www.rttnews.com
Open in
urlscan Pro
54.156.211.103
Public Scan
Effective URL: https://www.rttnews.com/3442193/asian-shares-climb-on-robust-u-s-earnings.aspx?type=ts
Submission: On April 26 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 8th 2023. Valid for: a year.
This is the only time www.rttnews.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN11377 (SENDGRID, US)
PTR: o16789123x204.outbound-mail.sendgrid.net
email.analystratings.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-211-103.compute-1.amazonaws.com
www.rttnews.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-26.fra56.r.cloudfront.net
cdn.rttnews.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net |
ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com |
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
www.google.de |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
fundingchoicesmessages.google.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-141-138.eu-west-1.compute.amazonaws.com
aa.agkn.com |
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
rttnews.com
www.rttnews.com — Cisco Umbrella Rank: 950430 cdn.rttnews.com — Cisco Umbrella Rank: 834617 |
237 KB |
11 |
pixfuture.com
cdn.pixfuture.com — Cisco Umbrella Rank: 70666 served-by.pixfuture.com — Cisco Umbrella Rank: 62821 |
537 KB |
8 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660 www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 127 region1.analytics.google.com — Cisco Umbrella Rank: 2941 |
257 KB |
6 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1791 ka-f.fontawesome.com — Cisco Umbrella Rank: 4267 |
177 KB |
5 |
gstatic.com
fonts.gstatic.com |
225 KB |
5 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
171 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 imasdk.googleapis.com — Cisco Umbrella Rank: 498 |
140 KB |
2 |
agkn.com
aa.agkn.com — Cisco Umbrella Rank: 543 |
915 B |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 7278 |
126 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
90 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
21 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
8 KB |
1 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45 |
5 KB |
1 |
aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2492 |
25 KB |
1 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 66 |
|
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
96 KB |
1 |
analystratings.net
1 redirects
email.analystratings.net — Cisco Umbrella Rank: 236555 |
290 B |
0 |
addthis.com
Failed
s7.addthis.com Failed |
|
76 | 18 |
Domain | Requested by | |
---|---|---|
18 | cdn.rttnews.com |
www.rttnews.com
cdn.rttnews.com |
9 | cdn.pixfuture.com |
www.rttnews.com
cdn.pixfuture.com |
5 | fonts.gstatic.com |
www.rttnews.com
fonts.googleapis.com |
5 | ka-f.fontawesome.com |
kit.fontawesome.com
www.rttnews.com |
5 | www.rttnews.com |
www.rttnews.com
|
4 | fundingchoicesmessages.google.com |
www.rttnews.com
securepubads.g.doubleclick.net |
3 | securepubads.g.doubleclick.net |
www.rttnews.com
securepubads.g.doubleclick.net imasdk.googleapis.com |
2 | aa.agkn.com |
cdn.pixfuture.com
|
2 | fonts.googleapis.com |
cdn.pixfuture.com
|
2 | apis.google.com |
www.rttnews.com
apis.google.com |
2 | www.google.de |
www.rttnews.com
|
2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
2 | served-by.pixfuture.com |
cdn.pixfuture.com
|
2 | connect.facebook.net |
www.rttnews.com
connect.facebook.net |
2 | www.google-analytics.com |
www.rttnews.com
www.google-analytics.com |
2 | cdnjs.cloudflare.com |
www.rttnews.com
|
1 | imasdk.googleapis.com |
cdn.pixfuture.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | lh3.googleusercontent.com |
www.rttnews.com
|
1 | www.google.com |
www.rttnews.com
|
1 | ajax.aspnetcdn.com |
www.rttnews.com
|
1 | www.youtube.com |
www.rttnews.com
|
1 | kit.fontawesome.com |
www.rttnews.com
|
1 | www.googletagmanager.com |
www.rttnews.com
|
1 | email.analystratings.net | 1 redirects |
0 | s7.addthis.com Failed |
www.rttnews.com
|
76 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
www.facebook.com |
www.linkedin.com |
www.addthis.com |
news.google.com |
www.pixfuture.com |
www.twitter.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.rttnews.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-08 - 2024-08-06 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
pixfuture.com E1 |
2024-03-16 - 2024-06-14 |
3 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-04 - 2025-01-03 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-04 - 2024-05-04 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2024-01-30 - 2025-01-30 |
a year | crt.sh |
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA |
2023-11-28 - 2024-12-03 |
a year | crt.sh |
ka-f.fontawesome.com GTS CA 1P5 |
2024-03-05 - 2024-06-03 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.apis.google.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-09-07 - 2024-09-29 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.rttnews.com/3442193/asian-shares-climb-on-robust-u-s-earnings.aspx?type=ts
Frame ID: 4E0A1696CBA72F624C4BF2A2B8A76D46
Requests: 74 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/o2vqZN66kb4?autoplay=1&mute=1
Frame ID: CBAB3C9FB71A2F11FAF9512DB0AAE1D4
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.pixfuture.com/pixf_sync.html
Frame ID: 2A845892CF375352B647F7F665A4CD1C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Asian Shares Climb On Robust U.S. EarningsPage URL History Show full URLs
-
http://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxoOouA-2BPien3Bf5hSRhBZAJBWgESDOfReM...
