![](/screenshots/5f0a1826-5783-4d61-a8fb-bcddbed5dad8.png)
www.espreso.co.rs
Open in
urlscan Pro
51.15.154.187
Public Scan
Submission: On February 27 via api from IT — Scanned from FR
Summary
TLS certificate: Issued by R3 on December 25th 2021. Valid for: 3 months.
This is the only time www.espreso.co.rs was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
static.chartbeat.com |
ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org |
ASN16509 (AMAZON-02, US)
secure.quantserve.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-30-16.compute-1.amazonaws.com
ping.chartbeat.net |
ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.25.45.69.159.clients.your-server.de
espresors.mycleverpush.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-32-18.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
espreso.co.rs
www.espreso.co.rs — Cisco Umbrella Rank: 252046 glossy.espreso.co.rs — Cisco Umbrella Rank: 434063 |
907 KB |
14 |
cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 17517 api.cleverpush.com — Cisco Umbrella Rank: 17470 |
127 KB |
7 |
consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863 |
176 KB |
5 |
gemius.pl
1 redirects
gars.hit.gemius.pl — Cisco Umbrella Rank: 102686 ls.hit.gemius.pl — Cisco Umbrella Rank: 13343 |
15 KB |
4 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 |
150 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
20 KB |
3 |
adriamediacontent.com
www.adriamediacontent.com — Cisco Umbrella Rank: 239300 |
17 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
499 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126 |
113 KB |
1 |
mycleverpush.com
espresors.mycleverpush.com |
25 KB |
1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770 |
602 B |
1 |
google.fr
www.google.fr — Cisco Umbrella Rank: 15945 |
501 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
501 B |
1 |
chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1099 |
201 B |
1 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829 |
10 KB |
1 |
chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1242 |
14 KB |
79 | 16 |
Domain | Requested by | |
---|---|---|
29 | www.espreso.co.rs |
www.espreso.co.rs
|
10 | static.cleverpush.com |
www.espreso.co.rs
static.cleverpush.com espresors.mycleverpush.com |
5 | quantcast.mgr.consensu.org |
www.espreso.co.rs
quantcast.mgr.consensu.org |
4 | api.cleverpush.com |
static.cleverpush.com
|
4 | glossy.espreso.co.rs |
www.espreso.co.rs
|
4 | gars.hit.gemius.pl |
1 redirects
www.espreso.co.rs
gars.hit.gemius.pl |
3 | www.google-analytics.com |
www.espreso.co.rs
www.google-analytics.com |
3 | www.adriamediacontent.com |
www.espreso.co.rs
www.adriamediacontent.com |
3 | securepubads.g.doubleclick.net |
www.espreso.co.rs
securepubads.g.doubleclick.net |
2 | www.facebook.com |
www.espreso.co.rs
|
2 | connect.facebook.net |
www.espreso.co.rs
connect.facebook.net |
1 | audit-tcfv2.quantcast.mgr.consensu.org |
quantcast.mgr.consensu.org
|
1 | espresors.mycleverpush.com |
static.cleverpush.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | test.quantcast.mgr.consensu.org |
quantcast.mgr.consensu.org
|
1 | www.google.fr |
www.espreso.co.rs
|
1 | www.google.com |
www.espreso.co.rs
|
1 | ls.hit.gemius.pl |
gars.hit.gemius.pl
|
1 | ping.chartbeat.net |
www.espreso.co.rs
|
1 | secure.quantserve.com |
quantcast.mgr.consensu.org
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | static.chartbeat.com |
www.espreso.co.rs
|
79 | 22 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
espreso.rs R3 |
2021-12-25 - 2022-03-25 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
www.adriamediacontent.com R3 |
2021-12-25 - 2022-03-25 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-12 - 2022-07-11 |
a year | crt.sh |
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA |
2021-09-08 - 2022-09-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-12-07 - 2022-03-07 |
3 months | crt.sh |
*.chartbeat.com Thawte RSA CA 2018 |
2021-05-20 - 2022-06-03 |
a year | crt.sh |
quantcast.mgr.consensu.org Amazon |
2021-04-24 - 2022-05-23 |
