www.yaysavings.com
Open in
urlscan Pro
23.250.10.187
Public Scan
Effective URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Submission: On April 15 via manual from RO
Summary
This is the only time www.yaysavings.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA)
PTR: book.brainpulsehosting.com
ms.yaysavings.com |
ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA)
PTR: dsa-sm-ny102.vilayer.com
www.yaysavings.com | |
images.yaysavings.com |
ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com | |
adservice.google.de |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-35-64.deploy.static.akamaitechnologies.com
cdn.cpnscdn.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com | |
googleads.g.doubleclick.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
yaysavings.com
2 redirects
ms.yaysavings.com www.yaysavings.com images.yaysavings.com |
540 KB |
9 |
cpnscdn.com
cdn.cpnscdn.com |
37 KB |
6 |
doubleclick.net
1 redirects
stats.g.doubleclick.net googleads.g.doubleclick.net |
161 B |
4 |
googlesyndication.com
pagead2.googlesyndication.com |
183 KB |
3 |
facebook.net
connect.facebook.net |
62 KB |
2 |
facebook.com
staticxx.facebook.com www.facebook.com |
|
2 |
google.de
www.google.de adservice.google.de |
280 B |
2 |
google.com
1 redirects
www.google.com adservice.google.com |
354 B |
2 |
google-analytics.com
www.google-analytics.com |
17 KB |
1 |
googletagservices.com
www.googletagservices.com |
29 KB |
69 | 10 |
Domain | Requested by | |
---|---|---|
40 | www.yaysavings.com |
1 redirects
www.yaysavings.com
|
9 | cdn.cpnscdn.com |
www.yaysavings.com
|
5 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
4 | pagead2.googlesyndication.com |
www.yaysavings.com
pagead2.googlesyndication.com |
3 | connect.facebook.net |
www.yaysavings.com
connect.facebook.net |
2 | www.google-analytics.com |
www.yaysavings.com
|
1 | www.facebook.com |
connect.facebook.net
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | www.google.de |
www.yaysavings.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | images.yaysavings.com |
www.yaysavings.com
|
1 | ms.yaysavings.com | 1 redirects |
69 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
facebook.com |
yaysavings.com |
go.redirectingat.com |
images.yaysavings.com |
www.jdoqocy.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-03-08 - 2019-06-06 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Frame ID: 3665FF90E04119E864AD02C8156030FD
Requests: 61 HTTP requests in this frame
Frame:
http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Frame ID: C59480122670B3BB0AF5F27151743305
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20190408/r20190131/zrt_lookup.html
Frame ID: 7F39CA1C2B1BEAA4EF63868BA4E8F199
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=90&slotname=3301706841&adk=2211376183&adf=4223444940&w=720&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=720x90&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872009&bpp=32&bdt=816&fdt=274&idt=270&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&correlator=4904471221678&frm=20&pv=2&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=8858346410&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=162&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=1&uci=1.xhr6rlu487tu&fsb=1&xpc=oeMn4QX9AK&p=http%3A//www.yaysavings.com&dtd=300
Frame ID: B3F1135F18902E4A71278FCCCA535694
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=5933866044&adk=4105230550&adf=3261161656&w=300&lmt=1555334872&rafmt=11&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872041&bpp=13&bdt=848&fdt=278&idt=238&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&rplot=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=317&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&uci=2.qtxg6x8j2cko&fsb=1&xpc=B1FR5qTDcB&p=http%3A//www.yaysavings.com&dtd=282
Frame ID: A00F1110267BDBDC3B6A23CD973798AC
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=7731906440&adk=2269268744&adf=324661547&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872071&bpp=9&bdt=878&fdt=266&idt=208&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=804&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&uci=3.mp4a1ll14tub&fsb=1&xpc=mNjsvI9cBY&p=http%3A//www.yaysavings.com&dtd=269
Frame ID: 82E2A15B9C05C21F3F8504FFB89912ED
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=1685372847&adk=1527775730&adf=1339713215&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872129&bpp=33&bdt=936&fdt=233&idt=150&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=1088&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=4&uci=4.5lcdcagso38c&fsb=1&xpc=3qREwhWgJM&p=http%3A//www.yaysavings.com&dtd=237
Frame ID: 180A06EDB2DD4F602A9238B38FDEC5FB
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: C4EF470B6F0EB70D5A74DA6E2B23367A
