![](/screenshots/229d91cd-d47b-4597-a6cd-2c0f39fd67b2.png)
www.espreso.co.rs
Open in
urlscan Pro
51.15.154.187
Public Scan
Effective URL: https://www.espreso.co.rs/
Submission: On June 16 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on May 10th 2022. Valid for: 3 months.
This is the only time www.espreso.co.rs was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com | |
api.cleverpush.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
static.chartbeat.com |
ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org |
ASN16509 (AMAZON-02, US)
secure.quantserve.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-129-95.compute-1.amazonaws.com
ping.chartbeat.net |
ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org |
ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de
espresors.mycleverpush.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-40-161.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
espreso.co.rs
2 redirects
espreso.co.rs — Cisco Umbrella Rank: 119776 www.espreso.co.rs — Cisco Umbrella Rank: 128575 |
771 KB |
14 |
cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 16731 api.cleverpush.com — Cisco Umbrella Rank: 16666 |
130 KB |
7 |
consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2383 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5815 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10034 |
179 KB |
5 |
gemius.pl
1 redirects
gars.hit.gemius.pl — Cisco Umbrella Rank: 53584 ls.hit.gemius.pl — Cisco Umbrella Rank: 11610 |
18 KB |
4 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 stats.g.doubleclick.net — Cisco Umbrella Rank: 125 |
153 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60 |
20 KB |
3 |
adriamediacontent.com
www.adriamediacontent.com — Cisco Umbrella Rank: 102750 |
17 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 91 |
501 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158 |
110 KB |
1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1065 |
601 B |
1 |
mycleverpush.com
espresors.mycleverpush.com — Cisco Umbrella Rank: 407029 |
26 KB |
1 |
google.it
www.google.it — Cisco Umbrella Rank: 16286 |
501 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 9 |
501 B |
1 |
chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1127 |
201 B |
1 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1100 |
10 KB |
1 |
chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1253 |
15 KB |
74 | 16 |
Domain | Requested by | |
---|---|---|
29 | www.espreso.co.rs |
1 redirects
www.espreso.co.rs
|
10 | static.cleverpush.com |
www.espreso.co.rs
static.cleverpush.com espresors.mycleverpush.com |
5 | quantcast.mgr.consensu.org |
www.espreso.co.rs
quantcast.mgr.consensu.org |
4 | api.cleverpush.com |
static.cleverpush.com
|
4 | gars.hit.gemius.pl |
1 redirects
www.espreso.co.rs
gars.hit.gemius.pl |
3 | www.google-analytics.com |
www.espreso.co.rs
www.google-analytics.com |
3 | www.adriamediacontent.com |
www.espreso.co.rs
www.adriamediacontent.com |
3 | securepubads.g.doubleclick.net |
www.espreso.co.rs
securepubads.g.doubleclick.net |
2 | www.facebook.com |
www.espreso.co.rs
|
2 | connect.facebook.net |
www.espreso.co.rs
connect.facebook.net |
1 | audit-tcfv2.quantcast.mgr.consensu.org |
quantcast.mgr.consensu.org
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | espresors.mycleverpush.com |
static.cleverpush.com
|
1 | test.quantcast.mgr.consensu.org |
quantcast.mgr.consensu.org
|
1 | www.google.it |
www.espreso.co.rs
|
1 | www.google.com |
www.espreso.co.rs
|
1 | ping.chartbeat.net |
www.espreso.co.rs
|
1 | secure.quantserve.com |
quantcast.mgr.consensu.org
|
1 | ls.hit.gemius.pl |
gars.hit.gemius.pl
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | static.chartbeat.com |
www.espreso.co.rs
|
1 | espreso.co.rs | 1 redirects |
74 | 22 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
espreso.rs R3 |
2022-05-10 - 2022-08-08 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
www.adriamediacontent.com R3 |
2022-05-10 - 2022-08-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-11 - 2023-06-11 |
a year | crt.sh |
