urlscan.io logo urlscan.io
SecurityTrails logo

memo-gazette.com Open in urlscan Pro
2606:4700:3031::ac43:c3a6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fire3.foxnews24.ru/
Effective URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7...
Submission: On March 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3031::ac43:c3a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is memo-gazette.com.
TLS certificate: Issued by E1 on February 13th 2024. Valid for: 3 months.
This is the only time memo-gazette.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 46.4.130.237 24940 (HETZNER-AS)
1 2 85.192.12.187 12695 (DINET-AS)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 116.202.32.31 24940 (HETZNER-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
8 95.163.155.39 12695 (DINET-AS)
26 7
1    46.4.130.237 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.237.130.4.46.clients.your-server.de
fire3.foxnews24.ru
2    85.192.12.187 (Russian Federation)

ASN12695 (DINET-AS, RU)
mixer-newspaper.com
9    2606:4700:3031::ac43:c3a6 (United States)

ASN13335 (CLOUDFLARENET, US)
memo-gazette.com
1    116.202.32.31 (Krefeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.32.202.116.clients.your-server.de
ffrtrinvzk.com
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    95.163.155.39 (Russian Federation)

ASN12695 (DINET-AS, RU)
8orzcc96ep.com
Apex Domain
Subdomains		 Transfer
9 memo-gazette.com
memo-gazette.com
392 KB
8 8orzcc96ep.com
8orzcc96ep.com
199 KB
6 gstatic.com
fonts.gstatic.com
76 KB
2 mixer-newspaper.com
mixer-newspaper.com — Cisco Umbrella Rank: 810582
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
1 KB
1 ffrtrinvzk.com
ffrtrinvzk.com — Cisco Umbrella Rank: 623891
4 KB
1 foxnews24.ru
fire3.foxnews24.ru
750 B
26 7
Domain Requested by
9 memo-gazette.com memo-gazette.com
8 8orzcc96ep.com
6 fonts.gstatic.com fonts.googleapis.com
2 mixer-newspaper.com 1 redirects memo-gazette.com
1 fonts.googleapis.com memo-gazette.com
1 ffrtrinvzk.com memo-gazette.com
1 fire3.foxnews24.ru 1 redirects
26 7

This site contains links to these domains. Also see Links.

Domain
ac-dir-co.8orzcc96ep.com
Subject Issuer Validity Valid
memo-gazette.com
E1		 2024-02-13 -
2024-05-13		 3 months crt.sh
expo-s.com
R3		 2024-03-16 -
2024-06-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
mixer-magazin.com
R3		 2024-03-15 -
2024-06-13		 3 months crt.sh
esuxdqovni.com
R3		 2024-01-16 -
2024-04-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Frame ID: 67C045483D7648C437656A2C50A6FFBA
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Горбачев на смертном одре выдал имя того,кто приказал развалить СССР, им был... -

Page URL History Show full URLs

  1. https://fire3.foxnews24.ru/ HTTP 302
    https://mixer-newspaper.com/?no_transit=1&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86... HTTP 307
    https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad997... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

26
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

674 kB
Transfer

1003 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fire3.foxnews24.ru/ HTTP 302
    https://mixer-newspaper.com/?no_transit=1&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&sid7=58429&path=view&utm_source=l5YPr&sid6=af757397d2e4ad99763490d03a166bad HTTP 307
    https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request new
memo-gazette.com/view/
Redirect Chain
  • https://fire3.foxnews24.ru/
  • https://mixer-newspaper.com/?no_transit=1&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&sid7=58429&path=view&utm_source=l5YPr&sid6=af757397d2e4ad99763490d03a16...
  • https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8...
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ff3a0a2bc1903207bc3526cb8e9edd1aa413e1a76f19d6bf0121591e6d8eef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
865bc7ebed98742e-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 17 Mar 2024 08:58:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nx%2B04Gqp6PmNQrYPKtPPsH7kh9OM6ydtFr%2FP7ftigsFlsGnWit5OIGCTloYKmFVICOt3ABMg7FQqFi6zKltqyM3c%2BTwU4Sg045jasEW8hCZqs6Ww4dfb7iEFbPIzjqxU0JUtb0zOKGcHIX2sjq2W"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x_domain
memo-gazette.com
x_theme
outofwindow3-without-dmp2.desktop

