tipoffers.com
Open in
urlscan Pro
162.209.67.119
Public Scan
Submitted URL: http://tipoffers.com/
Effective URL: https://tipoffers.com/
Submission: On March 09 via api from US — Scanned from DE
Effective URL: https://tipoffers.com/
Submission: On March 09 via api from US — Scanned from DE
Summary
This website contacted 26 IPs
in 8 countries
across 23 domains to perform 52 HTTP transactions.
The main IP is 162.209.67.119, located in
United States and
belongs to RMH-14, US.
The main domain is tipoffers.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 25th 2022. Valid for: a year.
This is the only time tipoffers.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 25th 2022. Valid for: a year.
This is the only time tipoffers.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
4
2a00:1450:4001:801::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
9
184.24.0.132
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-0-132.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-0-132.deploy.static.akamaitechnologies.com
| media.mcclatchyinteractive.com | |
| media.islandpacket.com |
3
54.155.90.90
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-90-90.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-90-90.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
52.50.220.58
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-220-58.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-220-58.eu-west-1.compute.amazonaws.com
| mcclatchy.demdex.net |
1
13.37.25.97
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
| mcclatchy.sc.omtrdc.net |
1
18.203.152.154
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-152-154.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-152-154.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
9
151.101.66.49
(United States)
ASN54113 (FASTLY, US)
ASN54113 (FASTLY, US)
| lasteventf-tm.everesttech.net | |
| sync-tm.everesttech.net |
2
107.178.250.234
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
| js.matheranalytics.com |
4
172.217.20.2
(United States)
ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net
| cm.g.doubleclick.net |
1
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
1
34.205.216.79
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-216-79.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-216-79.compute-1.amazonaws.com
| www.i.matheranalytics.com |
2
185.89.210.141
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| ib.adnxs.com |
1
34.98.64.218
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
1
2a03:2880:f11c:8183:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
tipoffers.com
1 redirects
tipoffers.com |
210 KB |
| 10 |
everesttech.net
9 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1019 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 7069 sync-tm.everesttech.net — Cisco Umbrella Rank: 585 |
2 KB |
| 6 |
mcclatchyinteractive.com
media.mcclatchyinteractive.com — Cisco Umbrella Rank: 123383 |
292 KB |
| 5 |
doubleclick.net
3 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 |
2 KB |
| 4 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200 mcclatchy.demdex.net |
7 KB |
| 4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 24 |
20 KB |
| 4 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 299 fonts.googleapis.com — Cisco Umbrella Rank: 29 |
103 KB |
| 3 |
matheranalytics.com
1 redirects
js.matheranalytics.com — Cisco Umbrella Rank: 10213 www.i.matheranalytics.com — Cisco Umbrella Rank: 10003 |
43 KB |
| 3 |
islandpacket.com
media.islandpacket.com — Cisco Umbrella Rank: 922575 |
182 KB |
| 2 |
spotxchange.com
1 redirects
sync.search.spotxchange.com — Cisco Umbrella Rank: 710 |
1 KB |
| 2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 208 |
2 KB |
| 2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 519 |
1 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
75 KB |
| 1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 108 |
746 B |
| 1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 856 |
451 B |
| 1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 415 |
273 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 316 |
239 B |
| 1 |
google.de
www.google.de — Cisco Umbrella Rank: 6027 |
408 B |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
408 B |
| 1 |
omtrdc.net
mcclatchy.sc.omtrdc.net — Cisco Umbrella Rank: 478162 |
265 B |
| 1 |
browser-update.org
browser-update.org — Cisco Umbrella Rank: 6505 |
5 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41 |
90 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337 |
4 KB |
| 52 | 23 |
| Domain | Requested by | |
|---|---|---|
| 12 | tipoffers.com |
1 redirects
tipoffers.com
|
| 8 | sync-tm.everesttech.net | 8 redirects |
| 6 | media.mcclatchyinteractive.com |
www.googletagmanager.com
media.mcclatchyinteractive.com |
