sbr-partner.mountfaberleisure.com
Open in
urlscan Pro
3.1.254.33
Public Scan
Submission: On January 29 via api from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on November 10th 2023. Valid for: a year.
This is the only time sbr-partner.mountfaberleisure.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-254-33.ap-southeast-1.compute.amazonaws.com
sbr-partner.mountfaberleisure.com |
ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com
gt-media-assets.s3.ap-southeast-1.amazonaws.com |
ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-165-116-27.atl58.r.cloudfront.net
go.affec.tv |
ASN16509 (AMAZON-02, US)
PTR: server-3-161-163-116.atl59.r.cloudfront.net
www.clickcease.com |
ASN29990 (ASN-APPNEX, US)
PTR: secure.datawrkz.com.pxlsrv.net
secure.datawrkz.com |
ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com | |
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
adservice.google.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-254-206.compute-1.amazonaws.com
map.go.affec.tv |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
stats.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
mountfaberleisure.com
sbr-partner.mountfaberleisure.com |
676 KB |
6 |
permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3125 api.permutive.com — Cisco Umbrella Rank: 2271 |
70 KB |
6 |
adnxs.com
3 redirects
secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com — Cisco Umbrella Rank: 253 |
7 KB |
5 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 107 |
309 B |
5 |
affec.tv
2 redirects
go.affec.tv — Cisco Umbrella Rank: 7067 map.go.affec.tv — Cisco Umbrella Rank: 7362 |
4 KB |
4 |
doubleclick.net
3 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 |
3 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174 |
76 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
350 KB |
3 |
google.com
www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98 |
963 B |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 357 |
715 B |
2 |
amazonaws.com
gt-media-assets.s3.ap-southeast-1.amazonaws.com |
338 KB |
1 |
datawrkz.com
1 redirects
secure.datawrkz.com — Cisco Umbrella Rank: 816684 |
220 B |
1 |
clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 11720 |
43 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145 |
2 KB |
56 | 15 |
Domain | Requested by | |
---|---|---|
17 | sbr-partner.mountfaberleisure.com |
sbr-partner.mountfaberleisure.com
|
5 | api.permutive.com |
cdn.permutive.com
|
5 | www.facebook.com |
sbr-partner.mountfaberleisure.com
|
5 | secure.adnxs.com |
3 redirects
sbr-partner.mountfaberleisure.com
|
4 | connect.facebook.net |
sbr-partner.mountfaberleisure.com
connect.facebook.net |
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
4 | www.googletagmanager.com |
sbr-partner.mountfaberleisure.com
www.googletagmanager.com |
3 | map.go.affec.tv |
2 redirects
sbr-partner.mountfaberleisure.com
|
2 | match.adsrvr.org | 2 redirects |
2 | ad.doubleclick.net | 2 redirects |
2 | www.google.com |
sbr-partner.mountfaberleisure.com
|
2 | go.affec.tv |
www.googletagmanager.com
go.affec.tv |
2 | gt-media-assets.s3.ap-southeast-1.amazonaws.com |
sbr-partner.mountfaberleisure.com
|
1 | ib.adnxs.com |
cdn.permutive.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | cdn.permutive.com |
go.affec.tv
|
1 | adservice.google.com |
sbr-partner.mountfaberleisure.com
|
1 | googleads.g.doubleclick.net | 1 redirects |
1 | secure.datawrkz.com | 1 redirects |
1 | www.clickcease.com |
sbr-partner.mountfaberleisure.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
56 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.mountfaberleisure.com |
mflgenterprise-online.globaltix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mountfaberleisure.com Amazon RSA 2048 M02 |
2023-11-10 - 2024-12-08 |
a year | crt.sh |
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-11-07 - 2024-02-05 |
3 months | crt.sh |
affec.tv Amazon RSA 2048 M01 |
2023-07-06 - 2024-08-03 |
a year | crt.sh |
clickcease.com Amazon RSA 2048 M02 |
2023-11-26 - 2024-12-24 |
a year | crt.sh |
permutive.com Cloudflare Inc ECC CA-3 |
2023-12-26 - 2024-12-25 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2023-02-13 - 2024-03-15 |
a year | crt.sh |
api.permutive.com R3 |
2023-12-15 - 2024-03-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sbr-partner.mountfaberleisure.com/
Frame ID: D8361464B8C1478C406970DAF1C53DD1
Requests: 56 HTTP requests in this frame
Screenshot
Page Title
Mount Faber Leisure Partner's PromotionDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Select2 (JavaScript Libraries) Expand
Detected patterns
- select2(?:\.min|\.full)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Ticket Selection
Search URL Search Domain Scan URL
Title: Review Order & Checkout
Search URL Search Domain Scan URL
Title: Payment
Search URL Search Domain Scan URL
Title: Cyber Trust Mark (Promoter)
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://secure.datawrkz.com/seg?add=34413347&t=1 HTTP 302
- https://secure.adnxs.com/seg?add=34413347&t=1
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940908200/?random=929052361&cv=11&fst=1706497300390&bg=ffffff&guid=ON&async=1>m=45He41o0v830187758&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsbr-partner.mountfaberleisure.com%2F&label=o-R3CIT15dwBEKi91MAD&hn=www.googleadservices.com&frm=0&tiba=Mount%20Faber%20Leisure%20Partner%27s%20Promotion&value=0&ec_m=body%3E%3Anth-child(4)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Afalse%3A26%3Afalse*1~body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Atrue%3A26%3Afalse*1&ec_sel=body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=STRONG%3Atrue%3A26%3Afalse&ec_lat=2&ec_s=1&pscdl=noapi&auid=1133805256.1706497300&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=FBW3Zc_sGpWdoPMPz5mZmAY&sscte=1&crd=&eitems=ChAIgJPYrQYQ04_n1cLk1uB6Eh0AHuL8wb-uzRuGK2E9MoKDwsoj5wVyJo5A8pO6Bg&pscrd=Ek9DaEVJZ0pQWXJRWVEyZW05bDlhdnE0RzlBUkltQUlBYllIY1FPc3FXYnA3bXRXRW81M3FUbVVnZUtHbk9majR6U2otRlUtUG04M0JZRTl3GlhDaEFJZ0pQWXJRWVEtX21sMWZEbTQ4Y1RFaTRBTkNla2pKN1hwOWxNUjBBTFd6UlNNSHNHUkQ1ZEFCV2N0WEVncnprNGtDNmxCc3gxbXFZdDR0UnFEa2NPIhMIz8ac682BhAMVlQ5oCB3PTAZj HTTP 302
- https://www.google.com/pagead/1p-conversion/940908200/?random=929052361&cv=11&fst=1706497300390&bg=ffffff&guid=ON&async=1>m=45He41o0v830187758&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsbr-partner.mountfaberleisure.com%2F&label=o-R3CIT15dwBEKi91MAD&hn=www.googleadservices.com&frm=0&tiba=Mount%20Faber%20Leisure%20Partner%27s%20Promotion&value=0&ec_m=body%3E%3Anth-child(4)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Afalse%3A26%3Afalse*1~body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Atrue%3A26%3Afalse*1&ec_sel=body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=STRONG%3Atrue%3A26%3Afalse&ec_lat=2&ec_s=1&pscdl=noapi&auid=1133805256.1706497300&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pQWXJRWVEyZW05bDlhdnE0RzlBUkltQUlBYllIY1FPc3FXYnA3bXRXRW81M3FUbVVnZUtHbk9majR6U2otRlUtUG04M0JZRTl3GlhDaEFJZ0pQWXJRWVEtX21sMWZEbTQ4Y1RFaTRBTkNla2pKN1hwOWxNUjBBTFd6UlNNSHNHUkQ1ZEFCV2N0WEVncnprNGtDNmxCc3gxbXFZdDR0UnFEa2NPIhMIz8ac682BhAMVlQ5oCB3PTAZj&is_vtc=1&ocp_id=FBW3Zc_sGpWdoPMPz5mZmAY&cid=CAQSGwAvHhf_XoEm6r1NpSOoj_8ghj61HYeBRb1CBA&eitems=ChAIgJPYrQYQ04_n1cLk1uB6Eh0AHuL8wdTdftJIA0LjCEFG90-Eesy_2ND90AfWwQ&random=3096867520
- https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1624739&order_id=%5BORDER_ID%5D&seg=31397507&t=1&value=%5BREVENUE%5D HTTP 307
- https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1624739%26order_id%3D%255BORDER_ID%255D%26seg%3D31397507%26t%3D1%26value%3D%255BREVENUE%255D
- https://ad.doubleclick.net/ddm/activity/src=12599811;type=invmedia;cat=mflgs0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%27%20+%20a%20+%20%27?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=12599811;dc_pre=CM-EqOvNgYQDFZrPTwIdX78DGg;type=invmedia;cat=mflgs0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%27%20+%20a%20+%20%27?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 302
- https://adservice.google.com/ddm/fls/p/src=12599811;dc_pre=CM-EqOvNgYQDFZrPTwIdX78DGg;type=invmedia;cat=mflgs0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%27%20+%20a%20+%20%27?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&~oref=https://sbr-partner.mountfaberleisure.com/