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA |
2021-09-08 - 2022-09-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-03-25 - 2022-06-23 |
3 months | crt.sh |
*.chartbeat.com Thawte RSA CA 2018 |
2022-05-06 - 2023-06-03 |
a year | crt.sh |
*.cmp.quantcast.com R3 |
2022-04-26 - 2022-07-25 |
3 months | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2021-12-01 - 2022-12-30 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.google.it GTS CA 1C3 |
2022-05-30 - 2022-08-22 |
3 months | crt.sh |
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-06 - 2023-06-06 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.espreso.co.rs/
Frame ID: 19D6022CCC6BE53C0ED71AEFE30E1124
Requests: 68 HTTP requests in this frame
Frame:
https://ls.hit.gemius.pl/lsget.html
Frame ID: AFBF74AF2F05950DC905E712AF5112F0
Requests: 1 HTTP requests in this frame
Frame:
https://espresors.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.espreso.co.rs
Frame ID: 299DC7598B275A275A7C0513A4097930
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/229d91cd-d47b-4597-a6cd-2c0f39fd67b2.png)
Page Title
Espreso - Najbrže rastući portal u Srbiji i regionuPage URL History Show full URLs
-
http://espreso.co.rs/
HTTP 301
http://www.espreso.co.rs/ HTTP 301
https://www.espreso.co.rs/ Page URL
Detected technologies
![](/vendor/wappa/icons/Chartbeat.png)
Detected patterns
- chartbeat\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Gemius.png)
Detected patterns
- hit\.gemius\.pl/xgemius\.js
- hit\.gemius\.pl
- xgemius\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Quantcast.png)
Detected patterns
- quantcast\.mgr\.consensu\.org
![](/vendor/wappa/icons/Quantcast.png)
Detected patterns
- \.quantserve\.com/quant\.js
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title: Glossy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Poznati
Search URL Search Domain Scan URL
Title: Moda i lepota
Search URL Search Domain Scan URL
Title: Zdravi i srećni
Search URL Search Domain Scan URL
Title: Ljubav i seks
Search URL Search Domain Scan URL
Title: Porodica
Search URL Search Domain Scan URL
Title: Karijera
Search URL Search Domain Scan URL
Title: Zabava
Search URL Search Domain Scan URL
Title: Galerije
Search URL Search Domain Scan URL
Title: Horoskop
Search URL Search Domain Scan URL
Title: Pokazao savršene trbušnjake, a svi su — RAZOČARANI! Najnovija fotografija glumca za kojim žene lude na meti podsmeha
Search URL Search Domain Scan URL
Title: Jugoslovenke su DRHTALE PRED NJIM, a on se nije osećao kao zavodnik: Kako danas izgleda najlepši pevač naših prostora
Search URL Search Domain Scan URL
Title: Za ulogu Tome je izgubio 24 kilograma! Milan Marić nije imao sreće s dijetama, a onda je uradio NAJPROSTIJU STVAR
Search URL Search Domain Scan URL
Title: Kilibarda u bež, Vesna Dedić i Lena Kovačević u belom, a tek Dunja Jovanić... Koja se najbolje obukla?
Search URL Search Domain Scan URL
Title: Zbog njega je RASKINULA vezu sa 16 godina starijim trenerom: Poznata voditeljka PRVI PUT pokazala dečka biznismena
Search URL Search Domain Scan URL
Title: Snimio je "Ekspresno", a onda napravio hit sa Darom Bubamarom, pa NESTAO: Pogledajte kako danas izgleda Bojan Bjelić
Search URL Search Domain Scan URL
Title: Žive BAJKU, a dobili su i ćerkicu: Ovo je sin Milorada Mandića Mande koji uživa u ljubavi sa popularnom Srpkinjom
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://espreso.co.rs/
HTTP 301
http://www.espreso.co.rs/ HTTP 301
https://www.espreso.co.rs/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 56- https://gars.hit.gemius.pl/_1655367631822/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=gHd8wqNLk_Tpp3wYWFVRaJcnrQ3cTxzj4cdvRw1OcDf.57qtIVmjNRfAdkaJrdfcynAcExmNgCns0DZEa4UyEVTbzdjo/uHQOZlpRQ1fxI/<ime=183&fpdata=Wb4mp5NYm6rqc5RoKbfXY37KpBF0q3pd01iaFh0ykuH.K7&fpcap= HTTP 301
- https://gars.hit.gemius.pl/__/_1655367631822/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=gHd8wqNLk_Tpp3wYWFVRaJcnrQ3cTxzj4cdvRw1OcDf.57qtIVmjNRfAdkaJrdfcynAcExmNgCns0DZEa4UyEVTbzdjo/uHQOZlpRQ1fxI/<ime=183&fpdata=Wb4mp5NYm6rqc5RoKbfXY37KpBF0q3pd01iaFh0ykuH.K7&fpcap=