| 4 | cm.g.doubleclick.net | 3 redirects |
| 4 | www.google-analytics.com |
tipoffers.com
www.google-analytics.com |
| 3 | dpm.demdex.net |
media.mcclatchyinteractive.com
tipoffers.com |
| 3 | media.islandpacket.com |
media.mcclatchyinteractive.com
|
| 3 | ajax.googleapis.com |
tipoffers.com
|
| 2 | sync.search.spotxchange.com | 1 redirects |
| 2 | ib.adnxs.com | 1 redirects |
| 2 | dsum-sec.casalemedia.com | 1 redirects |
| 2 | js.matheranalytics.com |
1 redirects
tipoffers.com
|
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | www.facebook.com | |
| 1 | image2.pubmatic.com | |
| 1 | us-u.openx.net | |
| 1 | www.i.matheranalytics.com | |
| 1 | pixel.rubiconproject.com | |
| 1 | www.google.de |
tipoffers.com
|
| 1 | www.google.com |
tipoffers.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | lasteventf-tm.everesttech.net |
media.mcclatchyinteractive.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | mcclatchy.sc.omtrdc.net |
media.mcclatchyinteractive.com
|
| 1 | mcclatchy.demdex.net |
media.mcclatchyinteractive.com
|
| 1 | browser-update.org |
tipoffers.com
|
| 1 | fonts.googleapis.com |
tipoffers.com
|
| 1 | www.googletagmanager.com |
tipoffers.com
|
| 1 | cdn.jsdelivr.net |
tipoffers.com
|
| 52 | 29 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.islandpacket.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.tipoffers.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-25 - 2023-06-01 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-16 - 2023-10-17 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| *.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-03-08 |
a year | crt.sh |
| *.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-11-07 - 2023-12-09 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2023-02-20 - 2023-05-15 |
3 months | crt.sh |
| www.i.matheranalytics.com Amazon RSA 2048 M01 |
2023-03-02 - 2024-01-13 |
10 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://tipoffers.com/
Frame ID: 15A49F527E1265D73CFAF42DDB214201
Requests: 42 HTTP requests in this frame
Frame:
https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: 050196C9FFDEB610D49062537814CF43
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Hilton HeadPage URL History Show full URLs
-
http://tipoffers.com/
HTTP 301
https://tipoffers.com/ Page URL
Detected technologies
Microsoft ASP.NET
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <input[^>]+name="__VIEWSTATE
ZURB Foundation
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]+foundation[^>"]+css
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.islandpacket.com/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tipoffers.com/
HTTP 301
https://tipoffers.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://cm.everesttech.net/cm/dd?d_uuid=66136646817097495963405988407127751833 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZAnIowAAADSxxgN-
- https://js.matheranalytics.com/s/ma12095/74930702/all/ml.js?cb=1619 HTTP 301
- https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjYxMzY2NDY4MTcwOTc0OTU5NjM0MDU5ODg0MDcxMjc3NTE4MzM= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjYxMzY2NDY4MTcwOTc0OTU5NjM0MDU5ODg0MDcxMjc3NTE4MzM=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJbNwvMgIsbmGqQHRFPOsCM&google_cver=1?gdpr=0&gdpr_consent=
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkFuSW93QUFBRFN4eGdOLQ== HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WkFuSW93QUFBRFN4eGdOLQ==&google_tc=
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZAnIowAAADSxxgN-&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZAnIowAAADSxxgN- HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZAnIowAAADSxxgN-&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=ZAnIowAAADSxxgN- HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZAnIowAAADSxxgN-
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZAnIowAAADSxxgN-
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZAnIowAAADSxxgN-
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZAnIowAAADSxxgN-&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZAnIowAAADSxxgN-&img=1&__user_check__=1&sync_id=f5dee10c-be70-11ed-9b6b-130dfa940206
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZAnIowAAADSxxgN-&t=2592000&o=0
52 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
tipoffers.com/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ |
88 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ |
235 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scripts.js
tipoffers.com/assets/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
foundation-icons.css
cdn.jsdelivr.net/npm/foundation-icons@1.0.1/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ |
34 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
tipoffers.com/assets/style/ |