Redirect headers

Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
310
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Mar 2024 08:58:23 GMT
Location
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Server
nginx/1.18.0 (Ubuntu)
grid.min.css
memo-gazette.com/static/outofwindow3-without-dmp2.desktop/css/ 		51 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://memo-gazette.com/static/outofwindow3-without-dmp2.desktop/css/grid.min.css
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 12 Mar 2024 07:36:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f005f9-ca40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W62hJUMdgrN8qmzsM1da4vuVaavMZdNsL%2BOCz1x4VcBjKbeCFmBGCSYFHRl9H4wzf9dtL5bcfcIcLhnldgDy9TZ1OihUXSLIlO8Vfw6AVdiQq1JaLAjrFwNey9Dfl%2Fe%2BU80Z1Woq6e6hC01x6IIe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
865bc7ef0f45742e-MIA
alt-svc
h3=":443"; ma=86400
app.8c1a1b37.js
memo-gazette.com/static/outofwindow3-without-dmp2.desktop/js/ 		60 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://memo-gazette.com/static/outofwindow3-without-dmp2.desktop/js/app.8c1a1b37.js
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce1a730de7ce124eaa05e19ad84fedd657ee64a8a1ce75c83f9ebb932be11a9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 12 Mar 2024 07:36:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f005f9-ef13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ia7wrDu3KDQ2pcph13FfP3g1Y8B%2FaIT7dEAjZT5jS%2BIALVeUqbje2DJaCvoY42Z%2BAEcdmxXuTKLNh%2FKLMYhzoxNkeYtyyURy77N355%2FSS1s%2BWBn1BUEB8Jeo0BiHU6fcFl7EChvd3tWzPnaG1dyC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
865bc7ef0f48742e-MIA
alt-svc
h3=":443"; ma=86400
chunk-vendors.6a844e66.js
memo-gazette.com/static/outofwindow3-without-dmp2.desktop/js/ 		278 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://memo-gazette.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae627eec7ec821fb3a6c77342be3acf8bd86d3926956081caaf4306f459bc2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 12 Mar 2024 07:36:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f005f9-4567c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qW4gzVwAkEGSt9CLk3k296W1xsIbL3hZnPqjzFDwplmQppvchW6jLXWAdxJ2eS95z0F8LadwPO6gQXOqoAN23WL4kWPgI6TVjH7bmk95N%2BabrtH815aRmQMrZS3aLBJfgCOdk5I1wIGDwxeAD2yB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
865bc7ef0f49742e-MIA
alt-svc
h3=":443"; ma=86400
749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
ffrtrinvzk.com/1/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
116.202.32.31 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.32.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
0401abeac124173ec57f247d872442cb7beec49a2d6655c0f77847d7a627d33c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://memo-gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:25 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2023 19:29:38 GMT
server
nginx/1.18.0
etag
W/"654e84a2-3797"
vary
Accept-Encoding
content-type
application/javascript
style.min.css
memo-gazette.com/static/outofwindow3-without-dmp2.desktop/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://memo-gazette.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c19f3af00a3bddd2fff8453cb4279fdf8c01d37f8b41f3d05df174f6795b99c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 12 Mar 2024 07:36:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f005f9-2832"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5X831h%2FoUyWlDT%2BGuXqoGAlqR4meyFF3mvqFlRCphvdsnEkvnZ%2B%2BwUcg5Mq3wQGuAM1ownsDlT%2BVFhnS%2FO2VbD26iurpfVzO5BC6pBEnpcaBRACbN8f4mjdj63jeqnPBzRyiTqefou9XrojseZye"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
865bc7ef0f46742e-MIA
alt-svc
h3=":443"; ma=86400
truncated
/ 		153 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9907d5fc9e36bd3a58a9542199de02ffae719363656c040ca10e3d5e80fb970d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://memo-gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Mar 2024 08:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Mar 2024 08:12:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Mar 2024 08:58:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:44:26 GMT
x-content-type-options
nosniff
age
303239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:44:26 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:43:40 GMT
x-content-type-options
nosniff
age
303285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:43:40 GMT
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 09:04:28 GMT
x-content-type-options
nosniff
age
345237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 09:04:28 GMT
get-n-item
memo-gazette.com/api/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://memo-gazette.com/api/get-n-item?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&language=RU&blang=en-US&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed&hash=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&project=1
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b53dea2909bf0e922f3a737ebd4fdb581671e8f3d45ee308ae0e80d0b7c472a