- https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
- https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65b71514bc6e410001b70cf8%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 307
- https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65b71514bc6e410001b70cf8%2526chc%253Daf%2526redirect_url%253D%2526gdpr%253D%25255BGDPR_APPLIES%25255D%2526gdpr_consent%253D%25255BGDPR_TCF_CONSENT_STRING%25255D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D HTTP 302
- https://map.go.affec.tv/map/an/1641060087940623036?ch=65b71514bc6e410001b70cf8&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
- https://map.go.affec.tv/map/ttd/a56ac7ec-5db3-4a74-960a-4191c1ac8582?ttd_puid=&gdpr=0&gdpr_consent=
56 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sbr-partner.mountfaberleisure.com/ |
99 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
sbr-partner.mountfaberleisure.com//assets/css/ |
157 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.min.css
sbr-partner.mountfaberleisure.com//assets/css/mflg/ |
514 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
sbr-partner.mountfaberleisure.com//assets/css/mflg/ |
51 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flatpickr.css
sbr-partner.mountfaberleisure.com//assets/vendors/flatpickr/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.css
sbr-partner.mountfaberleisure.com//assets/vendors/select2/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
sbr-partner.mountfaberleisure.com/assets/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mflg_logo.png
gt-media-assets.s3.ap-southeast-1.amazonaws.com/images/gt-forge/mflg/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mflg_hidden_pages_background.jpg
gt-media-assets.s3.ap-southeast-1.amazonaws.com/images/gt-forge/mflg/ |
331 KB 331 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
sbr-partner.mountfaberleisure.com/assets/dist/js/ |
79 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flatpickr.js
sbr-partner.mountfaberleisure.com/assets/vendors/flatpickr/ |
49 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.js
sbr-partner.mountfaberleisure.com/assets/vendors/select2/ |
71 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
177 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
339 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.woff2
sbr-partner.mountfaberleisure.com//assets/fonts/ |
118 KB 119 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenturyGothic.woff2
sbr-partner.mountfaberleisure.com//assets/fonts/centurygothic/ |
55 KB 56 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenturyGothic-Bold.woff2
sbr-partner.mountfaberleisure.com//assets/fonts/centurygothic/ |
49 KB 50 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LilitaOne.woff2
sbr-partner.mountfaberleisure.com//assets/fonts/lilitaone/ |
11 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenturyGothic-Italic.woff2
sbr-partner.mountfaberleisure.com//assets/fonts/centurygothic/ |
59 KB 59 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
271 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
300 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.googleadservices.com/pagead/conversion/940908200/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
213 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6322c3394d15a31047e594ab
go.affec.tv/j/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stat.js
www.clickcease.com/monitor/ |
142 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seg
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 183 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-conversion/940908200/ Redirect Chain
|
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
options
sbr-partner.mountfaberleisure.com/partners/ |
2 MB 106 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
go.affec.tv/per/ |
846 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=12599811;dc_pre=CM-EqOvNgYQDFZrPTwIdX78DGg;type=invmedia;cat=mflgs0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%27%2...
adservice.google.com/ddm/fls/p/ Redirect Chain
|
42 B 401 B |
Script
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a56ac7ec-5db3-4a74-960a-4191c1ac8582
map.go.affec.tv/map/ttd/ Redirect Chain
|
0 485 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4e416bb9-355b-453e-9363-5a08383a8b89-async.js
cdn.permutive.com/ |
243 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 94 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
659598044517335
connect.facebook.net/signals/config/ |
53 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1776302552539060
connect.facebook.net/signals/config/ |
20 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5449233991790817
connect.facebook.net/signals/config/ |
30 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getuidj
ib.adnxs.com/ |
29 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geoip
api.permutive.com/v2.0/ |
275 B 384 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
33a8bd35-7262-49c0-91b5-cc150558651a
https://sbr-partner.mountfaberleisure.com/ |
48 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
e8ef0e5a-b0ba-4712-a3df-53c14dca0e4b
https://sbr-partner.mountfaberleisure.com/ |
48 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
identify
api.permutive.com/v2.0/ |
50 B 267 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
audiences
api.permutive.com/audience-matching/v1/id/41f3abff-7386-4533-8f58-edcee6dcf975/ |
12 B 66 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
events
api.permutive.com/v2.0/batch/ |
101 B 130 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
state
api.permutive.com/v1.0/ |
0 34 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenturyGothic-BoldItalic.woff2
sbr-partner.mountfaberleisure.com//assets/fonts/centurygothic/ |
53 KB 54 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq function| _fbq object| script string| target object| elem function| onYouTubeIframeAPIReady object| gaGlobal object| bootstrap function| flatpickr function| matchCustom function| loadPiggybacks object| piggybacks object| permutive object| gaplugins object| gaData object| regeneratorRuntime object| ccConsole function| getBrowserFingerprint boolean| ccinstalled object| packageOptions24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
map.go.affec.tv/map/ttd | Name: oo Value: 1 |
|
map.go.affec.tv/map/an | Name: oo Value: 1 |
|
sbr-partner.mountfaberleisure.com/ | Name: gt_forge Value: c2vufkomtde7v37kkfopddccdns6f4gs |
|
.mountfaberleisure.com/ | Name: _gcl_au Value: 1.1.1133805256.1706497300 |
|
.mountfaberleisure.com/ | Name: _ga_MR7WK61PLB Value: GS1.1.1706497300.1.0.1706497300.0.0.0 |
|
.mountfaberleisure.com/ | Name: _ga_K1Z44P1D9D Value: GS1.1.1706497300.1.0.1706497300.0.0.0 |
|
.go.affec.tv/ | Name: ck Value: 65b715142d39710001956fc8 |
|
.go.affec.tv/ | Name: oo Value: 1 |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: XANDR_PANID Value: K1f9fQwSTE3vmccL7yfrMEQzORMDdjqQykY2KLYU55zFj32ss_Cu1Mu7ls_Va7yconj342kY1RjWeevYsZK3CPClrpm4Mp5Y4AovO82VlsY. |
|
.adnxs.com/ | Name: uuid2 Value: 4336052139742198131 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.adsrvr.org/ | Name: TDID Value: a56ac7ec-5db3-4a74-960a-4191c1ac8582 |
|
.adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwisz-qPq6DQPBAFOAE. |
|
.go.affec.tv/ | Name: pt Value: eyJhbiI6eyJkdCI6MTcwNjQ5NzMwMCwiaWQiOiIxNjQxMDYwMDg3OTQwNjIzMDM2IiwibHMiOjE3MDY0OTczMDB9LCJ0ZCI6eyJkdCI6MTcwNjQ5NzMwMCwiaWQiOiJhNTZhYzdlYy01ZGIzLTRhNzQtOTYwYS00MTkxYzFhYzg1ODIiLCJscyI6MTcwNjQ5NzMwMH0sInYiOjB9|1706497300|5a2276930d39fc3c3b9887aed909b3c370b22cdf |
|
.mountfaberleisure.com/ | Name: _ga Value: GA1.2.275921981.1706497300 |
|
.mountfaberleisure.com/ | Name: _gid Value: GA1.2.443481367.1706497301 |
|
.mountfaberleisure.com/ | Name: _gat_UA-60583474-1 Value: 1 |
|
.mountfaberleisure.com/ | Name: _fbp Value: fb.1.1706497300880.164100119 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/8D>6NRF']wIg2GVIg+^7A!fst<)t6=.PlZ[C[-kX-fpM72 |
|
.mountfaberleisure.com/ | Name: permutive-id Value: 41f3abff-7386-4533-8f58-edcee6dcf975 |
|
sbr-partner.mountfaberleisure.com/ | Name: oaj9IQFqO71O0DYPY3MOGk5REwMeuTPc Value: 89dab111651c9b4da64fce8d861967bc |
|
sbr-partner.mountfaberleisure.com/ | Name: AWSALB Value: 568xMRfZMMk+roUv4oizd0rsyMFf5RjYANgTvS5dG1iqlhb6V40mPFP4c7VbJ8i0KaUFhboWPtTrV8drWbvRee6BJQvzQtsp4C5beT+wn10hsjsITJeVtL18SJeQ |
|
sbr-partner.mountfaberleisure.com/ | Name: AWSALBCORS Value: 568xMRfZMMk+roUv4oizd0rsyMFf5RjYANgTvS5dG1iqlhb6V40mPFP4c7VbJ8i0KaUFhboWPtTrV8drWbvRee6BJQvzQtsp4C5beT+wn10hsjsITJeVtL18SJeQ |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
api.permutive.com
cdn.permutive.com
connect.facebook.net
go.affec.tv
googleads.g.doubleclick.net
gt-media-assets.s3.ap-southeast-1.amazonaws.com
ib.adnxs.com
map.go.affec.tv
match.adsrvr.org
sbr-partner.mountfaberleisure.com
secure.adnxs.com
secure.datawrkz.com
stats.g.doubleclick.net
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.17.118.17
142.250.64.98
142.250.65.206
142.251.32.98
142.251.40.130
142.251.40.164
142.251.40.198
142.251.41.8
15.197.193.217
172.253.63.155
18.165.116.27
3.1.254.33
3.161.163.116
31.13.71.36
31.13.71.7
34.107.254.252
43.250.0.197
52.203.254.206
52.219.129.43
68.67.160.24
15ae281b5dbc52355e17afdf2c58320f222cec55f5929d102cdff74d3f995a19
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2ef25cf93419ed7cf9d577f22b30bc6c007b258f534c8b1253ee717a1925b76b
31ab13513083ed85e1a478f5432d7c393f09cbcedb5874af099c64830be235ea
340ef5288df2a59fc1e884f18767f7138d896eb34ea8f3eb22e7a7629b1964eb
3b8b965644e7913554b8b8b746f05a64db82db825082a0dc2e90e72978de1032
3e100c825b1a94c1144c5875ca3a5992a6b6e8fd027d036b71f45565072238cc
4614ea85dd845d00136f295c31d1a875e99125f3c8d10139f05c9917a8b74973
48c1604c5f52c4a54dd988b3ab8d10d3389729cd5e3ee4340220c4f3b84e4941
500885fc62c7cd87142060c9192f58fe607fb724805a411b8f0840ffca2ecf11
55be37076fba6641646b7a8f1de0fdbee4268901b63b755c5448970919a7b279
56e658777be0a9d645ba0c73525a8037c0b6ff2db181307d00df5a88682e52ae
5e9811c3914a3779c4a6a5393a48f4a7735502ef89eeb754818855c9133f09f8
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
621495b332d530998ea8379ba9cb2007dcfdf04c864a3aa23b9d4158d290b03c
6a1ea0e95cac336c6cc80f6bf4ff13a310b4ee26d9f3ba16aeb4a636fefce7b1
8056ade9faacec1eb5ff5e7cb16e7710317cbfb9548bd651f2d78df4be496118
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
899a432398194bc8c16ede42c087231946974337e7d9e0b5ea575224b78f0e67
9a6f0d2f7ee1862397f78404d84e7ed65c8fc799894ccde5f60c992961f80a07
9c04b5c034013c1a9ad5f9d9abcc1dd59e8237e3e09875cb15d328d20da961fd
a8ed6f97cac32d2e341ef972d6cb53171c0fdeb32d9921e6652b5ddb5128ac4d
aad3393da03cf7717405149240e0f0ab20696275053b8f754a99549a1917de6b
ac72cbcddbcfbfc420e459ac923c083450d03fe169b163e41fb5f2c4ca45fd39
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b09556448a9510798621384b16e0df60b3caad7fc497056da0020a7d81234864
b23ded86e82dfec4bef2fb54d34cb6650aba927188161426bfb593e4417361cd
bf69d7032130db554dd4a73052a52dae6d36e6b318081521b40c689a15aafb6e
c479bd399696a7923044d68b2052f7e93e6f2142924666c70d167abdb33d7c2c
cd303864d15f7cd6a40afb061e7683f098709970794cb8374fa6ac262c8ec91d
cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f
d66a3f7203e5d4cc1f81be748f72572d9619e0bbec4b82e9e73709d08fb07433
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe20393d86beb82b02856e3c1c3a4c0b3cb9e412e73a93b2a10809aa522ed3d
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f
f8aa22a8a02f645022cdf3dfe8a8873e372b25c8ef17caf01c9e1b1e08e31077
ff2b6a18cce9068236f0950ff42a49481b276b0e75c22ae6091f1fc5215e5ad0