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.espreso.co.rs/ Redirect Chain
|
135 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin_cyrillic-regular.woff
www.espreso.co.rs/resources/fonts/ |
54 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin_cyrillic-700.woff
www.espreso.co.rs/resources/fonts/ |
57 KB 57 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin_cyrillic-800.woff
www.espreso.co.rs/resources/fonts/ |
56 KB 57 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-v15-latin-ext_latin-700.woff
www.espreso.co.rs/resources/fonts/ |
36 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-v15-latin-ext_latin-800.woff
www.espreso.co.rs/resources/fonts/ |
36 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oswald-v35-latin-ext_latin-regular.woff
www.espreso.co.rs/resources/fonts/ |
27 KB 28 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-v-1654785932804.css
www.espreso.co.rs/resources/css/ |
119 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-v-1654785932804.js
www.espreso.co.rs/resources/js/ |
222 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
81 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubjelly.js
www.adriamediacontent.com/js/pubjelly/main/ |
42 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-h_logo.svg
www.espreso.co.rs/resources/images/svg/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appstore.png
www.espreso.co.rs/resources/images/vendor/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googleplay.png
www.espreso.co.rs/resources/images/vendor/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1103233_penzioneri-penzija-pare_ls-s.jpg
www.espreso.co.rs/data/images/2022/02/08/10/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1195157_milica-opasnica_ls-s.jpg
www.espreso.co.rs/data/images/2022/06/15/11/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1195877_285617822-581412196918391-1582540500728011008-n_ls-s.jpg
www.espreso.co.rs/data/images/2022/06/16/09/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1180741_1734529422628fbaaa3062c512196054-640_ls-s.jpg
www.espreso.co.rs/data/images/2022/05/26/19/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1195727_1655304669zdravkospasiokajakasafotorina1_ls-s.jpg
www.espreso.co.rs/data/images/2022/06/15/21/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy.png
www.espreso.co.rs/resources/images/ |
92 B 621 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QEYyvBDbS9x6vTwGL.js
static.cleverpush.com/channel/loader/ |
241 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
espreso_android_icon.png
www.espreso.co.rs/resources/images/android/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star_full.svg
www.espreso.co.rs/resources/images/android/ |
566 B 921 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star_empty.svg
www.espreso.co.rs/resources/images/android/ |
587 B 933 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xgemius.js
gars.hit.gemius.pl/ |
52 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svg.svg
www.espreso.co.rs/resources/images/svg/sprites/ |
13 KB 6 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
100 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat.js
static.chartbeat.com/js/ |
36 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
choice.js
quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
network_sprite.svg
www.espreso.co.rs/resources/images/footer/ |
59 KB 26 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 443 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 146 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
check_if_user_is_logged_in
www.espreso.co.rs/profil/ |
115 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpdata.js
gars.hit.gemius.pl/ |
282 B 395 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lsget.html
ls.hit.gemius.pl/ Frame AFBF |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.js
www.adriamediacontent.com/js/pubjelly/main/noc/ |
606 B 822 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wwwespresocors.js
