retiresec.blogspot.com
Open in
urlscan Pro
2a00:1450:4001:81d::2001
Public Scan
Effective URL: http://retiresec.blogspot.com/
Submission: On November 29 via automatic, source certstream-suspicious
Summary
This is the only time retiresec.blogspot.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN12258 (OPTINET, ZA)
PTR: cpt-cpanel-06.mweb.co.za
www.retiresecure.co.za |
ASN15169 (GOOGLE, US)
retiresec.blogspot.com |
ASN15169 (GOOGLE, US)
www.blogger.com | |
resources.blogblog.com |
ASN37153 (xneelo, ZA)
PTR: dedi882.jnb3.host-h.net
www.insidesanlam.co.za |
ASN15169 (GOOGLE, US)
PTR: 75.234.231.35.bc.googleusercontent.com
creditsforteachers.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN13335 (CLOUDFLARENET, US)
embed.tawk.to | |
static-v.tawk.to | |
va.tawk.to |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
sumo.com |
ASN32934 (FACEBOOK, US)
graph.facebook.com | |
api.facebook.com |
ASN13335 (CLOUDFLARENET, US)
va.tawk.to | |
vsa54.tawk.to | |
static-v.tawk.to |
Domain | Requested by | |
---|---|---|
11 | load.sumo.com |
load.sumome.com
|
8 | www.blogger.com |
retiresec.blogspot.com
www.blogger.com apis.google.com |
6 | sumo.com |
load.sumo.com
|
6 | www.insidesanlam.co.za |
3 redirects
retiresec.blogspot.com
|
5 | apis.google.com |
retiresec.blogspot.com
apis.google.com |
4 | cdn.jsdelivr.net |
static-v.tawk.to
|
4 | va.tawk.to |
static-v.tawk.to
|
4 | fonts.googleapis.com |
retiresec.blogspot.com
static-v.tawk.to |
3 | vsa54.tawk.to |
static-v.tawk.to
|
3 | www.currency.me.uk |
1 redirects
retiresec.blogspot.com
www.currency.me.uk |
3 | resources.blogblog.com |
retiresec.blogspot.com
|
2 | static-v.tawk.to |
embed.tawk.to
|
2 | fonts.gstatic.com |
retiresec.blogspot.com
fonts.googleapis.com |
2 | 1of1privatecollection.co.za |
retiresec.blogspot.com
|
2 | 3.bp.blogspot.com |
retiresec.blogspot.com
|
2 | retiresec.blogspot.com |
retiresec.blogspot.com
|
1 | www.reddit.com | |
1 | reddit.com | 1 redirects |
1 | widgets.pinterest.com | |
1 | api.facebook.com |
load.sumo.com
|
1 | graph.facebook.com |
load.sumo.com
|
1 | api.bufferapp.com |
load.sumo.com
|
1 | clients6.google.com |
load.sumo.com
|
1 | www.gstatic.com |
apis.google.com
|
1 | embed.tawk.to |
retiresec.blogspot.com
|
1 | pagead2.googlesyndication.com |
retiresec.blogspot.com
|
1 | static.licdn.com |
retiresec.blogspot.com
|
1 | creditsforteachers.com |
retiresec.blogspot.com
|
1 | platform.linkedin.com |
retiresec.blogspot.com
|
1 | load.sumome.com |
retiresec.blogspot.com
|
1 | www.retiresecure.co.za | 1 redirects |
77 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
retiresec.blogspot.co.za |
www.blogger.com |
money.cnn.com |
3.bp.blogspot.com |
za.linkedin.com |
www.exchangerates.org.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.blogger.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.sumo.com Sectigo RSA Domain Validation Secure Server CA |
2020-05-30 - 2021-05-30 |
a year | crt.sh |
*.jnb3.host-h.net GeoTrust RSA CA 2018 |
2020-06-29 - 2021-07-19 |
a year | crt.sh |
creditsforteachers.com Let's Encrypt Authority X3 |
2020-09-26 - 2020-12-25 |
3 months | crt.sh |
misc-sni.blogspot.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-10-10 - 2021-10-14 |
2 years | crt.sh |
currency.me.uk Amazon |
2020-07-31 - 2021-08-31 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-29 - 2021-07-29 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
api.bufferapp.com DigiCert SHA2 Secure Server CA |
2020-06-24 - 2022-08-16 |
2 years | crt.sh |
*.pinterest.com DigiCert SHA2 High Assurance Server CA |
2020-07-16 - 2021-08-04 |
a year | crt.sh |
*.reddit.com DigiCert SHA2 Secure Server CA |
2020-08-26 - 2021-02-22 |
6 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-10-26 - 2021-04-17 |
6 months | crt.sh |
This page contains 8 frames:
Primary Page:
http://retiresec.blogspot.com/
Frame ID: F5EEDA8D6F6BEC59DB02FDDE410C373C
Requests: 68 HTTP requests in this frame
