roodeemoney.com
Open in
urlscan Pro
2606:4700:3036::6815:4c97
Public Scan
Effective URL: https://roodeemoney.com/
Submission: On August 22 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 23rd 2021. Valid for: a year.
This is the only time roodeemoney.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
www.roodeemoney.com | |
roodeemoney.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com | |
googleads.g.doubleclick.net | |
adservice.google.com |
ASN18362 (NETWAY-AS-AP Netway Communication Co.,Ltd., TH)
www.amot.in.th |
ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com
s3-ap-southeast-1.amazonaws.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
roodeemoney.com
1 redirects
www.roodeemoney.com roodeemoney.com |
1 MB |
11 |
youtube.com
www.youtube.com |
682 KB |
8 |
amazonaws.com
s3-ap-southeast-1.amazonaws.com |
3 MB |
7 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
176 KB |
5 |
doubleclick.net
googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net |
10 KB |
4 |
amot.in.th
www.amot.in.th |
704 KB |
3 |
google.com
adservice.google.com www.google.com |
14 KB |
3 |
google-analytics.com
www.google-analytics.com |
19 KB |
3 |
w.org
s.w.org |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
88 KB |
1 |
ytimg.com
i.ytimg.com |
4 KB |
1 |
ggpht.com
yt3.ggpht.com |
4 KB |
1 |
gstatic.com
fonts.gstatic.com |
15 KB |
1 |
googletagservices.com
www.googletagservices.com |
27 KB |
1 |
google.de
adservice.google.de |
853 B |
1 |
googleadservices.com
partner.googleadservices.com |
660 B |
1 |
wp.com
i1.wp.com |
97 KB |
1 |
uob.co.th
www.uob.co.th |
97 KB |
1 |
ktc.co.th
www.ktc.co.th |
267 KB |
68 | 19 |
Domain | Requested by | |
---|---|---|
13 | roodeemoney.com |
roodeemoney.com
|
11 | www.youtube.com |
roodeemoney.com
www.youtube.com |
8 | s3-ap-southeast-1.amazonaws.com |
roodeemoney.com
|
5 | pagead2.googlesyndication.com |
roodeemoney.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
4 | www.amot.in.th |
roodeemoney.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
www.youtube.com |
3 | s.w.org |
roodeemoney.com
|
2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
2 | www.google.com |
www.youtube.com
tpc.googlesyndication.com |
2 | www.googletagmanager.com |
roodeemoney.com
|
1 | i.ytimg.com |
www.youtube.com
|
1 | yt3.ggpht.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | fonts.gstatic.com |
www.youtube.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | i1.wp.com |
roodeemoney.com
|
1 | www.uob.co.th |
roodeemoney.com
|
1 | www.ktc.co.th |
roodeemoney.com
|
1 | www.roodeemoney.com | 1 redirects |
68 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
cl.accesstrade.in.th |
access.amot.in.th |
www.facebook.com |
twitter.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-04-23 - 2022-04-22 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.amot.in.th DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-19 - 2022-03-21 |
a year | crt.sh |
*.s3-ap-southeast-1.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-06-23 - 2022-07-24 |
a year | crt.sh |
www.ktc.co.th DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-21 - 2022-07-26 |
a year | crt.sh |
www.uobgroup.com GlobalSign RSA OV SSL CA 2018 |
2020-06-29 - 2022-06-21 |
2 years | crt.sh |
*.wp.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-02 - 2022-07-05 |
2 years | crt.sh |
*.w.org Sectigo RSA Domain Validation Secure Server CA |
2019-12-19 - 2021-12-18 |
2 years | crt.sh |
*.google.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://roodeemoney.com/
Frame ID: 75F91824757B1C75C6A29ACC28504EE5
Requests: 56 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 661973D353BD62CFB08DC62D7B356108
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6267369281180869&output=html&adk=1812271804&adf=3025194257&lmt=1629607096&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Froodeemoney.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629607096545&bpp=4&bdt=390&idt=93&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=148701936720&frm=20&pv=2&ga_vid=1243165754.1629607097&ga_sid=1629607097&ga_hid=32563936&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C20211866%2C31062181%2C31062297&oid=3&pvsid=3612445778148373&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
Frame ID: D1C8D048234507D700757A542FFF3571
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
Frame ID: 1D83C20EEB5F7DC1C0BA4379A0F9F043
Requests: 15 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2F47B1A4700D0DD9DB6E4FC4E760C1E1
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: BE7B37E61EFE6E5F558F0AE9D941D6F1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
รู้ดี money - รู้ดีเรื่องบัตรเครดิต และสินเชื่อส่วนบุคคล - รู้ดี MoneyPage URL History Show full URLs