HTTP 307
https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxoOouA-2BPien3Bf5hSRhBZAJBWgESDOfReM... HTTP 302
https://www.rttnews.com/3442193/asian-shares-climb-on-robust-u-s-earnings.aspx?type=ts Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Plus (Widgets) Expand
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Osano (Cookie compliance) Expand
Detected patterns
- cookieconsent\.min\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxoOouA-2BPien3Bf5hSRhBZAJBWgESDOfReMc3-2FIpt-2BiEAAJrSzOPjKQ5yIoq37YDkI2BtOEJiaEgw3jnfHRsJjMZtkew8TK95eskWuR2B2qusvQcn_tUVFAbhJxF44ufbifaYzyYApcQooCC4WsuZoiwe419P4yduhyWqX-2BKPKsfasIjRYZdqX3clsUmG4SzCtH41c0W2Pghvyz0qncHPsKZ1i7Jey0hK8kdDaGMr3aUk5rOfeA0MfunEAnwmrD61RLUhVuG5PP4tBpO66kdhCIg5O-2FI9l9t5KY3vWDhD4AnvBMa0yRY2kknhtn3GyFQPDmSHQE3U-2BoftKSu0zjXC7-2BWfFBC0Eq13wmqGE84gpYlNEcQXI
HTTP 307
https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxoOouA-2BPien3Bf5hSRhBZAJBWgESDOfReMc3-2FIpt-2BiEAAJrSzOPjKQ5yIoq37YDkI2BtOEJiaEgw3jnfHRsJjMZtkew8TK95eskWuR2B2qusvQcn_tUVFAbhJxF44ufbifaYzyYApcQooCC4WsuZoiwe419P4yduhyWqX-2BKPKsfasIjRYZdqX3clsUmG4SzCtH41c0W2Pghvyz0qncHPsKZ1i7Jey0hK8kdDaGMr3aUk5rOfeA0MfunEAnwmrD61RLUhVuG5PP4tBpO66kdhCIg5O-2FI9l9t5KY3vWDhD4AnvBMa0yRY2kknhtn3GyFQPDmSHQE3U-2BoftKSu0zjXC7-2BWfFBC0Eq13wmqGE84gpYlNEcQXI HTTP 302
https://www.rttnews.com/3442193/asian-shares-climb-on-robust-u-s-earnings.aspx?type=ts Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
76 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
asian-shares-climb-on-robust-u-s-earnings.aspx
www.rttnews.com/3442193/ Redirect Chain
|
101 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
95 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Story.min.css
cdn.rttnews.com/css/v3/pages/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CombinedCSS.css
cdn.rttnews.com/css/v3/controls/ |
25 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
283 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
respond.min.js
cdn.rttnews.com/js/v3/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.rttnews.com/scripts/pushalert/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
topslideshows.min.css
cdn.rttnews.com/css/v3/controls/ |
391 B 737 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latestvideos.min.css
cdn.rttnews.com/css/v3/controls/ |
820 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RecentKeywordArticles.min.css
cdn.rttnews.com/css/v3/controls/ |
2 KB 922 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rttnews-logo.gif
cdn.rttnews.com/images/v2/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Search-button.png
cdn.rttnews.com/images/v3/ |
530 B 869 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
addthis_widget.js
s7.addthis.com/js/250/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whatsapp.png
cdn.rttnews.com/images/v4/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load-widget.js
cdn.pixfuture.com/cw/ |
53 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AC.aspx
www.rttnews.com/ |
30 B 210 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MVPopup.aspx
www.rttnews.com/Content/ |
704 B 624 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Loading.gif
cdn.rttnews.com/images/v3/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Jquery-1.10.2.min.js
cdn.rttnews.com/js/v3/ |
91 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CombinedScript_Infinite.min.js
cdn.rttnews.com/js/v3/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.responsiveTabs.min.js
cdn.rttnews.com/js/v3/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0e0d0b3ce0.js