Frame:
https://www.blogger.com/navbar.g?targetBlogID=7297854436627768385&blogName=Retire+Secure&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://retiresec.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://retiresec.blogspot.com/&vt=1840156571535163682&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Frame ID: 7E7BD7E09D38BF2460C160A015138662
Requests: 1 HTTP requests in this frame
Frame:
https://www.currency.me.uk/remote/FE-FERT-2.php?ws=http://retiresec.blogspot.com/&tz=0&userhr=0&userhr=0&mc=ZAR&c1=USD&c2=EUR&c3=GBP&bdrc=CBCBCB&bc=Base%20Currency&lc=086634
Frame ID: 17CB23EAEC0DE967376E5C68E62AE544
Requests: 1 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 1E67696DB3A0106A2F2C19ECD81C2EB8
Requests: 1 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: EA122EC0773ACE480633E74BC095666D
Requests: 1 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 5ACF817B2C20727F63AF48EE936D3616
Requests: 5 HTTP requests in this frame
Frame:
https://static-v.tawk.to/a-v3/images/bubbles/3-r-br.svg
Frame ID: 57DADFEFAC854B1CD2F956F840B78B66
Requests: 1 HTTP requests in this frame
Frame:
https://va.tawk.to/log
Frame ID: F21E4685027DA0386B97803D09705028
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.retiresecure.co.za/
HTTP 301
http://retiresec.blogspot.com/ Page URL
Detected technologies
Blogger (Blogs) ExpandDetected patterns
- meta generator /^Blogger$/i
Python (Programming Languages) Expand
Detected patterns
- meta generator /^Blogger$/i
Java (Programming Languages) Expand
Detected patterns
- headers server /GSE/i
OpenGSE (Web Servers) Expand
Detected patterns
- headers server /GSE/i
Tawk.to (Live Chat) Expand
Detected patterns
- script /\/\/embed\.tawk\.to/i
SumoMe (Widgets) Expand
Detected patterns
- script /load\.sumome\.com/i
Page Statistics
57 Outgoing links
These are links going to different origins than the main page.
Title: GEPF
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Charles Horner - CFP
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Email This
Search URL Search Domain Scan URL
Title: BlogThis!
Search URL Search Domain Scan URL
Title: Share to Twitter
Search URL Search Domain Scan URL
Title: Share to Facebook
Search URL Search Domain Scan URL
Title: Share to Pinterest
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Email This
Search URL Search Domain Scan URL
Title: BlogThis!
Search URL Search Domain Scan URL
Title: Share to Twitter
Search URL Search Domain Scan URL
Title: Share to Facebook
Search URL Search Domain Scan URL
Title: Share to Pinterest
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Email This
Search URL Search Domain Scan URL
Title: BlogThis!
Search URL Search Domain Scan URL
Title: Share to Twitter
Search URL Search Domain Scan URL
Title: Share to Facebook
Search URL Search Domain Scan URL
Title: Share to Pinterest
Search URL Search Domain Scan URL
Title: online survey
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Email This
Search URL Search Domain Scan URL
Title: BlogThis!
Search URL Search Domain Scan URL
Title: Share to Twitter
Search URL Search Domain Scan URL
Title: Share to Facebook
Search URL Search Domain Scan URL
Title: Share to Pinterest
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Email This
Search URL Search Domain Scan URL
Title: BlogThis!
Search URL Search Domain Scan URL
Title: Share to Twitter
Search URL Search Domain Scan URL
Title: Share to Facebook
Search URL Search Domain Scan URL
Title: Share to Pinterest
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Email This
Search URL Search Domain Scan URL
Title: BlogThis!
Search URL Search Domain Scan URL
Title: Share to Twitter
Search URL Search Domain Scan URL
Title: Share to Facebook
Search URL Search Domain Scan URL
Title: Share to Pinterest
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Email This
Search URL Search Domain Scan URL
Title: BlogThis!