Request headers

Accept
application/json, text/plain, */*
Referer
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGwu2HKf2eajal6D1Q9YFvoHIYoi1d0mDOd5L3oJMvMZSgVjKR7NI4umuMcBfYhfmY6ixg49R%2Fyn2FYidOxR0Gysu%2F1dlWGYWDNsEqvIhG4tPpn0HcI0BXjog3FjHJLwG9IzoJewljnBJsCnGUY2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
content-type
application/json
cf-ray
865bc7f49e03370e-MIA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
alt-svc
h3=":443"; ma=86400
image.gif
mixer-newspaper.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixer-newspaper.com/image.gif?sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_source=l5YPr&utm_medium=4388&client_id=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed&cost=0&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&category=0&resolution_width=1600&resolution_height=1200&connection_speed=4g,9.1
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
85.192.12.187 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://memo-gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Mar 2024 08:58:25 GMT
Last-Modified
Sun, 17 Mar 2024 08:58:25 GMT
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/gif
Access-Control-Allow-Origin
https://memo-gazette.com
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Content-Length
43
Expires
Wed, 11 Nov 1998 11:11:11 GMT
get-items
memo-gazette.com/api/ 		21 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://memo-gazette.com/api/get-items?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&language=RU&blang=en-US&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed&hash=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&project=1&boost=1&is_clear=0&count=8&offset=0&r=0.42855821943637684&theme=outofwindow3-without-dmp2&is_video=0&resolution_width=1600&resolution_height=1200&connection_speed=4g%2C9.1&article=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1860213aa3e43757f0bbce6b1d9e0c96a8a9020603a8c0b5448f692144c1c484

Request headers

Accept
application/json, text/plain, */*
Referer
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FdIx0lCh2mhnHtfcSHFoOznFUj4huUQhYs0HH0XZfMzZBxp0iRNs17b9P4jHIJ4gCqZB%2FaT74wM0UAt3khCunQsrNIJXgMfCs%2F2egb0NtQZJ0G2nYtYmU3uVcPxC0rx5yG%2BhXTI99h69U7mRBzG7"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
content-type
application/json
cf-ray
865bc7f7af11370e-MIA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
alt-svc
h3=":443"; ma=86400
e8a46c8147413334ef29a62e2ec4e7a4.png
memo-gazette.com/images/news/rectangular/ 		263 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memo-gazette.com/images/news/rectangular/e8a46c8147413334ef29a62e2ec4e7a4.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d25bbd02f29e4ffb12981d1bcc971f22db8ea1e7a1e9df4b60237c1716b8ac

Request headers

Referer
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
269812
last-modified
Thu, 11 Jan 2024 14:06:27 GMT
server
cloudflare
etag
"659ff5e3-41df4"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3%2BahlnMyhHEWlDziWltwUKNM%2Bt8WIR4kooux%2Fyo8a1PByfOyc8VU9%2B2CFnhyApMtr4eYfPLjtkedPWmnB8rDM9fDF8JWV%2BFPaLitFgaihCXKD9a6F%2Bn5PabidtLiSVqCmxknAJx4kjY%2FFaEcjIH"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
865bc7f7af12370e-MIA
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:43:41 GMT
x-content-type-options
nosniff
age
303284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9840
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:43:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:53:07 GMT
x-content-type-options
nosniff
age
302718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:53:07 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:07:53 GMT
x-content-type-options
nosniff
age
301832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 21:07:53 GMT
c632b838-5b67-40e0-9448-626453a6cd1c.jpg
8orzcc96ep.com/images/c6/32/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8orzcc96ep.com/images/c6/32/c632b838-5b67-40e0-9448-626453a6cd1c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.163.155.39 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5517ccb9eb74123a13fb7abf8711c8759ce192d291d4449149c6e2b2a1a21ab3

Request headers

Referer
https://memo-gazette.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:26 GMT
last-modified
Sat, 02 Mar 2024 13:18:15 GMT
server
nginx/1.18.0
etag
"65e32717-5d7a"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
23930
expires
Thu, 31 Dec 2037 23:55:55 GMT
b11df0a2-48ca-43bd-8491-74fc2ac51afe.jpg
8orzcc96ep.com/images/b1/1d/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8orzcc96ep.com/images/b1/1d/b11df0a2-48ca-43bd-8491-74fc2ac51afe.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.163.155.39 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c95f12384cd2b397b93fb55959fc3c44c2f50daf65872bac0962ab47b0aa8233

Request headers

Referer
https://memo-gazette.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:26 GMT
last-modified
Fri, 08 Mar 2024 07:00:12 GMT
server
nginx/1.18.0
etag
"65eab77c-64ea"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
25834
expires
Thu, 31 Dec 2037 23:55:55 GMT
a9791c16-bf8e-4883-bc2e-db7091b277a8.jpg
8orzcc96ep.com/images/a9/79/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8orzcc96ep.com/images/a9/79/a9791c16-bf8e-4883-bc2e-db7091b277a8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.163.155.39 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
854b04022187a0dded8e44777d49cb4559cf70fbd1ea38d54d57769de1380393

Request headers

Referer
https://memo-gazette.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:26 GMT
last-modified
Fri, 15 Mar 2024 07:00:26 GMT
server
nginx/1.18.0
etag
"65f3f20a-3748"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
14152
expires
Thu, 31 Dec 2037 23:55:55 GMT
bef3f559-f740-4f50-bfb6-c493bd03ec7b.jpg
8orzcc96ep.com/images/be/f3/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8orzcc96ep.com/images/be/f3/bef3f559-f740-4f50-bfb6-c493bd03ec7b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.163.155.39 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8a38d1a0b2f1990bfd508660f176e30b32394a9f66741887e8f29084eeb1099f

Request headers

Referer
https://memo-gazette.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:26 GMT
last-modified
Fri, 15 Mar 2024 07:00:16 GMT
server
nginx/1.18.0
etag
"65f3f200-481a"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
18458
expires
Thu, 31 Dec 2037 23:55:55 GMT
d812b6c9-53ec-4abc-9a59-d2d099c0fce8.jpg
8orzcc96ep.com/images/d8/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8orzcc96ep.com/images/d8/12/d812b6c9-53ec-4abc-9a59-d2d099c0fce8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.163.155.39 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9542b26573d4c7f94abd935d02de944d6aa436e7fcd7f350d47b0b78246751ee

Request headers

Referer
https://memo-gazette.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:26 GMT
last-modified
Tue, 12 Mar 2024 07:00:17 GMT
server
nginx/1.18.0
etag
"65effd81-6bca"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
27594
expires
Thu, 31 Dec 2037 23:55:55 GMT
bcc8f39e-9b34-4964-9150-7aecb6d5ec2d.jpg
8orzcc96ep.com/images/bc/c8/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8orzcc96ep.com/images/bc/c8/bcc8f39e-9b34-4964-9150-7aecb6d5ec2d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.163.155.39 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bb4816f895199e0cb3188c3d32835de4952c4ef8567119c6078e4a3f17c9098b

Request headers

Referer
https://memo-gazette.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:26 GMT
last-modified
Mon, 29 Jan 2024 13:17:05 GMT
server
nginx/1.18.0
etag
"65b7a551-68c1"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
26817
expires
Thu, 31 Dec 2037 23:55:55 GMT
9704967b-4502-451b-b701-8916180d182d.jpg
8orzcc96ep.com/images/97/04/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8orzcc96ep.com/images/97/04/9704967b-4502-451b-b701-8916180d182d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.163.155.39 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ef40747502fad55a7c0cd031b61ca6611c1c60d8a8a53ad4d83428c53191e587

Request headers

Referer
https://memo-gazette.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:27 GMT
last-modified
Tue, 12 Mar 2024 07:00:13 GMT
server
nginx/1.18.0
etag
"65effd7d-b896"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
47254
expires
Thu, 31 Dec 2037 23:55:55 GMT
16d92cf3-b0f2-497f-b1b2-063ee036f1c0.jpg
8orzcc96ep.com/images/16/d9/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8orzcc96ep.com/images/16/d9/16d92cf3-b0f2-497f-b1b2-063ee036f1c0.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.163.155.39 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8b5a2d32ca0590469b7a12b6541eda423158cdc9b3041564bd8f3c0b311b4382

Request headers

Referer
https://memo-gazette.com/
Origin
https://memo-gazette.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 08:58:27 GMT
last-modified
Fri, 15 Mar 2024 07:00:11 GMT
server
nginx/1.18.0
etag
"65f3f1fb-4578"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
*
content-length
17784
expires
Thu, 31 Dec 2037 23:55:55 GMT
set-view
memo-gazette.com/api/ 		34 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://memo-gazette.com/api/set-view
Requested by
Host: memo-gazette.com
URL: https://memo-gazette.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c3a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d11a7da52bb89f362ad17ee9f250103db4e4f1eba2e7ac362e04e0a0438fcc1

Request headers

Accept
application/json, text/plain, */*
Referer
https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 17 Mar 2024 08:58:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FKMApLpT69SHSzjm80GKKK1FTYkHeBY74tZhK%2Fbj9XB0VgYTGO4oFcCL58CfN7XUI%2B0m70a11VEV6JNGI4TbLFqXYesOxR1eopl0bDNZV6FLwjdVv0kwSp8z5dehvNKGInpu9lxRApY%2BMWrh3Hb"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
content-type
application/json
cf-ray
865bc7fe18cc370e-MIA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config boolean| isback string| backVersion number| scrollPosition undefined| modalWindowTimeout function| EkLHZIQ41ivQtGlwp object| ic4ca4 object| webpackJsonp number| pinterNewsInfinite number| pinter number| offsetForTest string| uid object| scrollHistory object| vueApp