www.adriamediacontent.com/js/pubjelly/main/cfg/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1195597_preps_ls-s.jpg
www.espreso.co.rs/data/images/2022/06/15/16/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1068595_profimedia0649673152_ls-s.jpg
www.espreso.co.rs/data/images/2021/12/29/13/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
993603_a21_ls-s.jpg
www.espreso.co.rs/data/images/2021/08/26/16/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl_2022060901.js
securepubads.g.doubleclick.net/gpt/ |
368 KB 125 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
75 B 100 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ |
177 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
322513038446696
connect.facebook.net/signals/config/ |
290 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.b738fc1eca74daada2dc.js
static.cleverpush.com/sdk/chunk/ |
33 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
251.f96a23c8ba1a163ea93d.js
static.cleverpush.com/sdk/chunk/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
115.9508b246af235e813a76.js
static.cleverpush.com/sdk/chunk/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.it/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ |
9 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
espresors.mycleverpush.com/ Frame 299D |
68 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-pLW1P-3X_Ppr5.js
rules.quantcount.com/ |
147 B 601 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rexdot.js
gars.hit.gemius.pl/__/_1655367631822/ Redirect Chain
|
169 B 424 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/41/ |
229 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list-trimmed-v1.json
quantcast.mgr.consensu.org/GVL-v2/ |
303 KB 39 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ |
154 KB 36 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audit-tcfv2.quantcast.mgr.consensu.org/ |
2 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.espreso.co.rs/resources/images/header/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.b738fc1eca74daada2dc.js
static.cleverpush.com/sdk/chunk/ Frame 299D |
33 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
251.f96a23c8ba1a163ea93d.js
static.cleverpush.com/sdk/chunk/ Frame 299D |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
818.ee6d94e6219278dc8193.js
static.cleverpush.com/sdk/chunk/ Frame 299D |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
970.c702097df918c99b9081.js
static.cleverpush.com/sdk/chunk/ |
46 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
720.8a7a163af042d6aa8df3.js
static.cleverpush.com/sdk/chunk/ |
46 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
optin-visitor
api.cleverpush.com/channel/ |
16 B 712 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
optin-visitor
api.cleverpush.com/channel/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
confirm-alert
api.cleverpush.com/channel/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
confirm-alert
api.cleverpush.com/channel/ |
16 B 680 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fP2J7Li6TXqNmhvwE.png
static.cleverpush.com/notification/icon/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
160 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| addr string| server_request_uri string| server_href boolean| mak_rfrsh boolean| comment_report_reqire_login string| login_system string| login_server string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event string| cdSiteContentCategory string| GoogleAnalyticsObject function| ga object| googletag object| pubjelly function| getCookie string| userFirstLastName string| userAvatar object| userProfileLink object| ticker object| list object| clone function| fbq function| _fbq object| _sf_async_config function| __tcfapi function| __uspapi number| pageAutoRefresh undefined| sharewindow object| bLazy undefined| didScroll function| androidAppShowDialog function| androidAppInstall function| androidAppCancel function| androidAppLocalStorageReset function| androidAppDontAskAnymore object| $mediaSlider object| $mediaThumb