Search URL Search Domain Scan URL
Title: Share to Twitter
Search URL Search Domain Scan URL
Title: Share to Facebook
Search URL Search Domain Scan URL
Title: Share to Pinterest
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: ExchangeRates.org.uk
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Blogger
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Weitere Informationen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.retiresecure.co.za/
HTTP 301
http://retiresec.blogspot.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/gettyimages-843200024/402451-1-eng-GB/gettyimages-843200024_web320.jpg HTTP 302
- https://www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/gettyimages-843200024/402451-1-eng-GB/gettyimages-843200024_web320.jpg
- http://www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/screen-shot-2017-09-14-at-1.41.49-pm/398072-1-eng-GB/screen-shot-2017-09-14-at-1.41.49-pm_web640.png HTTP 302
- https://www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/screen-shot-2017-09-14-at-1.41.49-pm/398072-1-eng-GB/screen-shot-2017-09-14-at-1.41.49-pm_web640.png
- http://www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/gettyimages-515365242-finplan/393320-1-eng-GB/gettyimages-515365242-finplan_web320.jpg HTTP 302
- https://www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/gettyimages-515365242-finplan/393320-1-eng-GB/gettyimages-515365242-finplan_web320.jpg
- http://www.currency.me.uk/remote/FE-FERT-1.php HTTP 301
- https://www.currency.me.uk/remote/FE-FERT-1.php
- http://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1102020905809091731586_1606692347711&source=6&url=http%3A%2F%2Fretiresec.blogspot.com%2F&_=1606692347712 HTTP 307
- https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1102020905809091731586_1606692347711&source=6&url=http%3A%2F%2Fretiresec.blogspot.com%2F&_=1606692347712
- http://reddit.com/button_info.json?url=http%3A%2F%2Fretiresec.blogspot.com%2F&jsonp=jQuery1102020905809091731586_1606692347713&_=1606692347714 HTTP 307
- https://reddit.com/button_info.json?url=http%3A%2F%2Fretiresec.blogspot.com%2F&jsonp=jQuery1102020905809091731586_1606692347713&_=1606692347714 HTTP 301
- https://www.reddit.com/button_info.json?url=http%3A%2F%2Fretiresec.blogspot.com%2F&jsonp=jQuery1102020905809091731586_1606692347713&_=1606692347714
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
retiresec.blogspot.com/ Redirect Chain
|
151 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ |
36 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
load.sumome.com/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plusone.js
apis.google.com/js/ |
49 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Retire%2BSecure%2Blogo.jpg
3.bp.blogspot.com/-zGGxh8ONw-o/V-0aQkVNSDI/AAAAAAAAFas/I_NnNA3T8fkfAsss4sLNROXR3hqR0bYWgCK4B/s752/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon18_wrench_allbkg.png
resources.blogblog.com/img/ |
475 B 612 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in.js
platform.linkedin.com/ |
181 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Alwyn-van-der-Merwe-2-okayv2803npy3y01k6obbu74.jpg
1of1privatecollection.co.za/wp-content/uploads/nf_image/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 646 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
graph2.jpg
1of1privatecollection.co.za/wp-content/uploads/2019/11/ |
138 KB 139 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72.7e831236a32d6086ab3e.js
load.sumo.com/ |
131 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
73.7e831236a32d6086ab3e.js
load.sumo.com/ |
289 KB 99 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon18_email.gif
resources.blogblog.com/img/ |
164 B 284 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gettyimages-843200024_web320.jpg
www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/gettyimages-843200024/402451-1-eng-GB/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screen-shot-2017-09-14-at-1.41.49-pm_web640.png
www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/screen-shot-2017-09-14-at-1.41.49-pm/398072-1-eng-GB/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gettyimages-515365242-finplan_web320.jpg
www.insidesanlam.co.za/var/sanlam/storage/images/media2/images/gettyimages-515365242-finplan/393320-1-eng-GB/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WomanJuggling_multitasking-art.jpg
creditsforteachers.com/userfiles/1050/images/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Piggy%2Bretirement.jpg
3.bp.blogspot.com/-odWHxIkS17w/V-pw4ez4kAI/AAAAAAAAFaE/O9QLzwa3ghQTXEFpkOHYUyv0Xi9IvlfvACLcB/s1600/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_viewmy_160x33.png
static.licdn.com/scds/common/u/img/webpromo/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FE-FERT-1.php
www.currency.me.uk/remote/ Redirect Chain
|
5 KB 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookienotice.js
retiresec.blogspot.com/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
1568228981-widgets.js
www.blogger.com/static/v1/widgets/ |
141 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ |
138 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ |
54 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ |
47 B 658 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TwMO-IAHRlkbx940YnYXTQ.ttf
fonts.gstatic.com/s/allerta/v11/ |
15 KB 10 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
share_buttons_20_3.png
www.blogger.com/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 92 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
navbar.g
www.blogger.com/ Frame 7E7B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
paging_dot.png
resources.blogblog.com/blogblog/data/1kt/simple/ |
99 B 200 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FE-FERT-2.php
www.currency.me.uk/remote/ Frame 17CB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default
embed.tawk.to/57bb0d821105e45f7b2fb726/ |
12 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
sumo.com/api/load/ |
772 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ |
24 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ |
51 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_3
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=gapi_iframes_style_slide_menu/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMG... |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
services
sumo.com/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
services
sumo.com/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
368954415-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ |
35 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
static-v.tawk.to/697/ |
497 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
1163018865-lbx__en_gb.js
www.blogger.com/static/v1/jsbin/ |
374 KB 120 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.7e831236a32d6086ab3e.js
load.sumo.com/ |
5 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64.7e831236a32d6086ab3e.js
load.sumo.com/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.7e831236a32d6086ab3e.js
load.sumo.com/ |
5 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.7e831236a32d6086ab3e.js
load.sumo.com/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.7e831236a32d6086ab3e.js
load.sumo.com/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.7e831236a32d6086ab3e.js
load.sumo.com/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.7e831236a32d6086ab3e.js
load.sumo.com/ |
438 KB 128 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15.7e831236a32d6086ab3e.js
load.sumo.com/ |
711 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
21 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
rpc
clients6.google.com/ Frame |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shares.json
api.bufferapp.com/1/links/ |
130 B 586 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
graph.facebook.com/ |
252 B 892 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
links.getStats
api.facebook.com/method/ |
396 B 824 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
rpc
clients6.google.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
count.json
widgets.pinterest.com/v1/urls/ Redirect Chain
|
94 B 306 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button_info.json
www.reddit.com/ Redirect Chain
|
150 B 614 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sumome-white-60.png
load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
jsonpcallback
sumo.com/api/ |
16 B 378 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
jsonpcallback
sumo.com/api/ |
16 B 378 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
jsonpcallback
sumo.com/api/ |
16 B 378 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-settings
va.tawk.to/v1/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1606692349370
va.tawk.to/register/ |
675 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 1E67 |
7 KB 693 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame EA12 |
7 KB 670 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ Frame 5ACF |
7 KB 665 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 5ACF |
192 B 493 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 5ACF |
295 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa54.tawk.to/s/ |
101 B 226 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3-r-br.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame 57DA |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 5ACF |
413 B 516 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa54.tawk.to/s/ |
77 B 287 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v3
va.tawk.to/log-performance/ |
5 B 216 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa54.tawk.to/s/ |
4 B 88 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 5ACF |
413 B 482 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log
va.tawk.to/ Frame F21E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- clients6.google.com
- URL
- https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Verdicts & Comments Add Verdict or Comment