a year | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2021-12-01 - 2022-12-30 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.google.fr GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-04 - 2022-06-04 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.espreso.co.rs/
Frame ID: B91F6147401650098CD25CFC7530AE55
Requests: 73 HTTP requests in this frame
Frame:
https://ls.hit.gemius.pl/lsget.html
Frame ID: 5A782F5F672809C0449FA45C3A55D988
Requests: 1 HTTP requests in this frame
Frame:
https://espresors.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.espreso.co.rs
Frame ID: 822822F9354CA87084F779D6A921F3A2
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/5f0a1826-5783-4d61-a8fb-bcddbed5dad8.png)
Page Title
Espreso - Najbrže rastući portal u Srbiji i regionuDetected technologies
![](/vendor/wappa/icons/Chartbeat.png)
Detected patterns
- chartbeat\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Gemius.png)
Detected patterns
- hit\.gemius\.pl/xgemius\.js
- hit\.gemius\.pl
- xgemius\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Quantcast.png)
Detected patterns
- quantcast\.mgr\.consensu\.org
![](/vendor/wappa/icons/Quantcast.png)
Detected patterns
- \.quantserve\.com/quant\.js
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title: Glossy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Poznati
Search URL Search Domain Scan URL
Title: Moda i lepota
Search URL Search Domain Scan URL
Title: Zdravi i srećni
Search URL Search Domain Scan URL
Title: Ljubav i seks
Search URL Search Domain Scan URL
Title: Porodica
Search URL Search Domain Scan URL
Title: Karijera
Search URL Search Domain Scan URL
Title: Zabava
Search URL Search Domain Scan URL
Title: Galerije
Search URL Search Domain Scan URL
Title: Horoskop
Search URL Search Domain Scan URL
Title: Ako mislite da je ovo Kim Kardašijan — PROTRLJAJTE OČI: Kanje Vest našao utehu u 20 godina MLAĐOJ KOPIJI svoje bivše
Search URL Search Domain Scan URL
Title: "Sve sam stekla sama": Georgina Rodrigez kaže da od Ronalda ne uzima NI PARU, reakcije su BRUTALNE
Search URL Search Domain Scan URL
Title: Svi pogledi bili su PRIKOVANI ZA NJIH: Anastasija se srela s bivšim dečkom prvi put posle raskida (FOTO)
Search URL Search Domain Scan URL
Title: Stvara ILUZIJU UŽEG STRUKA, nosi se i uz ravno i uz štikle: Kombinezon Dženifer Lopez savršen za milion prilika
Search URL Search Domain Scan URL
Title: Zašto MENSTRUACIJA TRAJE KRAĆE nego ranije? 10 stvari koje mogu da skrate krvarenje
Search URL Search Domain Scan URL
Title: Nakon drame i života u kontejneru — RADOST! Srpska glumica i hrvatski muzičar dobili sina i dali mu MOĆNO IME
Search URL Search Domain Scan URL
Title: Lepše niste videli ove sezone: Odelo Megan Foks koje će mnoge želeti, a malo koja žena umeti da nosi
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 67- https://gars.hit.gemius.pl/_1645981149584/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200<ime=213&lsdata=lPwazs3WOzJ9elVfxT3r7_gIbKId.jtYvQg61sz796H.E7IBpTxzwLsFikD7CgWnBG.sdZD1Ntubnr4HCRgjEwrZaNir/8lO6YBs_jlkY5/&fpdata=NYuwEqjVJlgqYXztvs.pmTEI1VKsklwQBLF4XDSn3iH..7&vis=1&fpcap= HTTP 301
- https://gars.hit.gemius.pl/__/_1645981149584/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200<ime=213&lsdata=lPwazs3WOzJ9elVfxT3r7_gIbKId.jtYvQg61sz796H.E7IBpTxzwLsFikD7CgWnBG.sdZD1Ntubnr4HCRgjEwrZaNir/8lO6YBs_jlkY5/&fpdata=NYuwEqjVJlgqYXztvs.pmTEI1VKsklwQBLF4XDSn3iH..7&vis=1&fpcap=
79 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.espreso.co.rs/ |
138 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin_cyrillic-regular.woff
www.espreso.co.rs/resources/fonts/ |
54 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin_cyrillic-700.woff
www.espreso.co.rs/resources/fonts/ |
57 KB 57 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-v18-latin-ext_latin_cyrillic-800.woff
www.espreso.co.rs/resources/fonts/ |
56 KB 57 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-v15-latin-ext_latin-700.woff
www.espreso.co.rs/resources/fonts/ |
36 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-v15-latin-ext_latin-800.woff
www.espreso.co.rs/resources/fonts/ |
36 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oswald-v35-latin-ext_latin-regular.woff
www.espreso.co.rs/resources/fonts/ |
27 KB 28 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-v-1644839886765.css
www.espreso.co.rs/resources/css/ |
120 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-v-1644839886765.js
www.espreso.co.rs/resources/js/ |
222 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
81 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubjelly.js
www.adriamediacontent.com/js/pubjelly/main/ |
42 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-h_logo.svg
www.espreso.co.rs/resources/images/svg/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appstore.png
www.espreso.co.rs/resources/images/vendor/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googleplay.png
www.espreso.co.rs/resources/images/vendor/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
934255_vladimir-zelenski_ls-s.jpg
www.espreso.co.rs/data/images/2021/05/06/15/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1119421_274632017-505384777842108-8558486591645829792-n_ls-s.jpg
www.espreso.co.rs/data/images/2022/02/27/17/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1117413_rat-putin_ls-s.jpg
www.espreso.co.rs/data/images/2022/02/24/09/ |
53 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1117789_vladimir-putin-rat-nato_ls-s.jpg
www.espreso.co.rs/data/images/2022/02/24/15/ |
46 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1085817_covid-19-omikron_ls-s.jpg
www.espreso.co.rs/data/images/2022/01/20/15/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy.png
www.espreso.co.rs/resources/images/ |
92 B 619 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QEYyvBDbS9x6vTwGL.js
static.cleverpush.com/channel/loader/ |
231 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
espreso_android_icon.png
www.espreso.co.rs/resources/images/android/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star_full.svg
www.espreso.co.rs/resources/images/android/ |
566 B 919 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star_empty.svg
www.espreso.co.rs/resources/images/android/ |
587 B 931 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xgemius.js
gars.hit.gemius.pl/ |
40 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svg.svg
www.espreso.co.rs/resources/images/svg/sprites/ |
13 KB 6 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bar_rijaliti.svg
www.espreso.co.rs/resources/images/menu/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat.js
static.chartbeat.com/js/ |
36 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
choice.js
quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
network_sprite.svg
www.espreso.co.rs/resources/images/footer/ |
59 KB 26 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
check_if_user_is_logged_in
www.espreso.co.rs/profil/ |
115 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 443 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 146 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1119317_miselin-1_ls-s.jpg
www.espreso.co.rs/data/images/2022/02/27/14/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1119327_sf-pocetna-februar_ls-s.jpg
www.espreso.co.rs/data/images/2022/02/27/14/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1119009_kijev_ls-s.jpg
www.espreso.co.rs/data/images/2022/02/26/09/ |
38 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
335868_kanje-vest-kim-kardasijan-h-56711101_ls-s.jpg
glossy.espreso.co.rs/data/images/2022/02/27/16/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
324990_profimedia0621792724_ls-s.jpg
glossy.espreso.co.rs/data/images/2021/07/16/15/ |
30 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
317904_djordje-i-anastasija-nemanja-nikolic_ls-s.jpg
glossy.espreso.co.rs/data/images/2021/03/09/14/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
335857_dzeniferlopezprofimedia0665133399_ls-s.jpg
glossy.espreso.co.rs/data/images/2022/02/27/14/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ |
178 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
322513038446696
connect.facebook.net/signals/config/ |
307 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.js
www.adriamediacontent.com/js/pubjelly/main/noc/ |
584 B 807 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wwwespresocors.js