241 B 614 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
img-logo.png
tipoffers.com/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WebResource.axd
tipoffers.com/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
thumb-home-delivery.png
tipoffers.com/images/ |
120 KB 120 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
349 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
normalize.css
tipoffers.com/assets/style/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
tipoffers.com/assets/style/ |
64 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
colors.css
tipoffers.com/assets/style/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 206 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
islandpacket.js
media.mcclatchyinteractive.com/misites/hhd/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg.jpg
tipoffers.com/assets/images/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check-circle.png
tipoffers.com/assets/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
update.min.js
browser-update.org/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
media.mcclatchyinteractive.com/misites/all/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
micb.js
media.mcclatchyinteractive.com/mistats/ |
128 KB 128 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nss_s_code.js
media.mcclatchyinteractive.com/mistats/vendors/ |
93 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
micb.js
media.islandpacket.com/islandpacket/ |
83 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nss.js
media.mcclatchyinteractive.com/mistats/vendors/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nss_s_code.js
media.islandpacket.com/islandpacket/vendors/ |
97 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
finalizestats.js
media.mcclatchyinteractive.com/mistats/ |
60 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
mcclatchy.demdex.net/ Frame 0501 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
mcclatchy.sc.omtrdc.net/ |
2 B 265 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=ZAnIowAAADSxxgN-
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
lasteventf-tm.everesttech.net/ |
0 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ml.br.js
js.matheranalytics.com/static/ltm/ma12095/all/10/ Redirect Chain
|
147 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
3 B 23 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nss.js
media.islandpacket.com/islandpacket/vendors/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 347 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEJbNwvMgIsbmGqQHRFPOsCM&google_cver=1
dpm.demdex.net/ Frame 0501 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 0501 Redirect Chain
|
170 B 243 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 0501 Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i
www.i.matheranalytics.com/ |
43 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame 0501 Redirect Chain
|
43 B 766 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 0501 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 0501 Redirect Chain
|
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 0501 Redirect Chain
|
1 B 451 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 0501 Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b.php
www.facebook.com/fr/ Frame 0501 Redirect Chain
|
43 B 746 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
93 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| $buoop function| $buo_f object| dataLayer string| GoogleAnalyticsObject function| ga function| $ function| jQuery boolean| alreadyScrolled function| postmediaFrameLoader function| setCCToken function| mask function| showCCIframe object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres object| mistats string| s_account object| s function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq function| AdCloudEvent object| adobe function| Visitor boolean| mistats_messageHandler boolean| mitagsent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| _matherq function| mistats_ga function| AppMeasurement_Module_ActivityMap object| _mather object| _mg2q string| h object| tid25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| tipoffers.com/ | Name: X-Mapping-fjhppofk Value: 77B3E3A1EDEDAF7921D4D0CC50223803 |
|
| tipoffers.com/ | Name: ASP.NET_SessionId Value: nmhtt3da2nboebi1dz1cwb4y |
|
| .tipoffers.com/ | Name: _ga Value: GA1.2.963405026.1678362785 |
|
| .tipoffers.com/ | Name: _gid Value: GA1.2.932793852.1678362785 |
|
| .tipoffers.com/ | Name: _gat Value: 1 |
|
| .demdex.net/ | Name: demdex Value: 66136646817097495963405988407127751833 |
|
| .tipoffers.com/ | Name: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1 |
|
| .tipoffers.com/ | Name: _gat_mistats_ga_UA-48278776-1 Value: 1 |
|