kit.fontawesome.com/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxX4j0L6QD3r8fmM3Hr6oANS3xzaA8D8qw_uLngpBjG99ruhTVgTMwb4rTNsV0mAeFMjoaM6sQBGhbYIpivZfMQ=
fundingchoicesmessages.google.com/f/ |
181 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o2vqZN66kb4
www.youtube.com/embed/ Frame CBAB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RTTNews-Main_logo.jpg
cdn.rttnews.com/images/v2/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProximaNova.ttf
cdn.rttnews.com/font/ |
88 KB 89 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/ |
448 KB 140 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.3.2.min.js
ajax.aspnetcdn.com/ajax/jquery/ |
56 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MVPopup.js
cdn.rttnews.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.js
connect.facebook.net/en_US/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
gcws.php
served-by.pixfuture.com/www/delivery/ |
11 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxUhAN9JwusyJeMzGP3epAZtUJTYasuvpDxQCo076qu-on4Mrqg1CDqrC8E18CO1hgiwZ-3Nn7OdNSgqMfz5VLs6TRQsBxmNTlBaX1aXHLE9J9webMRi-mX01s89ENLFmQcyyKivZw==
fundingchoicesmessages.google.com/f/ |
372 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 349 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21809114589
fundingchoicesmessages.google.com/i/ |
181 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whatsapp-button.js
cdn.rttnews.com/js/v3/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plusone.js
apis.google.com/js/ |
55 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FollowUsOn150x38-04Nov2023.png
cdn.rttnews.com/images/v4/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
109 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SfSsWcpjb2SzyBpKuTSkMrqw8XWmiloXF_qKcQlHhPAVJ5mXiHUlje82QlEE4hSIbv_u60ffwM4CEucEgWT99jkIaXWxzNhO2wE3zrkBzZVluOXXW8g=h60
lh3.googleusercontent.com/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ |
125 KB 126 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVd54shBEfgxIhjWgLqhXty3qLgcw_IesXhSe3k9l-q2lp4NVHDCbAw4MIRJNtgJfZL9-dqQH_kB-732wi_XQ-whtCqoYh_Lsov_NXvzPh8cG7-DnG7VdpAKd1tE3elzCDOkjNJAw==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxf_4098x25.min.css
cdn.pixfuture.com/content_widget/ |
1 KB 924 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/ |
157 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 698 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cw_style.css
cdn.pixfuture.com/cw/ |
28 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
76c87d7eb2f0fed72176ef3bd98025b6.jpeg
cdn.pixfuture.com/content_widget/logos/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cw_ad.js
cdn.pixfuture.com/cw/ |
48 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb908238371cd1b3424b6ad0365c3888.jpeg
cdn.pixfuture.com/content_widget/ |
211 KB 212 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.pixfuture.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixf_sync.html
cdn.pixfuture.com/ Frame 2A84 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.js
aa.agkn.com/adscores/ |
0 458 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ima3.js
imasdk.googleapis.com/js/sdkloader/ |
387 KB 133 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ |
276 B 146 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pbixcw.js
cdn.pixfuture.com/ |
396 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cwc.php
served-by.pixfuture.com/www/delivery/ |
23 KB 24 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.rttnews.com/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r.js
aa.agkn.com/adscores/ |
0 457 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s7.addthis.com
- URL
