a7693192357415a69baeefec8c16a953da06c8cb971
15ce275dc080063abbb829d641a061cd58f1fb54ce35bb5fe71e1242d688c68f
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8
28c0bcdfa58f0e848538387f19ec1e66984e5adf4d1c4000e7109b6fc6534ec5
2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710
39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69
443e613fea1f228a7e215d063a4963eed8c7c7e9361be155a412b42fa9a58046
493d2d902ad0cc122ae7fb0512b311338233aa1e5d75cec374deccc1b2b5e4cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf1217b7b7da0a6094f594d6d31c21d31b6c85c976d8e7fe803158c3d968fe6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea520a2efe581657e49d56aaa121073fdf8e4ca2ed70cccc2bcda0f7e9ab53b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54900e560535516e101c12a4448262afb572008588f3e00e27b889b105789adb
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5b3c07f3e9ce40618a50e21270e0d8b6cc9d84ce4f8040674f030cfa961fd1cd
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6340d1ded38d820916699fbad6c86adae7668063373acaab5ad75bd949d9f38d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76d71e3d521b290dcb2d335f4fddf74b71cfcaab7770b855f5e381e271819958
7784ee99ffa9833c4c8935c133fa5552037376752fa79281410016bfd3f6669e
7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a
7e13f25aba70e794aa9f8a076c45610f12cac4e0221cd79129fc86d350b9bfa2
7f5098cd879aeff6511b4a42f3df48e78a4ee71787dd32068311e7d046b9d0c1
83b2aa58b640b81d6c29ed11af1848a7203bf61f390eba97e23d70f99c4313c8
8a7698e5781653c534341c7c77e3aa80f9efcb6e1313c0e85f667e9e932b4caf
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a91d3da3c69e41758e46ae562c53e5b441775e8090a11a2a5ad61da5bf36458e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b4f08338c001b25e59686f0499c2b109f5b50ed5f4340a8460c2969fd414624b
b508cfec92c76e781a975a1722460d09fb94e504d308edc01eed40276eee69a7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf51a07c922e1ba90cf0ca149942976acbb60991c1d2d79cc6fd27a241a1db81
c81b7e9e73c457ba64106f312dade57cfe8ad02ef7b9751c8b6d73a6288f4009
ca386af0b6e462f02569bf9a6b6ea69979b45f7987b1343612a8b05d026a22e5
dd750ecd37b66bc3786e91d5c0a8a5dd7003d94c8917a719bd9c9c529762c87b
df5e46fb630cab4b06f4d9b8858357776ac37ff88a65d8cea12f3f10f85add29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ead0ca5fed5e6bc04a7e2657eb61489bdee2d0ee469537517b17436637d290
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc9a2d367052fa3de79d7293415d3dba4292d719f5cdf6c433f6b2212d5cfbe
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6a332b0c74a6f257a7102f86013137da34a93c58e305bada56fc57fdc12988d
fbf7da85264f15bbc40961598c634373a43164130e28a022a8ecd144ae46b64b
fd2dcae00d595c62205c1e9c1c9479da45e7782ec52eeaa4676ee899dfe61c6a