-
https://www.roodeemoney.com/
HTTP 301
https://roodeemoney.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
PHP (Programming Languages) Expand
Detected patterns
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
MySQL (Databases) Expand
Detected patterns
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Google AdSense (Advertising Networks) Expand
Detected patterns
- script /googlesyndication\.com\//i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: สมัครบัตร KTC Proud
Search URL Search Domain Scan URL
Title: สมัครบัตรกดเงินสด CitiBank
Search URL Search Domain Scan URL
Title: สมัครบัตร UOB Cash Plus
Search URL Search Domain Scan URL
Title: สมัครบัตร CIMB
Search URL Search Domain Scan URL
Title: สมัครบัตร UOB Yolo
Search URL Search Domain Scan URL
Title: สมัครบัตร KTC Cash Back
Search URL Search Domain Scan URL
Title: สมัครบัตร Bangkok Platinum
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: facebook
Search URL Search Domain Scan URL
Title: twitter
Search URL Search Domain Scan URL
Title: https://www.youtube.com/watch?v=l_mAFiTcY4M
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.roodeemoney.com/
HTTP 301
https://roodeemoney.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
roodeemoney.com/ Redirect Chain
|
40 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css
roodeemoney.com/wp-content/cache/autoptimize/css/ |
179 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.min.js
roodeemoney.com/wp-includes/js/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
128 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
139 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fae22d2d51.jpg
www.amot.in.th/amot/uploadfiles/campaign/XL/ |
249 KB 249 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
75034_1287x1820_20190904062924352.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/8d7d8ee069cb0cbbf816bbb65d56947e/ |
195 KB 195 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14-KTC_CASH_BACK_PLATINUM_MASTERCARD.png
www.ktc.co.th/pub/media/creditcard/ |
266 KB 267 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
191476_1280x560_20201019082819234.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/f899139df5e1059396431415e770c6dd/ |
514 KB 514 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3791fe22b8.jpg
www.amot.in.th/amot/uploadfiles/campaign/XL/ |
228 KB 228 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
294480_1200x627_20210429084053691.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/cf67355a3333e6e143439161adc2d82e/ |
225 KB 225 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
239076_800x350_20210211085954057.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/e70611883d2760c8bbafb4acb29e3446/ |
125 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2934ee416b.jpg
www.amot.in.th/amot/uploadfiles/campaign/XL/ |
227 KB 228 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dabb886ac9_800x600.jpg
www.amot.in.th/amot/uploadfiles/campaign/illustration/800x600/ |
66 B 66 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
55660_Picture2_20190422063450237.png
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/019d385eb67632a7e958e23f24bd07d7/ |
703 KB 704 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
55656_Picture1_20190422062716640.png
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/019d385eb67632a7e958e23f24bd07d7/ |
320 KB 320 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
65289_1640x462_20190605093033014.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/a02ffd91ece5e7efeb46db8f10a74059/ |
883 KB 884 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
65291_1180x332_20190605093033246.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/a02ffd91ece5e7efeb46db8f10a74059/ |
233 KB 233 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
autoptimize_f4ef378bf844ca00edfad2cbcbdb73b3.js
roodeemoney.com/wp-content/cache/autoptimize/js/ |
204 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
wp-emoji-release.min.js
roodeemoney.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gtm.js
www.googletagmanager.com/ |
96 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
socicon.woff
roodeemoney.com/wp-content/plugins/meks-smart-social-widget/css/fonts/ |
98 KB 64 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ktc-proud-card-300x188.png
roodeemoney.com/wp-content/uploads/2021/03/ |
72 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
CitiReady-Credit-16.png
roodeemoney.com/wp-content/uploads/2021/03/ |
446 KB 447 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
UOB-Cash-Plus.png
roodeemoney.com/wp-content/uploads/2021/03/ |