- https://s7.addthis.com/js/250/addthis_widget.js
Verdicts & Comments Add Verdict or Comment
133 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| googletag function| __d3lUW8vwsKlB__ function| cerror number| ord function| resizeIframe string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| cookieconsent string| nVer string| nAgt string| browserName string| fullVersion number| majorVersion undefined| nameOffset number| verOffset number| ix string| OSName string| Timezone string| baseURI function| GetTimeZone function| urlB64ToUint8Array function| initializeUI function| subscribeUser function| updateSubscriptionOnServer function| UpdateSubscription function| fbAsyncInit function| validate function| validatedesktop object| addthis_config object| addthis_share object| ggeac object| google_tag_data object| google_js_reporting_queue object| arrMVHeadline object| arrMVURL object| FB object| gaplugins object| gaGlobal object| gaData number| start object| pxftGoStoryConfig function| pxftContinueFlow object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ZDE2ZmRhODQ5MzE3YzFmY2xvYWRlcl9qcw== string| ZDE2ZmRhODQ5MzE3YzFmY2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady undefined| google_measure_js_timing object| google_tag_manager function| $ function| jQuery function| onYouTubeIframeAPIReady string| strHTML boolean| blnMVIsDisplayed boolean| blnMVClosed function| fnchangethefont boolean| blnDisplaySearch function| fnShowSearch object| jQuery110209611609565302257 object| __buffer object| FontAwesomeKitConfig number| wabtn4fg object| h object| s object| ___gcfg function| LoadVideos function| loadPolyfills object| respond object| theWaShBtn function| waShBtn object| gapi object| ___jsl object| ___gu object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| CookieObj function| pixFutureAdvertisementEnvironment number| cmpVersion object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| _cwpixChunk object| _cwpix object| mnet8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rttnews.com/ | Name: _gid Value: GA1.2.1750562760.1714159185 |
|
.rttnews.com/ | Name: _gat Value: 1 |
|
.youtube.com/ | Name: YSC Value: V-YkwKXh5yQ |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: SHTqDVFB6r8 |
|
.youtube.com/ | Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgVg%3D%3D |
|
.rttnews.com/ | Name: _ga_QYZHLRKYXD Value: GS1.1.1714159185.1.0.1714159185.60.0.0 |
|
.rttnews.com/ | Name: _ga Value: GA1.1.484861555.1714159185 |
|
.agkn.com/ | Name: ab Value: 0001%3AbtAUORsd7PsZimAf8dDaZxVdmpfErEV0 |
57 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aa.agkn.com
ajax.aspnetcdn.com
apis.google.com
cdn.pixfuture.com
cdn.rttnews.com
cdnjs.cloudflare.com
connect.facebook.net
email.analystratings.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
imasdk.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
lh3.googleusercontent.com
region1.analytics.google.com
s7.addthis.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rttnews.com
www.youtube.com
s7.addthis.com
104.17.25.14
108.138.7.26
142.250.185.130
142.250.186.174
152.199.19.160
157.240.252.13
161.35.253.218
167.89.123.204
172.217.16.195
172.67.139.119
2001:4860:4802:32::36
216.58.212.164
2606:4700:20::681a:644
2606:4700:4400::ac40:93bc
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c1b::9b
2a03:2880:f084:105:face:b00c:0:3
52.48.141.138
54.156.211.103
086b58cd1a986d61b3baa403c116846cc12bce35410391876249b97bf6b01d42
09b5dd716a1bf804df9e266758cd05a8e7cf5673de4663b162836d7ceea52592
0b9b25b73f7b2580bfebe2a07bd7e973aabd81b14938fbc14299b4f292d37043