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2c9454753d6c7c%26domain%3Dwww.yaysavings.com%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff302a6ee99d9818%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 08343D5E90FC7C1C32AA805A87A1C377
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com
HTTP 302
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&u=achiang@underarmour.com HTTP 302
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20 Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Google AdSense (Advertising Networks) Expand
Detected patterns
- script /googlesyndication\.com\//i
- env /^google_ad_/i
- env /^__google_ad_/i
- env /^Goog_AdSense_/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: l
Search URL Search Domain Scan URL
Title: f
Search URL Search Domain Scan URL
Title: Go to Oil Change Coupons >>
Search URL Search Domain Scan URL
Title: 20% Off
Search URL Search Domain Scan URL
Title: Free Shipping
Search URL Search Domain Scan URL
Title: 50% Off
Search URL Search Domain Scan URL
Title: 20% Off
Search URL Search Domain Scan URL
Title: 20% Off
Search URL Search Domain Scan URL
Title: 30% Off
Search URL Search Domain Scan URL
Title: 20% Off
Search URL Search Domain Scan URL
Title: Up to $15 Off
Search URL Search Domain Scan URL
Title: 50% Off
Search URL Search Domain Scan URL
Title: 30% Off
Search URL Search Domain Scan URL
Title: 50% Off
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com
HTTP 302
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&u=achiang@underarmour.com HTTP 302
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 43- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- http://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%20Mystery%20Deal%20%7C%20Retail%20Shopping%20coupon%20codes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=914583099&gjid=676112888&cid=1597373796.1555334872&tid=UA-51514291-1&_gid=1232887453.1555334872&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=680537427 HTTP 307
- https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%20Mystery%20Deal%20%7C%20Retail%20Shopping%20coupon%20codes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=914583099&gjid=676112888&cid=1597373796.1555334872&tid=UA-51514291-1&_gid=1232887453.1555334872&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=680537427
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&gjid=676112888&_gid=1232887453.1555334872&_u=YGBAgAAB~&z=1736483058 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
- http://connect.facebook.net/en_US/sdk.js HTTP 307
- https://connect.facebook.net/en_US/sdk.js
- http://connect.facebook.net/en_US/all.js HTTP 307
- https://connect.facebook.net/en_US/all.js
69 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
04132019M
www.yaysavings.com/mystery/ Redirect Chain
|
37 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
www.yaysavings.com/css/ |
6 KB 829 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
www.yaysavings.com/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop.css
www.yaysavings.com/css/ |
96 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.2.min.js
www.yaysavings.com/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yayfuncs.js
www.yaysavings.com/js/ |
14 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
www.yaysavings.com/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iscroll.js
www.yaysavings.com/js/ |
49 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slidermenu.js
www.yaysavings.com/js/ |
310 B 587 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yaysearch.js
www.yaysavings.com/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adshift-up.css
www.yaysavings.com/css/ |
660 B 922 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adshift-right.css
www.yaysavings.com/css/ |
286 B 549 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yaylogo.png
www.yaysavings.com/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.css
www.yaysavings.com/css/ |
73 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yaysocial.js
www.yaysavings.com/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
83 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oilchangecoupons.png
images.yaysavings.com/media/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20685067.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/067/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20705163.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/163/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20651185.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/185/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20683192.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/192/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20672115.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/115/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20749397.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/397/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20753031.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/031/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20752039.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/039/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