www.adriamediacontent.com/js/pubjelly/main/cfg/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpdata.js
gars.hit.gemius.pl/ |
282 B 395 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lsget.html
ls.hit.gemius.pl/ Frame 5A78 |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.js
static.cleverpush.com/sdk/chunk/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
251.js
static.cleverpush.com/sdk/chunk/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
628.js
static.cleverpush.com/sdk/chunk/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl_2022022201.js
securepubads.g.doubleclick.net/gpt/ |
364 KB 122 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
75 B 100 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.fr/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ |
9 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-pLW1P-3X_Ppr5.js
rules.quantcount.com/ |
147 B 602 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
espresors.mycleverpush.com/ Frame 8228 |
67 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/39/ |
227 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list-trimmed-v1.json
quantcast.mgr.consensu.org/GVL-v2/ |
283 KB 33 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ |
153 KB 36 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audit-tcfv2.quantcast.mgr.consensu.org/ |
2 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.espreso.co.rs/resources/images/header/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rexdot.js
gars.hit.gemius.pl/__/_1645981149584/ Redirect Chain
|
169 B 425 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.js
static.cleverpush.com/sdk/chunk/ Frame 8228 |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
251.js
static.cleverpush.com/sdk/chunk/ Frame 8228 |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
173.js
static.cleverpush.com/sdk/chunk/ Frame 8228 |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
970.js
static.cleverpush.com/sdk/chunk/ |
46 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
720.js
static.cleverpush.com/sdk/chunk/ |
53 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
optin-visitor
api.cleverpush.com/channel/ |
16 B 715 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
optin-visitor
api.cleverpush.com/channel/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
confirm-alert
api.cleverpush.com/channel/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
confirm-alert
api.cleverpush.com/channel/ |
16 B 684 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fP2J7Li6TXqNmhvwE.png
static.cleverpush.com/notification/icon/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
151 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| structuredClone string| addr string| server_request_uri string| server_href boolean| mak_rfrsh boolean| comment_report_reqire_login string| login_system string| login_server string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event string| cdSiteContentCategory string| GoogleAnalyticsObject function| ga object| googletag object| pubjelly function| getCookie string| userFirstLastName string| userAvatar object| userProfileLink object| ticker object| list object| clone function| fbq function| _fbq object| _sf_async_config function| __tcfapi function| __uspapi number| pageAutoRefresh undefined| sharewindow object| bLazy undefined| didScroll function| androidAppShowDialog function| androidAppInstall function| androidAppCancel function| androidAppLocalStorageReset function| androidAppDontAskAnymore object| $mediaSlider object| $mediaThumb number| lastScrollTop number| delta number| navbarHeight function| hasScrolled function| slideToSlide function| setMediaDescription function| androidCheckVersion function| searchHeaderBtn function| searchHeader function| searchForm function| sideBoxTabs number| get_tpl_i function| get_tpl function| removeElement function| nl2br function| toTop object| $window function| equalHeight function| trim function| isEmail function| loadAntibot function| poll_init function| poll_check_votes function| poll_vote function| poll_show_results function| poll_show_answers function| getImagesFromLive function| _slice function| _slicedToArray function| _extends