number| lastScrollTop number| delta number| navbarHeight function| hasScrolled function| slideToSlide function| setMediaDescription function| androidCheckVersion function| searchHeaderBtn function| searchHeader function| searchForm function| sideBoxTabs number| get_tpl_i function| get_tpl function| removeElement function| nl2br function| toTop object| $window function| equalHeight function| trim function| isEmail function| loadAntibot function| poll_init function| poll_check_votes function| poll_vote function| poll_show_results function| poll_show_answers function| getImagesFromLive function| _slice function| _slicedToArray function| _extends function| _toConsumableArray function| checkIfUserIsLoggedIn function| checkUserPreviousScrollPosition function| checkStrength function| addendLoader function| removeLoader function| setCookie function| checkCookie function| openLoginModal function| logOut function| resetAllValidationFields function| userProfile function| openRegisterModal function| showErrorMessage function| hideErrorMessage function| uploadAvatar function| getUrlVars function| removeHash boolean| com_loading function| com_load_more function| com_list number| antibot_id object| antibot_timeout function| com_form_init function| com_preview_init function| com_close_reply function| com_reset_antibot function| dataSet function| dataPush function| dataGet function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| loader boolean| finishLoding object| toastr function| Blazy object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| CleverPush object| timeout object| gemius_cmpclient object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt object| $jscomp function| $jscomp$lookupPolyfilledValue object| __pubJellyRuntime object| pbjs object| ggeac object| google_js_reporting_queue object| _qevents object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY string| cmd string| pjSlotID function| __tcfapiui function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.espreso.co.rs/ | Name: _ga Value: GA1.3.898568936.1655367632 |
|
.espreso.co.rs/ | Name: _gid Value: GA1.3.1921004485.1655367632 |
|
.espreso.co.rs/ | Name: _gat Value: 1 |
|
.espreso.co.rs/ | Name: _gat_tstTracker Value: 1 |
|
.espreso.co.rs/ | Name: _cb Value: D7SXYsmRIS9DrDG5M |
|
.espreso.co.rs/ | Name: _chartbeat2 Value: .1655367631682.1655367631682.1.DKPhbjF1uqYDRlV6vDMurzHrTs3S.1 |
|
.espreso.co.rs/ | Name: _cb_svref Value: null |
|
.espreso.co.rs/ | Name: __gfp_64b Value: Wb4mp5NYm6rqc5RoKbfXY37KpBF0q3pd01iaFh0ykuH.K7|1655367631 |
|
.espreso.co.rs/ | Name: espreso_front_session Value: klmnv5m17p5lakg20ffkvom147 |
|
www.espreso.co.rs/ | Name: X-Proxy-To Value: espreso-web3 |
|
.espreso.co.rs/ | Name: _fbp Value: fb.2.1655367631854.1496148614 |
|
.hit.gemius.pl/ | Name: Gtest Value: KlG-AMaGQMQGt-FmHWLZtgRissGMXP8c25nSGYRR0XnWXBG. |
|
.facebook.com/ | Name: fr Value: 017FS6ekp6uXfDv9e..BiqufP...1.0.BiqufP. |
|
.hit.gemius.pl/ | Name: Gdyn Value: KlxbmMGGQMQGt-FmHWLZtgRissGMXP8c25nSGYRR0XnWFRxSG7RrGS6GNgoBFlMMYH7hRjBGqSRxSG8. |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.cleverpush.com
audit-tcfv2.quantcast.mgr.consensu.org
connect.facebook.net
espreso.co.rs
espresors.mycleverpush.com
gars.hit.gemius.pl
ls.hit.gemius.pl
ping.chartbeat.net
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cleverpush.com
stats.g.doubleclick.net
test.quantcast.mgr.consensu.org
www.adriamediacontent.com
www.espreso.co.rs
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
141.95.172.71
142.250.186.66
146.59.30.100
159.69.145.0
185.80.68.11
185.80.68.52
2600:9000:2057:3c00:18:1fcd:351:7bc1
2600:9000:2057:e400:3:a4cd:8380:93a1
2600:9000:206f:a00:9:46dc:4700:93a1
2600:9000:206f:e200:6:44e3:f8c0:93a1
2606:4700:20::ac43:47b8
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c1b::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.122.40.161
51.15.154.187
52.72.129.95
06c5fe58611f5c1931b9bd060a342dd470e9939a1f687bbc660c580f40817725
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1219e4426e9a9d5bb5eda873eae2fbb1d60d33b0286cf3f53c6240eb485d7255