20696096.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/096/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.gif
www.yaysavings.com/repo/logos/Large/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1395.gif
www.yaysavings.com/repo/logos/Large/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1394.gif
www.yaysavings.com/repo/logos/Large/ |
686 B 949 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1875.gif
www.yaysavings.com/repo/logos/Large/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8023.gif
www.yaysavings.com/repo/logos/Large/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1032.gif
www.yaysavings.com/repo/logos/Large/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5634.gif
www.yaysavings.com/repo/logos/Large/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
35637.gif
www.yaysavings.com/repo/logos/Large/ |
11 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
800070.gif
www.yaysavings.com/repo/logos/Large/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
179.gif
www.yaysavings.com/repo/logos/Large/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
33930.gif
www.yaysavings.com/repo/logos/Large/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4004.gif
www.yaysavings.com/repo/logos/Large/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
store-logo-banner.png
www.yaysavings.com/img/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Semibold-webfont.woff2
www.yaysavings.com/fonts/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Socialico-webfont.woff2
www.yaysavings.com/fonts/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-CondensedLight-webfont.woff2
www.yaysavings.com/fonts/ |
18 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
www.yaysavings.com/fonts/ |
55 KB 56 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-CondensedBold-webfont.woff2
www.yaysavings.com/fonts/ |
19 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Redirect Chain
|
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ Redirect Chain
|
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ Redirect Chain
|
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ Redirect Chain
|
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mystery-banner-bg.png
www.yaysavings.com/img/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mystery-deal-bg.png
www.yaysavings.com/img/ |
39 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Peralta-Regular-webfont.woff2
www.yaysavings.com/fonts/ |
31 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold-webfont.woff2
www.yaysavings.com/fonts/ |
18 KB 19 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-webfont.woff2
www.yaysavings.com/fonts/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/ |
202 KB 76 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/ Frame C594 |
202 KB 76 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-2436759273537177.js
pagead2.googlesyndication.com/pub-config/r20160913/ |
133 B 241 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190408/r20190131/ Frame 7F39 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
193 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame B3F1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
77 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame A00F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 82E2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 180A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame C4EF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/v2.0/plugins/ Frame 0834 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
nag.asp
www.yaysavings.com/modals/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
89 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery boolean| nagModalOpen function| openStoreName function| openSearch function| closeModal function| showCouponModal function| loadModalPage function| loadModal function| showSignup function| showThanks function| reloadModal function| doFlip function| updateQueryStringParameter function| connectEmail function| rejoinEmail function| connectEmailLanding function| connectFacebook function| connectFacebookLanding function| hideWhoopsies function| showWhoopsies function| writeAdSense function| isMobile function| block_size function| block_size_infeed function| IScroll object| myScroll function| loaded undefined| yaySearchSelectedDiv function| selectSearchDiv function| deSelectSearchDiv function| initSearchDivs function| lookup function| lookup2 string| is_adblocked object| testAd string| dimensionValue string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| new_Share function| fbAsyncInit string| google_ad_client string| google_ad_slot number| screen_width boolean| is_desktop object| s_result object| google_ad_size object| adsbygoogle function| mysteryFlip string| desktop_code object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| FB function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmnyK6GJOxS6tDJC9mXf9j5AHTwa1KwEvd8Jfo9jnjFK69ncDQJe_5qxT53 |