| .tipoffers.com/ | Name: _gat_mistats_ga_UA-48280268-1 Value: 1 |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZAnIowAAADSxxgN- |
|
| .dpm.demdex.net/ | Name: dpm Value: 66136646817097495963405988407127751833 |
|
| .tipoffers.com/ | Name: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19426%7CMCMID%7C65636221064224898353430158598823430958%7CMCAAMLH-1678967587%7C6%7CMCAAMB-1678967587%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1678369987s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19433%7CvVersion%7C5.2.0 |
|
| .tipoffers.com/ | Name: adcloud Value: {%22_les_v%22:%22y%2Ctipoffers.com%2C1678364587%22} |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlzygzB0UCe4gWnvtHivOoaxMJscd7hrcHvtiftw0Y6LOkXTzf6UM2P_3tFzG8 |
|
| .tipoffers.com/ | Name: _ml_id Value: 201910c3-2be6-4b95-a0c1-911d3c6e849e.1678362788.1.1678362788.1678362788 |
|
| .tipoffers.com/ | Name: _ml_ses Value: * |
|
| .casalemedia.com/ | Name: CMID Value: ZAnIpKwLIakjfwiAY3GRTQAA |
|
| .casalemedia.com/ | Name: CMPS Value: 2141 |
|
| .casalemedia.com/ | Name: CMPRO Value: 2141 |
|
| .adnxs.com/ | Name: uuid2 Value: 4141853884551822925 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2E>2iGFCE!]tbPl1MwL(!R7qUY%iJWsIQdYWJW[I*-7/X@ByrQ=CcB<QG=%9sk?bIRwi:w9Ld1Iu?VD17Mco/y@Yw#u!cd*][6d |
|
| .demdex.net/ | Name: dextp Value: 771-1-1678362787842|144230-1-1678362787943|144231-1-1678362788044|144232-1-1678362788145|144233-1-1678362788246|144234-1-1678362788347|144235-1-1678362788448|144236-1-1678362788548|144237-1-1678362788649 |
|
| .pubmatic.com/ | Name: KRTBCOOKIE_218 Value: 4056-ZAnIowAAADSxxgN-&KRTB&22978-ZAnIowAAADSxxgN-&KRTB&23194-ZAnIowAAADSxxgN-&KRTB&23209-ZAnIowAAADSxxgN- |
|
| .pubmatic.com/ | Name: PugT Value: 1678362788 |
|
| .spotxchange.com/ | Name: audience Value: f5dee0a9-be70-11ed-9b6b-130dfa940206 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
browser-update.org
cdn.jsdelivr.net
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
js.matheranalytics.com
lasteventf-tm.everesttech.net
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
media.islandpacket.com
media.mcclatchyinteractive.com
pixel.rubiconproject.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tipoffers.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.i.matheranalytics.com
107.178.250.234
13.37.25.97
151.101.66.49
162.209.67.119
172.217.20.2
18.203.152.154
184.24.0.132
185.64.190.80
185.80.39.216
185.89.210.141
185.94.180.126
2606:4700:20::681a:6b4
2a00:1450:4001:801::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:400c:c0d::9b
2a00:1450:400d:807::2003
2a00:1450:400d:807::2004
2a00:1450:400d:808::2008
2a00:1450:400d:80d::200a
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::485
34.205.216.79
34.98.64.218
52.50.220.58
54.155.90.90
69.173.144.165
09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d
09f0a715d6dccbd1ff02496035d0104cf060828251e16d2eee18b15053c5a12a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f01ba6e29a7158783daf89a00f7f08a957caa95924ee8e192faae1071655be0
243a2c3db2bead0bf8c7d721abc5e5b20fbab08fa1dd9daac6be3d3010259972
292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb
3497d5ee60b0937d9952abd7dd8351ed974036668758e16c3881391d5d77b5b5
3ec2ac883fcde0dbefc784ad088e9aa60069a4fec00b2f95be38e4056a280d71
3f717113e3567fce882c2c525e662b498668cc6ffed9979c33e7e10b97cc5f98
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4aff8501339bae695c7880d21e16d79dfc7dd3960d5aefd43e985aa5a3d810fb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b5f72e677dcfb9477d2de091a956b46aaa8b9191ac14ea5c31755ef085d8ad5
6228ac9ea91f19623a3d5bf5d608139aff205e955b553a3e1769a716b1c66e5a
62c100765dba1c64ff50ca48b97703888312c7560ab97bb36f0b2bb99cd0dec6
648b2562a80b4662e15e1037ca5f0700c2d0c0dbce20b0e2d957eaa0d3e33e09
70997d2e2955eb3a06035fa8c9e7ffb72e23ce7ac8b54bfc56b525975154d2f6
7afb3c46098c8ac0190057c552d965e5a3e1466e612e154226da1a7e8d686f34
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f4d19254578b5c92adc88c86d69069a05944192b5d0e6ca6d662768c5f75e38
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85efef646daf9fb62baae043ccdc8db1c592374e3b7eb6379c7d0b1041ad6826
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8cad5a8245ae78d85451035a88700071cd2caede1f03df919519672e9fe41e20
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
be99c824e6369355fa2aa290085e1b39726216105df066bdc7333b5e4bf92f94
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c893ea970ac48f0bb6abda2f4c3456086c3b1a0c88239f6f16c0a128cb01c3fa
ccfe42c28f31052e3c1301b78a0218025bce41a1d76197b230e0c94369f8a938
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dec2e031c5bf9d438ddad829d8caa9b0816ba2cd095730b83003f3c420f01d02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2973148b23013daeb790b9c3479e2fec9c6ae9b9a55a3fe1c81e4a089e44b2c
f8ada95ec6c4494bcae94e922b360f4c3d52e92402d656f13a7082691f13e818