120 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| sumome object| webpackJsonpsumome object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl object| __core-js_shared__ object| Sslac object| IN object| sumo object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included string| tz string| mc string| nb string| c1 string| c2 string| c3 string| bc string| lc string| bdrc object| vt number| userhr string| ws number| os object| Tawk_API object| Tawk_LoadStart function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_794561 object| cookieChoices boolean| __smLoaded object| jQuery1102020905809091731586 object| help object| hgb object| userfeedback string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk boolean| currentUrlIncluded undefined| jQuery1102020905809091731586_1606692347705 undefined| jQuery1102020905809091731586_1606692347707 undefined| jQuery1102020905809091731586_1606692347709 undefined| jQuery1102020905809091731586_1606692347711 undefined| jQuery1102020905809091731586_1606692347713 function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
retiresec.blogspot.com/ | Name: __smToken Value: JeKLBDk9yLheRev4ELk61wpj |
|
retiresec.blogspot.com/ | Name: __smVID Value: 872139a5b2b738009c498f53991f0b6f7e8874f794ff88e667070d1a40965b66 |
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1of1privatecollection.co.za
3.bp.blogspot.com
api.bufferapp.com
api.facebook.com
apis.google.com
cdn.jsdelivr.net
clients6.google.com
creditsforteachers.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
load.sumo.com
load.sumome.com
pagead2.googlesyndication.com
platform.linkedin.com
reddit.com
resources.blogblog.com
retiresec.blogspot.com
static-v.tawk.to
static.licdn.com
sumo.com
va.tawk.to
vsa54.tawk.to
widgets.pinterest.com
www.blogger.com
www.currency.me.uk
www.gstatic.com
www.insidesanlam.co.za
www.reddit.com
www.retiresecure.co.za
clients6.google.com
104.16.138.31
129.232.243.83
151.101.36.84
151.101.65.140
196.41.130.156
199.232.53.140
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2009
2a00:1450:4001:809::200e
2a00:1450:4001:815::2003
2a00:1450:4001:818::200e
2a00:1450:4001:819::2003
2a00:1450:4001:81d::2001
2a00:1450:4001:820::200a
2a00:f48:2000:1023::3
2a02:26f0:6c00::210:ba20
2a03:2880:f01c:800e:face:b00c:0:2
2a04:4e42:3::621
35.231.234.75
41.203.18.169
52.34.133.113
65.9.68.115
000bd65a7d023646b4ba348305c1ac4e81a7052cfd8fcd58090888b8e756e1e7
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c
11657156f140ac7e3c50a127c4f4e3246041c21b22376357d06dcf1cb3bfb3f4
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43
1de24d90a866f3909d2768ba8f68624aa2d75a69693526ad6849641db9f389aa
1e3869a752d8d7cfad487a6f4e2def12daa851373a9cce97dcc4a96523501dba
201a98cb41efcee55dfb27bffb9e2c403cc873f445b1ee44822b3805df86a9a7
209f9edd353da6e8251de2090de4f9c16e34b7ea2fe9152c0d9736072c96e163
21d4c8344081609dc02f9e481f9c97da6b20baab0694049a524e5db7e32131bc
24d25ae127c21ed044b31e9eca25377e35c3effded338f46bef928988a830d3a
2c666864babd01234e141cf63de6d7144ab88d53652d619869ec3a6adbc6fae8
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
4412e2fb4fdf430bce2e31a12382312986233995706cdcab2b1f829f608618b2
4af710a9242b394b499b6f7993a3aa71677c8496ef48185bc9cd07bea5db8b5d
4de3f4c2a6641e1090dbe66b4c85f8c2d83eb5df44205e2964dd53c5702c7adc
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
53c0a264444053b235b6d81b4da620684ddce50d6326798a1a536f9e269d5f52
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54cae14d71d871e51ad5488039baa518b761b94ce2dc77322681e5aa9bdbae90
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
67bcc0dfed9c5e6b26965264e3308fe3a0824699b804545448c0c71a1dbda0c6
6e17ef68c044e85da02d6575eb67bd5c233daafba49711b344584496e4fd366f
6e83c077fb845b06ebcac94b6ab6e543f586434895e9361ce5db3d67ca95c8ae
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
7fe7ae2d590ed2c98a03236b4f584d3f15769e24b35f370f6b6f2564f9d3650c
8ed77676d10661c0467f600237ee68475d3d4e58993e200cd953ae54132a0e24
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
995618d30f1eb07bc9b5e01429ac63b4559b96e344801b3da9ebe69d9a63211f
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9c41876d134589c345a9515bf13de8dee71d41aeb56733db32c7a949a5e192a0
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ad09f991beee875b2c6ebce677bbc64e2457dab8e53b9c5a3cb4333b94430192
b29503392394390637384a5da772c4892b1a1aff17f09b996becf63310f45d8a
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
b678971f28a011ed9a33161b01a7611e295e11184ccb9d0e3be412597fc65da5
c0b3e70a7639d44e8ea189ab977166fa782c4bcd18edc5d1d66cba60e870d1f6
c0d0e1538762172baec8c38f8bf6841fa9fe83492535e53ea50d0cbe4ecdce84
c3244c2b387ee355d90bdf3c703f6f9e90d2146a1a0985824f27a5893d45f8aa
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c544784ac6cf88072f75d6a1b00e077c2b15539f8b87c5f0e8a62fbca24fe7b0
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc0d33aa4929b71fa775ae49b0ee486a10d5dcae89693d11ceaa95192dce774e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdad5aee0501c88436195305b9370bde6fc396053e19319a0fafcd761093db6c
d15548429c195234b491e3ab193aa63baf05755eb5832d70d87423f32dcdbf2c
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
db421d4db0137f9703245f01d9ccfe5414621f2f80350793a561b2d02ec48b1d
dbfaa90b4bcd0a0b543463f2b4dcd4e9bc638d205411bdf0014a49376a787664
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7897c3db04835c2fd03e20c34c884267eddba16de9e8f8b7f949714067d7ea5
eef06cdd8087fab05ba6183764c05051e042e8e036e25fc18e5876a05c825071
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2