11 Cookies

Domain/Path Name / Value
fire3.foxnews24.ru/ Name: n
Value: tgV6jPt3u4uUxPK2%2B24BSQY3kbw%3D
fire3.foxnews24.ru/ Name: lt_dispatcher_url
Value: b4b5f4d2fc8a438d62de8bec1d11e2377e037c74%7Ehttps%3A%2F%2Fmixer-newspaper.com
fire3.foxnews24.ru/ Name: lt_dispatcher_main
Value: 7e55c7a18a95b14f1cebd3d4b66f77baddb708cb%7E5087f028abbd63dbe3623e44c07715cb
mixer-newspaper.com/ Name: cd
Value: eyJzIjp7Im8iOiJXaW5kb3dzIiwib3YiOiIxMCIsImRjIjoxLCJiIjoiQ2hyb21lIiwiYnYiOiIxMjIifSwibCI6eyJyIjoi0KTQu9C+0YDQuNC00LAiLCJuIjoyMTg0MywiaXNwIjoiQ29nZW50IENvbW11bmljYXRpb25zIn19
mixer-newspaper.com/ Name: sid10
Value: 0
mixer-newspaper.com/ Name: article
Value: 1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1
mixer-newspaper.com/ Name: uid
Value:
mixer-newspaper.com/ Name: utm_medium
Value: 4388
memo-gazette.com/ Name: duid
Value: news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
mixer-newspaper.com/ Name: cc
Value: eyJ1aWlkIjoibmV3cy00NDE3YTNjZi05ZTM3LTQxYzUtYjRlZS1jOWEwNzk0ODZiZWQiLCJkX29mZnNldCI6LTF9
memo-gazette.com/ Name: templates_show_id
Value: 111

10 Console Messages

Source Level URL
Text
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr&uid=news-4417a3cf-9e37-41c5-b4ee-c9a079486bed
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other error URL: https://memo-gazette.com/view/new?d=mixer-newspaper.com&no_transit=1&path=view&sid6=af757397d2e4ad99763490d03a166bad&sid7=58429&sid9=view&utm_campaign=67309&utm_content=1027a1b6-b3a8-4d26-8805-a2f8b86b8ab1&utm_medium=4388&utm_source=l5YPr
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8orzcc96ep.com
ffrtrinvzk.com
fire3.foxnews24.ru
fonts.googleapis.com
fonts.gstatic.com
memo-gazette.com
mixer-newspaper.com
116.202.32.31
2606:4700:3031::ac43:c3a6
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81c::200a
46.4.130.237
85.192.12.187
95.163.155.39
0401abeac124173ec57f247d872442cb7beec49a2d6655c0f77847d7a627d33c
1860213aa3e43757f0bbce6b1d9e0c96a8a9020603a8c0b5448f692144c1c484
21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d
2c19f3af00a3bddd2fff8453cb4279fdf8c01d37f8b41f3d05df174f6795b99c
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3b53dea2909bf0e922f3a737ebd4fdb581671e8f3d45ee308ae0e80d0b7c472a
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5517ccb9eb74123a13fb7abf8711c8759ce192d291d4449149c6e2b2a1a21ab3
5d11a7da52bb89f362ad17ee9f250103db4e4f1eba2e7ac362e04e0a0438fcc1
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65
7ae627eec7ec821fb3a6c77342be3acf8bd86d3926956081caaf4306f459bc2e
854b04022187a0dded8e44777d49cb4559cf70fbd1ea38d54d57769de1380393
8a38d1a0b2f1990bfd508660f176e30b32394a9f66741887e8f29084eeb1099f
8b5a2d32ca0590469b7a12b6541eda423158cdc9b3041564bd8f3c0b311b4382
9542b26573d4c7f94abd935d02de944d6aa436e7fcd7f350d47b0b78246751ee
9907d5fc9e36bd3a58a9542199de02ffae719363656c040ca10e3d5e80fb970d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bb4816f895199e0cb3188c3d32835de4952c4ef8567119c6078e4a3f17c9098b
c4d25bbd02f29e4ffb12981d1bcc971f22db8ea1e7a1e9df4b60237c1716b8ac
c95f12384cd2b397b93fb55959fc3c44c2f50daf65872bac0962ab47b0aa8233
ce1a730de7ce124eaa05e19ad84fedd657ee64a8a1ce75c83f9ebb932be11a9a
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
ef40747502fad55a7c0cd031b61ca6611c1c60d8a8a53ad4d83428c53191e587
f1ff3a0a2bc1903207bc3526cb8e9edd1aa413e1a76f19d6bf0121591e6d8eef
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615