1250cac1df26eff62cb52c6732a01bad753ba6c8299329177da2e43c714564f8
141ff5863bfd7859e565c9535761de596f57057392628d56494302b3fe4fc313
18a3ce2da8cab0fec04771097c8644f37afa6c14c0247a5f99932847a02b15b0
1ad53ba7c073cc7c7e6f2a684129bebbcf956a9a4c6a7aa9068f575f4c533386
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
22882a69a2cd613b25bc774dded2d9d71c97bf0677d764e8bd270402a6802688
241bb9acfebdc15a25a2e0fc4a2b8bcdd6228ad218c4b920cd4e5d804034410e
25bf3bbd494b3751096133fba19e193859fba250bfe0e68ca6f07d4e9353510f
2770b375eb18d7a74fbbd60a0f9a14214857770f35dac85ce9c5daf9353faf97
28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2
2c9c7d5986363fa8812f2458cb48245137801a8dd4e8af832b1b02409d937204
2e6016a96171a51e8428c040cf1401411c8c7471a7bb8945330d663e626918ef
37d8bced2c9ce5998a53e111927c75b7bffb235ee5769db693ddb9d80eb1b0e2
3b3edb9e800725c1c56bf8aa7eee0773b1c0db5f95f264b711549e2b51b5361f
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
427d401af658802aaff080d3cb532f15c037d6f9f09ff27348bb46b1e827a68b
444667fa411967ea5a8b68dc72fa4d65fef5225feb8a1d6da08172fedfc2a598
4f8cae5d2bb50d5dcf09a19abd7b8972dc4596be92848a7ce58d94f29f238a25
4fe6ba458a6d212613c63605ac59645cb12246bf8ed4bfd415e98723c5794d29
508a7fa3b5aa60c5493270c6157d37b16fe61451445ea0a35b76b1a6f5428799
5323b0755b69317860e8d3ee14c242b866c7de53c7e76671807cc849b0c10c25
53f5e665abc87e7de48bd824433f882616db5bf1cfa312a2f5fbc93130bccce0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5863cc8f66ccabbbca37d83c8eaf5ddc1476768e707193e9d90c80c5d5cff9ad
5ff973bc8d474a3678a16e2e6c9def3f5feb3cddff5c7aeb2a22b09e30e04791
663596defba94886455db72358849aae547b3f24a08f478ba894bfddc0c14398
72f7952ce5f82350d4e8bad68b10e4a9f8a315c63d0f2bc188e9fac31e43acd1
73c9603859745af9f6558c825d261e2ef14d854cd9c918348abe00d611b7cc50
7694dd13e2fb81ec4254703d8d32a4e3ea22f0639a3a2a532216014c59716e8a
7970cf104f372b7249ec662b9ce731b7ec0098c2a80829a37353cafe0b3f7ca5
7ade8b3202a6269ac6593cd2148247ae0e43e868c5ca8a832f8b5768f5c23dc8
7ebf3024d7091007d0635f6f729158fd7168e2af56748254e80a0389f98a4abf
82ea58324df04dbf8f6736cf312c27b6bb81dba97c8b868b38c568ab5b036a53
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85bace1b7697af079d118c5c3dc36caaa75a758e426f1f71e55ac5d35335418c
8b93157ff515255fe2540b86208150e5ed01195690337ec02f338ae2b63b4644
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
965511942be24112b06616f804d33d896aa25e08779f8a2ffbeba29799eaaaae
96abd61c8fddc54426c233577dcc31c803542d5b561bc01dc3f447e46ed64d97
9c1bcb05f4d133741942c21b302862bb75e8d2f2b669f3e5846ab854c45f6a79
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1140d57421ae5baa9e14a690f2bac09054b2a9d355829623cbd719d845f3639
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
af640a8153133f37b8c4ef2de2facaf13ebeaa773480478059ce877f757bee5a
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
ba6cdf301a4edd89e26094c6f48441f688cc98085add0169da7066744fc6ac52
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bffab0676dbca56f827f2e126d918975ce0777ffee3999a335fe4f62d5a085d8
c2f611148b3e347fb36383d74ef68993ca62333b3da727c90aeb51c880610f08
c3204af6c2e6a8f3f5c5ad57cc08ffdbed353cce168cb534703fd151ccb671a4
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca5a3fa71451559e4862c867d7e14433afd39c5e9479fe14912dbdc1e7581a33
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f43a4cebee8a66dcbcf423ccc96c8ab3c74e104a490c2864f2b8d1a87c89c4
d1cc387fde81242bc6e50915eaeb6b72e5a6bd679c6071d0050b594ccceee02f
d1fb7a09a782ba758c23a65209d65d5fa87d67f9d7e7b863f2510da9f573195f
d2df21830f652a9bd3908df74aea4be9277d831197546aec3e7f8a187dd829b9
d4429e8ff81146ce9bba70c14cd471d4b58a4e504505894da2aa7df575b897b2
d9b92af4ec59a06579c5aee2690d5c3a8528267fe28bc087ad652dd710eba351
e65d08671752da0aaf460af9e2a702b11d784fdc6bac707f7803fbfe4df9658e
e6dc67750af04c939b6bad22529e07df87eb5eea40247ea70b9dd45a01ccd18a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef94505ee60677b6d7943aa3885f4c3cb76d8e6e6ac410d5b9f9014a6dcb1401
f728281f34bfcaee81ff57ef3e3a80eb43ebf291209b0e2ebb7ec69521429515
f743a778ac60be2dbac9ef3147b54576b465b7f2f70ebfb3514d008af4287445