|
www.yaysavings.com/ | Name: ASPSESSIONIDASTBTDBB Value: KCNGBPDAPPNKFKJBCOMCNPOG |
|
.yaysavings.com/ | Name: _gat Value: 1 |
|
.yaysavings.com/ | Name: _gid Value: GA1.2.1232887453.1555334872 |
|
.yaysavings.com/ | Name: _ga Value: GA1.2.1597373796.1555334872 |
|
www.yaysavings.com/ | Name: user Value: |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
cdn.cpnscdn.com
connect.facebook.net
googleads.g.doubleclick.net
images.yaysavings.com
ms.yaysavings.com
pagead2.googlesyndication.com
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.yaysavings.com
2.19.35.64
23.229.88.50
23.250.10.187
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::200e
2a00:1450:400c:c08::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
03fe0818cc8beb1afc919d99806b1baeee24517f6ccf4c6093f280f41a4a86b7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
060e9af4ab49efa35b793f1885ccef4ba5ccab365e375906b55dc020152dad6c
07114d89d8ef86c873de8051f82cda6965d5d295f9dc7d9eb8e6956cb1e9dfef
098e7ac0de17db2cabba259a1fada0ec31059515081c1a20d5074a46e6030ac4
0c44c66031e7f438424a149dc400e36a3d8f841127269e0797f470571eae22bd
0e46e836e07ed2da4337b7456c4493f182d53c82cd8560e79d59f2963a0b0d04
196f161c73eecca785b1c71f24e90c523c1db98defd202a544486b9a707c811d
21c01cf7f3b4c32952f6175eefc7beff566cea18028a2dab303357c7a7d8c5f0
21daf8bc87790fd7808ba1a6ae9b56b96cbbc82a4b60580f8b7c4d4557e06b37
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
27720c93874976cfc9186a04d547ebd8ff6b367e83caa8694aa86edc36767b26
28254d0381f1ca30da97dc71124686cfaf60b42a0e25242fa1dd5d27fcf889fe
2acd431729ea39a3b6426ccf23a18732f789ff1d1e3cfdac98ae0f129d81975a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
495272234cc9d89f03147f12f5e9e99cd43465b2a5bf10a9920fbb592590b4ab
4dab3d1b605a96763d2f0f93b443150e0a7d06879092df75149f373a61e42d01
535a0bdfea62c008a7ea2528ff456fa26d5864838cb10e31e47eb09f19293bf5
5a1f89963521560bcfee6323095cc269b47f5a8bc31fe04f17ed324ecb8028be
61a75e8ef6e1d06c49289de470feb28bbbcaa94912945a19abbd2eb07c69af93
6a184d7ff0a25d979ce2f3ceccc84925d940af0faca088a2ac4d9a2a08d18024
6a5ec699e27ee6eaf16c31a3d56c48a594666b8e31c786ce3776ccbcc5b4361a
6e33cd6f32d5cb012dd5174c71e7080a7285106255765f1ec698f07d66bfab9a
6ee461d0cc884de09affa4cd5016f609f77dfdc692b09caf9baed2a1849e58b9
6f9cf76f18e60c9624502a4f2b11a46ea4c64738ebde30c7bca3e4ec803644a3
7076e4b21ba41e2e1a010fdc7dcc0be7581d5e346607a885e8eaa2db462f8d22
76e15b2ab5986f983b5c23f28f72bc6fdf0237979ea33618348c6e22ed5ae13e
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
82158cb11d8fa46216b33d0608e775ccbb306fb05d1a1eb75b71b9ac7fb5ad4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
889fbd24d6a87e78a08340d066281238836cf275288eb0767bf2803955fa2e96
8a783e0d06333f1fbd41a6b7041129cc4fa38ff03549e0c8eb6b5ec2da37f7e1
8ef6b2fc197ac7d4ea02085c7fddf6be55acf96da586bcf676304c7c8b866c5b
948e7086e2122ef37b85878ee431256aaf6ac9bbf98be42d60d8b88e6ea65e1a
95eb8b07171b4fb73896d80550127489cfdba979eb4b4a4559322c27051e5437
9d4cc0c1ea84b1247be95187311d7bb0f0d1485ee9c35066d9f814e4bf8bebbb
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
af0e778d6b513711ff960a8654d96d90ba4629d48870fd70d672874aac4ab0f7
b10e57d046623a792c76a107a8a2ddde6910c9bb78d70ac9f089f37006b92ff9
b587b46da7cba3bcd8d194fec11096ee765cb8889014d2f50f45d5d7cc1292aa
b6226f4773929af05f02045c6ab67b2d0868cf94c2fe13e94eb2793b51805cd5
be154e0b585e54a440ab4b613ba6539aa49f32779cde36ce4b0ea56b7fb5567d
c06a01b8c2c6f7f6483542825a780afc6a6eb4549a02fe7f95a4dfc3335eab8f
c0feca19f82b9104c53305695984fe8209a6216c092e6748792b6871302bb9ce
c7999e7234de4b3498d4e45da326ad873cc137e8dcc155091ebfb386d5cdc8e3
c918dcefc35f58b2eabc66ca3065c8ab15764fab39ae895e9fee84183e5ea73b
ce72c98c90bc39b9ce521fb481f2623326833e2a2c8d1f1bb3a5a38f8fda633a
cf82faab0f9349f97ba2e2897b16939988a61855924c731dab137cded2c37b5e
d798a0d1469fed4046b817dce470c295831c324d61611e3293db8e2a5be55714
d85f367fac9e09487a3c2220a9151cf92e797c19240a4879046eaf17899526cc
db5d26f32a5bd71c807e2bf85cb1f80e9e0c2232626f3682a6f1de422181167f
e0bc10ae079c8638fa382b46bbb9392234a1e0436c87bc336b331e333ef00edc
e983cbdb90422a80737ded8b12491f7a542f23947f0912959a8b5404671c80c9
ed346d7e8e5587ef37bcb3625fe9fe2bbc6b54e20534ee43c7258b71512baf8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64495e0111bce057d38696f5afd3da3fdd16a8b42ad764e64fb22a9f4fe2c32
f7140a276af75852364eef880f13473fd4791455ba2cd650b7446e6562742a9d
f785875621bc27a38c907b7b7dcfab6eb73158516da0e395e3cec49b3e4bb04f
ff49d1bb4a004ada5f1145b2da9e31998700f1f8b9928f28c8e2e293d2a8bd78