343 KB 344 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-cash-plus-2_2021may_1024x530.jpg
www.uob.co.th/web-resources/images/form/onlineapp-cashplus/ |
97 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
03-CIMB-Extra-Cash2.png
i1.wp.com/www.cardfavor.com/wp-content/uploads/2018/09/ |
97 KB 97 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
C6CBD4D1-D265-4222-BB7D-D46EBC8E28D2-300x189.png
roodeemoney.com/wp-content/uploads/2021/04/ |
80 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
citi-cash-back-platinum-credit-card-1.png
roodeemoney.com/wp-content/uploads/2021/03/ |
71 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
351 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26a1.svg
s.w.org/images/core/emoji/13.0.1/svg/ |
451 B 650 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f39f.svg
s.w.org/images/core/emoji/13.0.1/svg/ |
1 KB 641 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f525.svg
s.w.org/images/core/emoji/13.0.1/svg/ |
822 B 536 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ |
252 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 6619 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
admin-ajax.php
roodeemoney.com/wp-admin/ |
1 B 724 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
player_api
www.youtube.com/ |
980 B 895 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
mejs-controls.svg
roodeemoney.com/wp-includes/js/mediaelement/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
watch
www.youtube.com/ |
0 0 |
Media
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
205 B 660 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 570 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame D1C8 |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
72 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
www-widgetapi.js
www.youtube.com/s/player/b555ee94/www-widgetapi.vflset/ |
125 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
l_mAFiTcY4M
www.youtube.com/embed/ Frame 1D83 |
56 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 85 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
www-player-webp.css
www.youtube.com/s/player/b555ee94/ Frame 1D83 |
329 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
www-embed-player.js
www.youtube.com/s/player/b555ee94/www-embed-player.vflset/ Frame 1D83 |
193 KB 64 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
base.js
www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/ Frame 1D83 |
2 MB 497 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fetch-polyfill.js
www.youtube.com/s/player/b555ee94/fetch-polyfill.vflset/ Frame 1D83 |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1D83 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
id
googleads.g.doubleclick.net/pagead/ Frame 1D83 |
113 B 161 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 1D83 |
29 B 91 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XXkzgZ_iluOMdrQKXYNRgqTdRkvmuzerOYXdiSc_i3s.js
www.google.com/js/th/ Frame 1D83 |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
embed.js
www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/ Frame 1D83 |
24 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1D83 |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AKedOLQzMb7w1cLHuZUXo2V3g1fHUlVa4kz9o6LuYx6m=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1D83 |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.webp
i.ytimg.com/vi_webp/l_mAFiTcY4M/ Frame 1D83 |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
generate_204
www.youtube.com/ Frame 1D83 |
0 9 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sodar
pagead2.googlesyndication.com/getconfig/ |
11 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2F47 |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
aframe
www.google.com/recaptcha/api2/ Frame BE7B |
783 B 537 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js
pagead2.googlesyndication.com/bg/ Frame 2F47 |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
log_event
www.youtube.com/youtubei/v1/ Frame 1D83 |
28 B 54 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
109 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings function| advanced_ads_ready undefined| $ function| jQuery function| gtag object| dataLayer_content object| generatepressMenu object| _wpUtilSettings object| wpreview object| mejsL10n object| _wpmejsSettings function| wp_review_rate function| Cookies function| _ object| wp object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| twemoji object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gaplugins object| gaData object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: MMyRxs9qgs8 |
|
.youtube.com/ | Name: YSC Value: 1kq53CLiiDQ |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUk_CAoybtXrCwgp1XdnRlESSab5HK1AVNItz7pchL9OxkFpYQrH9SkOnbB- |
|
.roodeemoney.com/ | Name: __gads Value: ID=96259f0b9a47c795-2280a9aab1c90060:T=1629607098:RT=1629607098:S=ALNI_MZX_0qfh-fyiMdmlWK7A7Re6QYo2g |
|
.roodeemoney.com/ | Name: _gat_UA-195071185-1 Value: 1 |
|
.roodeemoney.com/ | Name: _ga_MPRBRG5Y6Y Value: GS1.1.1629607096.1.0.1629607096.0 |
|
.roodeemoney.com/ | Name: _ga Value: GA1.2.1243165754.1629607097 |
|
.roodeemoney.com/ | Name: _gid Value: GA1.2.1246820112.1629607098 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
i1.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
roodeemoney.com
s.w.org
s3-ap-southeast-1.amazonaws.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.amot.in.th
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.ktc.co.th
www.roodeemoney.com
www.uob.co.th
www.youtube.com
yt3.ggpht.com
142.250.186.34
192.0.77.2
192.0.77.48
203.78.107.224
2600:9000:2190:2200:17:beb7:8f40:93a1
2606:4700:3036::6815:4c97
2a00:1450:4001:801::2001
2a00:1450:4001:808::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:810::2016
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9b
42.61.47.40
52.219.37.10
0085de260172012defb7edafe9ba7ecbbbca4672ac945cc91227771bab38c1f5
01716fda64460d237027ce9ef9a5b50e30e1cbd16f79f5b4ee01b0952ae0dbe7
064fe433b8ca642ef9184ea5bf9c88ec3c518bad42215f7d28772375e51514ae
0930cdf7a5ac7dd8c0eee66b6d5d1e215205f9f08228cb0b048acd4f08016920
0b20ced19e175c2bf10427736057e006d989365176cfd1209c9e7ab62d9c6d35
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
108f55d18a11c3b2bf5217a29ee3f1a34faa3f792cd6ed733954f208a2cc781f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1573ade6002fc3ad78e99dcf7a4eda970e4af095c23a8ca35ec704ffbee0356a
16a19e5d686917aaf450123b845a6d5cfc787c63168202fdaa0dc648a493c70c
1e513e160c68850f4cc130c9e4ec6c569eb1d6c19c8d0a17ee87ce18303a8b15
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb
30e221ad2cdb25042059e0f78e09fdd275b2dfa9f9886e06cd9f26140ebfe959
353603ffa99efb9a3878f4f44635e6f954d0eac3f33c2ab1d482e123bcb160da
3cc4e229cc22a45146d4f3c3358e36ad1cafe05c73d07fba488da967a85a58ca
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47f7a370e726141a723111662726767b3df62d73ff592ec5adb53199d5df1555
48c273dcbed09b6b87f9365f2f141063f5c859476b53913d94fca1befe90aa0c
4a0f079ca28cf34ded6cb943c7432478ad00a774a65362e879c0186193b96bf9
4dd9c049a4906bcbff23f4470ca9ed245f96948d5bb2346329bfc65b80a8c214
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa52f6b5576b95a51157b7b318e6bf15c54cfe5013ed068c66fde0852971f28
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d7933819fe296e38c76b40a5d835182a4dd464be6bb37ab3985dd89273f8b7b
5de641fa6b8e93328db555679cfb819e20e1beaf7299768ccef5087dd952ca6d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6395d65d0f56d2401b63830f8742bc9361cc3f610b942a6d1d31b29e4d53bb78
63f836a3c05fa57cc373764fb7d76fa5d37fe6280f91817c7851656d567e5e9e
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
7add26056c825823ca575bc8725a35466522826f1c797e34a71da9af4fb35f5c
7ecb7eea171614b4b31f360977d91d83f497ee31d65816934c2e3e4544141c78
8723dff8ba173b4717f37bfdda8a43afe779c603eaf589012f43a15da083648a
92afa9485ca4ccf9d827259ae32c1868922e79a8c5677db8757acc8a0170e959
9a1fe38b222a10ffeb53c06814a044b6ea26271d2fe76bc5b5bebeb617780793
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
ae00aace8e3f670b626451439100c78be06bb3165dbbc4b9db4bbf4900ad146d
aed7d9b7a26edef496d2f8639570085f3b9d230e0eee6edab9dc3e2e03a0cae4
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
bcbe79ce2116c05e7872815dcb15915ce7760d122ce4b8e1cb8fa25e9910a0c8
cd8359b6adeac3e82c25d1f7564769758db7ed1360c2d111fc7d393abe3f0639
d3a6d0c18f6887f771aa3cd51db375e7a9588e1af63801cc100cd9bcc5bccaac
d51d2273e2767f92e29d0d1d85bfce694ea1c14fe3ce65d069c22d85e91aedcf
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d732a88f0f393fb23575c6ed8c7699ef1178cde3e70b84e1add9daf4ad26ced5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc47e1224b9fb2567b7e5d8775bee1eb2af94793a3247702dd777507c89ad7c0
de020ce2e06868cdee188a747ae3decbf869cf356fd1181896e6e32b4deebc28
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6648b04e414e1e9fe5291e31e47fae11425d5180dd7c1da6743e5cf840f3e37
e6eef28b87abd72b27ae0c19f0070ad1366419c868f5c538760cae1af5c4c9cf
e9b2a4dfbb0e73a27a6452af631ee51169eb4274557200740c3e619ed34b56a0
ea6e1aafc418a2f43f97735f6c99ab4817516e3efade144ab32aa9544fb3bace
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4814d26cec0cc65fc34d1a24ecacdc0c2cb5fdb8bc871897403e3b37e6240a5
f4e2816bbf692a367068749417b5237804fc9e870c122552d55cdfc49fd22bd9
f591b5e8e481d42510ec7c3ba1109a1159ee44a01169c53a441e982ba6e4fa5b
f64905979e1e44229a9268d9eb42834ad9258b90f1c8f4ac82c8592791783fdb