0ddf165089d62e414ee907f3bb705c9298221eb56314e8704e8f3e91e25eea1d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f396002b1ebfbfaca36fed2d6badc33385b63add53e8ee018d6c9a9128cfe0b
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
2369872fc0b4f3a627bb57250027235e8a89dc18aca48f8714737f25d032f122
29020d666efc59284fba0049507692efceb2e7b3ccea3eb94caa70856e1952fd
370e597bc621bb8cf22c20d3c252e706c10c963b1a71b27d4cf833a5b413d503
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f13a8a652585934679b92ef7b5bceaeda7672269c9e8d6155e00d803dc359d2
3fede7dea74d2a898bb335490453582c566e6415f51054d1439f50ec3fc7c112
4071ad25c48517b791d4e20236cf7a8479bcd5fb557b297e32f9d7fc4f0b2ec7
409edb9db9d6379da0a600a701673ec729ae4b0a231a4d4c461a67458ec19b19
40fb66c3d7106df6125e379c9b0049beacb2d8a84e242d3409972fd12bf89710
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
47e4ba96cce6dd4bffbb5a2419a37bbf2bdb71cf7f0bef6130c72d71ad747364
485065cc549012c8b517846acf8884c48ad6a41e696b135e9890684fa1139264
48c1aae7507422922582874869121703f3f60a95420a62584042ee33ddc72d0d
4bbe983b4f2c7fa7ae09fcdab55889b1e4f8eff4e0491a726f9ed15c1995c0bf
587d1859cfacea87409c56b628ad02bb2da7dee327f6818e2b173ab54e21daa3
5bf8428f543a7cf2b19a30a9a5cddc6bc7b4434c13428110d0c8d20a5397b2d1
62c06de45151b042d581eee8aa68fe8027d28c70c48a0c34703ad69b68b945cf
69a362b0d2b0978aeb72cf552de948becaeb2b9458e2679788c71ea81451c284
6be5607ec152b24f0880e3c280b9cb477d607287b2ec3b74c6235ffafb432416
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
741211971937da73327f3ac9df16a0da6678cb47df48adb996633d13d8be3fbc
770143c0807fdf1627f54b38ac867236267b08c66160ce7bf5b949353b9fdf38
7d1bba82725376a4668af6b6017e35dc74c07c9543060dd6e17a8e9a724abd67
7df673e538998d7c9cf0962551f429a5903f021b4f3af4e5dd050f79224d3ef5
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
815c7008f67eeae2ba451b8f11c7645e25bed20e05f73476143a389f6b257ee7
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82bba4f7df0a206d335a6019afa6a2a13fa9de0ec727a843ded4b4e793560e4a
82da9947cecfdb0a414a78653c39001220c8a820365890b28186c44214f74062
839983bf0c0aca55203a06b3d56ac0ec82506c8df2e75fa39b354874374f46d2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cc28ffeb2113c8c13a83a18252efda6ef0185a69e59119037d5190c04cf7f31
94f9dc3fe1126d55053b1638ed35e036916f5e407a2651e0222adf5f6ee8b75d
9749a2faaea5f9a3cbb6d7f5fb64a81250a27f20c3b68182ecbf14c7c7fed0fd
9fd976d5dc10d8d9f185627e73c7c39217bbb45dadd5238b34db7b8ee3b2ee6c
a34739d75f51e883a9b15ea4e26f62ddf3487eb55e4a4aacee52c721c2b3cee5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1beeb5e89cb58376dc8827e580542c34c4ff30b16a455a5b0bf4cb831c112b
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2256d84be447bebdcfc55dc3b049e6cba7645ebaf76a23d0415b9a080bd3047
b2b744571fa537dc54da3e3878bf4d6e180f927858e9da2a32d28659c97c05ee
b465ad3665c0c3ee943553b5292250fe45731be986f8d98f50dcf6f4e789b0a9
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b6a0dc033049e4e05526c0c761456ace62442066b3e162841e9e8187aa383a5c
b87cb0567b4af30b4ea3b50561d46bc7bd06c8062d99e0d84b84ff96463e1f02
ba8e8ce3bcb9360519c4fb695e15ddc474c42f76871f2f05c468288cbcd88648
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
d94741d73e4500db83b9e05383f2ac96c80e5c6741314a7adb72312c3f405cf9
db5a32bdfa3fb9ef75d70187773538412edeb8f740e71be7f5d58208640d210e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e838bb8caf249027ff1236bb9a02e382e21fe497273c1ba28edc4188b1e22873
e83b7e98228a61fc47269675aefbb9fdd6f2cb9b7e1617b98e430dd5e4f26a79
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62d7096c57f19314954f9fb14b3fa3a1d2f260562ba24bd4becd21c0b817fa0
fa411409e767595b83bf12f7204d69a856031ec9466998358316f6cbbfedd8a6
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda