ads.bid
Open in
urlscan Pro
88.208.54.88
Public Scan
Effective URL: https://ads.bid/
Submission: On December 15 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 30th 2019. Valid for: 3 months.
This is the only time ads.bid was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN39572 (ADVANCEDHOSTERS-AS, NL)
2vaxwkujrfwh.info | |
ads.bid | |
adblock.medicineteaser.org |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com |
ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv158-137-240-87.vk.com
vk.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN24940 (HETZNER-AS, DE)
PTR: static.148.66.130.94.clients.your-server.de
tag.oneretarget.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-155-68-125.eu-west-1.compute.amazonaws.com
node132.jivosite.com |
ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru |
ASN29182 (THEFIRST-AS, RU)
PTR: telemetry.jivosite.com
telemetry.jivosite.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
medicineteaser.org
adblock.medicineteaser.org |
2 MB |
8 |
jivosite.com
code.jivosite.com node132.jivosite.com telemetry.jivosite.com |
258 KB |
7 |
yandex.ru
1 redirects
yandex.ru mc.yandex.ru |
94 KB |
4 |
mail.ru
top-fwz1.mail.ru |
10 KB |
4 |
vk.com
vk.com |
24 KB |
3 |
google.de
www.google.de |
329 B |
3 |
google.com
2 redirects
www.google.com |
1 KB |
3 |
doubleclick.net
2 redirects
stats.g.doubleclick.net googleads.g.doubleclick.net |
2 KB |
2 |
facebook.com
www.facebook.com |
357 B |
2 |
facebook.net
connect.facebook.net |
142 KB |
2 |
googleadservices.com
www.googleadservices.com |
11 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
52 KB |
1 |
oneretarget.com
tag.oneretarget.com |
6 KB |
1 |
googleapis.com
fonts.googleapis.com |
430 B |
1 |
ads.bid
ads.bid |
7 KB |
1 |
2vaxwkujrfwh.info
1 redirects
2vaxwkujrfwh.info |
235 B |
66 | 17 |
Domain | Requested by | |
---|---|---|
26 | adblock.medicineteaser.org |
ads.bid
|
6 | code.jivosite.com |
ads.bid
code.jivosite.com |
5 | mc.yandex.ru |
1 redirects
ads.bid
|
4 | top-fwz1.mail.ru |
ads.bid
top-fwz1.mail.ru |
4 | vk.com |
ads.bid
|
3 | www.google.de |
ads.bid
|
3 | www.google.com |
2 redirects
ads.bid
|
2 | www.facebook.com |
ads.bid
|
2 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
2 | connect.facebook.net |
ads.bid
connect.facebook.net |
2 | www.googleadservices.com |
www.googletagmanager.com
www.googleadservices.com |
2 | www.google-analytics.com |
www.googletagmanager.com
ads.bid |
2 | yandex.ru |
ads.bid
|
2 | www.googletagmanager.com |
ads.bid
tag.oneretarget.com |
1 | telemetry.jivosite.com |
ads.bid
|
1 | node132.jivosite.com |
code.jivosite.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | tag.oneretarget.com |
ads.bid
|
1 | fonts.googleapis.com |
ads.bid
|
1 | ads.bid | |
1 | 2vaxwkujrfwh.info | 1 redirects |
66 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
medicineteaser.org |
store.profitclicks.ru |
yandex.ru |
t.me |
vk.com |
join.skype.com |
www.jivosite.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ads.bid Let's Encrypt Authority X3 |
2019-10-30 - 2020-01-28 |
3 months | crt.sh |
*.jivosite.com Go Daddy Secure Certificate Authority - G2 |
2017-04-10 - 2020-06-04 |
3 years | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
yandex.ru Yandex CA |
2019-09-05 - 2020-09-04 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
vk.com Sectigo ECC Extended Validation Secure Server CA |
2019-07-11 - 2020-07-09 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
tag.oneretarget.com Let's Encrypt Authority X3 |
2019-10-07 - 2020-01-05 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2 |
2019-01-18 - 2021-01-18 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://ads.bid/
Frame ID: 79F9CA8FE257A51FF0502D5FDD42B79C
Requests: 64 HTTP requests in this frame
Frame:
https://yandex.ru/map-widget/v1/?um=constructor%3A514b7aab27d1e90c108030586e75b58a74da8763fe858f58b3a2407902ac1415&source=constructor
Frame ID: 631E08600F440509D39108A9E6E335AE
Requests: 1 HTTP requests in this frame
Frame:
https://yandex.ru/map-widget/v1/?um=constructor%3A4167b2b1624bfad5e6cc02120902f700f7ac9b3b1fd301a9a42634e707e4ff07&source=constructor
Frame ID: 6E35BC27E6ACBD23C1DAB744AE065F74
Requests: 1 HTTP requests in this frame
Frame:
https://telemetry.jivosite.com/w?param1=4.6.9¶m2=0.1¶m3=newCode&event=bundle_loaded&widget_id=bmOTGioHaW&chat_mode=online&site_id=1095537&device=desktop&visitor_id=335f822e7b8eed29&widget_version=4.6.9&shard=main
Frame ID: 2FF014260DD7DE25EEA9BA6C21681C3A
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://2vaxwkujrfwh.info/
HTTP 301
https://ads.bid/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Веб-мастерам
Search URL Search Domain Scan URL
Title: Магазин подарков за клики Более 70 подарков на выбор для наших веб-мастеров в собственном магазине подарков
Search URL Search Domain Scan URL
Title: Смотреть на карте
Search URL Search Domain Scan URL
Title: adsbid_support
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://2vaxwkujrfwh.info/
HTTP 301
https://ads.bid/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&gjid=398198884&_gid=1104872381.1576373007&_u=YGBAgEAB~&z=1732063237 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&_v=j79&z=1732063237 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&_v=j79&z=1732063237&slf_rd=1&random=2529870694
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wgc61&sendb=1&ig=1&frm=0&url=https://ads.bid/&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Dov1XbTQOYiOrASesJDYCQ&sscte=1&crd=>d=&eitems=ChEIgK3S7wUQuqiv_fbsxui1ARIdAHAUnSh4rQOPJabkcuFtUJH06jI_-itD4JXtaAo HTTP 302
- https://www.google.com/pagead/1p-conversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wgc61&sendb=1&ig=1&frm=0&url=https://ads.bid/&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=Dov1XbTQOYiOrASesJDYCQ&eitems=ChEIgK3S7wUQuqiv_fbsxui1ARIdAHAUnSh8wfd1_BZu7bvUdh_-U6gg2p16ROJkLto&random=3957140008&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-conversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wgc61&sendb=1&ig=1&frm=0&url=https://ads.bid/&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=Dov1XbTQOYiOrASesJDYCQ&eitems=ChEIgK3S7wUQuqiv_fbsxui1ARIdAHAUnSh8wfd1_BZu7bvUdh_-U6gg2p16ROJkLto&random=3957140008&resp=GooglemKTybQhCsO&ipr=y
- https://mc.yandex.ru/watch/55210021?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191215022327%3Aet%3A1576373007%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A720399094%3Ahid%3A528868601%3Ads%3A24%2C35%2C690%2C1%2C156%2C0%2C0%2C298%2C0%2C%2C%2C%2C1205%3Afp%3A1144%3Awn%3A6801%3Ahl%3A2%3Agdpr%3A14%3Av%3A1779%3Awv%3A2%3Ast%3A1576373007%3Au%3A1576373007628294543%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2 HTTP 302
- https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191215022327%3Aet%3A1576373007%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A720399094%3Ahid%3A528868601%3Ads%3A24%2C35%2C690%2C1%2C156%2C0%2C0%2C298%2C0%2C%2C%2C%2C1205%3Afp%3A1144%3Awn%3A6801%3Ahl%3A2%3Agdpr%3A14%3Av%3A1779%3Awv%3A2%3Ast%3A1576373007%3Au%3A1576373007628294543%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
ads.bid/ Redirect Chain
|
25 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
code.jivosite.com/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
landing.css
adblock.medicineteaser.org/css/ |
192 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 430 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close.png
adblock.medicineteaser.org/images/landing/ |
511 B 1020 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user-icon.png
adblock.medicineteaser.org/images/landing/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
adblock.medicineteaser.org/images/ |
12 KB 13 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sandwich.png
adblock.medicineteaser.org/images/landing/ |
225 B 733 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close-blue.png
adblock.medicineteaser.org/images/landing/ |
330 B 839 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
graph-mobile-3.png
adblock.medicineteaser.org/images/landing/ |
104 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notebook.png
adblock.medicineteaser.org/images/landing/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klyaksa.png
adblock.medicineteaser.org/images/landing/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fly-mac.png
adblock.medicineteaser.org/images/landing/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
telegram.png
adblock.medicineteaser.org/images/landing/ |
753 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vk.png
adblock.medicineteaser.org/images/landing/ |
908 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vk-hover.png
adblock.medicineteaser.org/images/landing/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skype.png
adblock.medicineteaser.org/images/landing/ |
964 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skype-hover.png
adblock.medicineteaser.org/images/landing/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mail.png
adblock.medicineteaser.org/images/landing/ |
691 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mail-hover.png
adblock.medicineteaser.org/images/landing/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
manifest.js
adblock.medicineteaser.org/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
adblock.medicineteaser.org/js/ |
1 MB 319 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
landing.js
adblock.medicineteaser.org/js/ |
42 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
74 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
yandex.ru/map-widget/v1/ Frame 631E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
yandex.ru/map-widget/v1/ Frame 6E35 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
26 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.js
mc.yandex.ru/metrika/ |
361 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openapi.js
vk.com/js/api/ |
96 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
11239_ads.bid.js
tag.oneretarget.com/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2843685072343467
connect.facebook.net/signals/config/ |
447 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bmOTGioHaW
code.jivosite.com/script/widget/config/ |
3 KB 3 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.googleadservices.com/pagead/conversion/696611158/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bmOTGioHaW
node132.jivosite.com/widget/status/1095537/ |
202 B 488 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-conversion/696611158/ Redirect Chain
|
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-bg.png
adblock.medicineteaser.org/images/landing/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Montserrat-SemiBold.woff
adblock.medicineteaser.org/fonts/montserrat/ |
135 KB 135 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_front.png
adblock.medicineteaser.org/images/landing/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Montserrat-Medium.woff
adblock.medicineteaser.org/fonts/montserrat/ |
135 KB 136 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Montserrat-Regular.woff
adblock.medicineteaser.org/fonts/montserrat/ |
135 KB 136 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Montserrat-Bold.woff
adblock.medicineteaser.org/fonts/montserrat/ |
136 KB 136 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 252 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
code.js
top-fwz1.mail.ru/js/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
73 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/55210021/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 445 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/55210021/ |
152 B 695 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/696611158/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtrg
vk.com/ |
49 B 328 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtrg
vk.com/ |
49 B 328 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtrg
vk.com/ |
49 B 328 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
counter
top-fwz1.mail.ru/ |
43 B 892 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tracker
top-fwz1.mail.ru/ |
43 B 892 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/696611158/ |
42 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/696611158/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 105 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle_ru_RU.js
code.jivosite.com/js/ |
1 MB 222 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tracker
top-fwz1.mail.ru/ |
43 B 800 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
306 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
agent_message.mp3
code.jivosite.com/sounds/ |
4 KB 4 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notification.mp3
code.jivosite.com/sounds/ |
6 KB 6 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outgoing_message.mp3
code.jivosite.com/sounds/ |
5 KB 5 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w
telemetry.jivosite.com/ Frame 2FF0 |
7 B 242 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| ym function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| webpackJsonp function| htmlParser function| postscribe object| _tmr function| Popper function| jQuery function| $ function| axios object| jivo_config object| Ya object| yaCounter55210021 function| gtag object| _oneretarget function| obj2qs object| fastXDM object| VK string| jivo_version object| jivo_api20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yandex.ru/ | Name: _ym_isad Value: 2 |
|
.yandex.ru/ | Name: i Value: dt/6k0Ucjddf8RYImnVZLTebMhgYvoxV8qMLw08zN2Wo7qiTxP+ma7ecx059BlH6eNRMcXzi4TR35pvB2Egdj++wWOo= |
|
.yandex.ru/ | Name: mda Value: 0 |
|
.yandex.ru/ | Name: _ym_wasSynced Value: %7B%22time%22%3A1576373008089%2C%22params%22%3A%7B%22eu%22%3A0%7D%2C%22bkParams%22%3A%7B%7D%7D |
|
.yandex.ru/ | Name: yandexuid Value: 6074879571576373006 |
|
.ads.bid/ | Name: _ym_isad Value: 2 |
|
.ads.bid/ | Name: _ym_visorc_55210021 Value: w |
|
.ads.bid/ | Name: tmr_lvidTS Value: 1576373007322 |
|
.ads.bid/ | Name: _ym_d Value: 1576373007 |
|
.ads.bid/ | Name: tmr_lvid Value: db1c8c3737aebb7ab5cd97307013c1d4 |
|
.ads.bid/ | Name: _ym_uid Value: 1576373007628294543 |
|
.ads.bid/ | Name: _gid Value: GA1.2.1104872381.1576373007 |
|
.yandex.ru/ | Name: _ym_d Value: 1576373008 |
|
.ads.bid/ | Name: tmr_reqNum Value: 3 |
|
ads.bid/ | Name: XSRF-TOKEN Value: eyJpdiI6IlFSRHRUdGlyb1RuNVFSUW95UDhrK2c9PSIsInZhbHVlIjoiOEg2T3lLcHJJMytxdFgzeGpqbHhoYW1GUG1UU3hcL1wvVU1wMEhcLzNlbXNwZXFHc05iYkR3TGtOTlJMc296QVliRSIsIm1hYyI6ImNiNzNmZDM2YzdkZTVlMDEwYTQyZWNkZjhhNDMzMWU5YjRhYTJhMDc5ZjdjMzg3OGVmOTk2ODkzMmY2NjQ0ZWIifQ%3D%3D |
|
.ads.bid/ | Name: _ga Value: GA1.2.1631825060.1576373007 |
|
ads.bid/ | Name: laravel_session Value: eyJpdiI6IlQwSzFRNitHQzh2bUJDYmI5VHpNbGc9PSIsInZhbHVlIjoiRTFpY241NGhFdW1vNmR2ck1CdDkwelVQR0lJZUlzekFhYTMrUGxLVFNpbnNDMVBrV3YzYmRteFlGWWhCclg3TiIsIm1hYyI6ImEwYWRiYjc0ZTRkY2Y3MzJkM2NiY2VmNTFkNmRmOThlNmE1ZDcwZmRjZTMyZTcwYjE3NWNjZDM2ZjYzMDhhOGQifQ%3D%3D |
|
.ads.bid/ | Name: _dc_gtm_UA-147625936-1 Value: 1 |
|
.yandex.ru/ | Name: _ym_uid Value: 1576373008473688571 |
|
.ads.bid/ | Name: _fbp Value: fb.1.1576373007047.1731987825 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2vaxwkujrfwh.info
adblock.medicineteaser.org
ads.bid
code.jivosite.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
mc.yandex.ru
node132.jivosite.com
stats.g.doubleclick.net
tag.oneretarget.com
telemetry.jivosite.com
top-fwz1.mail.ru
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
yandex.ru
172.217.22.2
217.69.133.145
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:816::2002
2a00:1450:4001:825::2003
2a00:1450:4001:825::2004
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9b
2a02:6b8::1:119
2a02:6b8:a::a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:9997::9997
54.155.68.125
77.246.156.238
87.240.137.158
88.208.54.88
94.130.66.148
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0cda93427f381fa612cce8702924b167a8b27dbedbaa45a7784423f0da02032b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
122c67b55b2b63b085c46ac045d9d7f72ecabf208357656b35444b6359412152
185fd7d03210fc6b943c7e0faf58594e7e61a60d866f802eccb7427a4a9ae07f
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1d0a103da6b7cdf67acf57ad7ebef4e64f241d5e2b2f154694815112d3686fed
215a175ce4fe873fe5ccb95770980ce28b5e46b844cd459f619e8371d5effc1e
2235e5326f4b9488e8595ca91413ad94653d6a40b849e602a6157fbcfc6399a6
23c88348f3c726fb54f09b238531e63f2a00042f7be0de87ce03640382caa7b0
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
284c96c27764afadb67daa628422d1494f48abca6c2ea5fd6bcd6d2a3eee3993
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3859f1b20059e3f44932a2f195a9a5512e9be713d3925f6cb879069b0616db25
3a003b3d92f70e76da4fc61a3983b2dd0fd618a7f69f886035a396959ee13b3b
3e474a9aa4585e4b725218f14b80676122743b25faf24bd3052ffcd869dbe5f9
42fafa8a6b3c7b737d1bed92ca4ec0c3c256092b125a265821a760ad3bb457b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61011e604925cf6ceb8f362be27d31b7d115ff7ae23839226609a5aabcae3992
61467e93a9af337db8fce804c104d36e6f4f1889452c94a69fc5519ca82c44c9
61af1af1d8efabd8776a11762213ad062864f71f77c2b90bf174a7e0f24f2e77
655e4df00465ca01a9193495e32a413c196baaa7cc5b64cc9796132e781578ad
685a60ca50a933acbd60c08347adbff1eb6612ac49209448a57bd6db30b0cb15
6a647ebd3d72866eb30720125c4cf2997fd30007f8cefb5bad1ebcfdd14a153e
6c9d42c490ae00fbdde95eca29bbcc932378f518f765a307344b2c25e681b5d5
709b3558ec592ef19670dccc09c169fb44bef7b1ca1a556a87e304729c648374
7141f75e8a65e837118c34935fb67ac42cb5d636b3e79dc4baa8ca9866d8dc40
7756ddc8ae5b4106cb0c82a79adfb3b61b43c99601e834ddcc35a6b9def0df7a
77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ee1f9d09cc295f7e7d827c53b0d7ae66752a502da527513377b1d4aa410ee76
900087ee075310da29b0516b9fdee9e16e77a82b96a5cc0a2f57fb0f778009b4
91b6e35955f69e4cf8e63c79e6a6e1faba19bbe3ff80aa629dffa1cf051bdbc8
938b47647e445588558766f22dba09262dce4354bc9df082ce03cac5aed2d5f3
984e5de85690373b09c8b16e4a74cf857851eae730c48254c33d55f4d35ca7ad
9da8657b6d7d7aad21d001303e0b87a8ab6a7dda4580e79d436feb346e3bbed2
a3dbceb309daebd30f05e8bf72bdf2e82b680b892399bd20c3d05673297d052b
a4168fee1facc89c4491707b70d6ffafb00b9db1136810ee509996c18bd8052b
a94634ad7084a964809c5de6ebe8f15c27da08a8e02bdc0129700e3823844290
af4173498e9ac13b961c00d3c60dd2acc7409827abf7e344d7aac17579d69580
c5a1a79d268069962313296646c46c5ca04756e0987cb304b60ae800c1394491
ccde94d69d0437bc1ded3c4fa23def4c65fbd899bd70e736590c31f543efb3cf
ce6d671c03faf0eed9e67e34cea57c406f402ccd680ad6c6495ae16e9c94e345
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e1632dc38a09dce6cb13781150c5c2559762113ac2fb5d3509827b2e23223742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47879993ba04778087685eb53bfc03caf05da15f89f87aec961bf7aa638817d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16f0ba0ff026f770fe84e32a59c045ec0fdd183d827ac3d854a3578c3b4ff13
f21638566beb7db0df8c58067ca66342b88d9a1d0f8b0ac625a75576c83319f7
f250dd7f428107dbb2fd26c9ce688d259e2d9cbd7f2719764298d9dff235e0cd
f7ea480101aeab8d9862060d9d6c1972e40f720dd5bb41efdc6e4f8d2edc9be0
fae0f024d64c27523a74161a0cfba30e78eb145f6c35a938db476c6165eb8ca2
fb7f38cf530b7271d33ce14ccf9f8363c7ba6947fd5b589d509c0a6a0267dea7
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43