function| _toConsumableArray function| checkIfUserIsLoggedIn function| checkUserPreviousScrollPosition function| checkStrength function| addendLoader function| removeLoader function| setCookie function| checkCookie function| openLoginModal function| logOut function| resetAllValidationFields function| userProfile function| openRegisterModal function| showErrorMessage function| hideErrorMessage function| uploadAvatar function| getUrlVars function| removeHash boolean| com_loading function| com_load_more function| com_list number| antibot_id object| antibot_timeout function| com_form_init function| com_preview_init function| com_close_reply function| com_reset_antibot function| dataSet function| dataPush function| dataGet function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| loader boolean| finishLoding object| toastr function| Blazy object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| CleverPush object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _qevents object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| $jscomp function| $jscomp$lookupPolyfilledValue object| __pubJellyRuntime object| pbjs object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| ggeac object| google_js_reporting_queue function| __tcfapiui string| cmd string| pjSlotID function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.espreso.co.rs/ | Name: _ga Value: GA1.3.735132256.1645981149 |
|
.espreso.co.rs/ | Name: _gid Value: GA1.3.1318461533.1645981149 |
|
.espreso.co.rs/ | Name: _gat Value: 1 |
|
.espreso.co.rs/ | Name: _gat_tstTracker Value: 1 |
|
www.espreso.co.rs/ | Name: _cb_ls Value: 1 |
|
www.espreso.co.rs/ | Name: _cb Value: tqf6N5iNDyUls4O |
|
www.espreso.co.rs/ | Name: _chartbeat2 Value: .1645981149352.1645981149352.1.BhwApLBL93E3BLrXRnKzLPUDAY6W_.1 |
|
www.espreso.co.rs/ | Name: _cb_svref Value: null |
|
.espreso.co.rs/ | Name: espreso_front_session Value: cu2ba2f7tgc0b5rabb245c4682 |
|
www.espreso.co.rs/ | Name: X-Proxy-To Value: espreso-web4 |
|
.espreso.co.rs/ | Name: __gfp_64b Value: NYuwEqjVJlgqYXztvs.pmTEI1VKsklwQBLF4XDSn3iH..7|1645981149 |
|
.espreso.co.rs/ | Name: _fbp Value: fb.2.1645981149473.815643684 |
|
.facebook.com/ | Name: fr Value: 0afmPepIvHpqXoKK4..BiG63d...1.0.BiG63d. |
|
.hit.gemius.pl/ | Name: Gtest Value: KlxdjRGGQMQGMh0oj0V5voXissGMXP8c25nSGDzQpKD5XBG. |
|
.hit.gemius.pl/ | Name: Gdyn Value: KlSSpMMGQMQGMh0oj0V5voXissGMXP8c25nSGDzQpKD5FRxSG7RrGS6GtofBFlMXYH8Po1WrGQaPge9iaQG. |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.cleverpush.com
audit-tcfv2.quantcast.mgr.consensu.org
connect.facebook.net
espresors.mycleverpush.com
gars.hit.gemius.pl
glossy.espreso.co.rs
ls.hit.gemius.pl
ping.chartbeat.net
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cleverpush.com
stats.g.doubleclick.net
test.quantcast.mgr.consensu.org
www.adriamediacontent.com
www.espreso.co.rs
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
142.250.186.98
146.59.30.108
159.69.45.25
185.80.68.11
185.80.70.15
2600:9000:20eb:4400:18:1fcd:34f:cdc1
2600:9000:21f3:1400:3:a4cd:8380:93a1
2600:9000:21f3:9800:9:46dc:4700:93a1
2600:9000:2315:1600:6:44e3:f8c0:93a1
2606:4700:20::681a:e1f
2606:4700:20::681a:f1f
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c0b::9c
2a00:1450:400e:811::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
50.16.30.16
51.15.154.187
52.28.32.18
87.237.206.235
0c3a1e8e6871677c00440827c69eaa26022e5abaabd790fc1763523270db193c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1219e4426e9a9d5bb5eda873eae2fbb1d60d33b0286cf3f53c6240eb485d7255
1250cac1df26eff62cb52c6732a01bad753ba6c8299329177da2e43c714564f8
14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f
14f114045de4692a2c14b025eac02c30d3afb78709400205c221fc875cb45719
1564719793c9a5f868c35552c85c430684164192187d6b50f65ae7e2933ca0fb
1a501f92d5fd0d45ec8565ebf02f667d76afc4c160ae0e3f6ebf2cb39fb1b397
1b63d328bd3efaeabba360e426d9c3deb7819c41b6211b8bd318463841905a7d
21588ff06c8d62213aeb662895a415609340053243492e0c8255388e969eca0e
22882a69a2cd613b25bc774dded2d9d71c97bf0677d764e8bd270402a6802688
2770b375eb18d7a74fbbd60a0f9a14214857770f35dac85ce9c5daf9353faf97
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074
2e6016a96171a51e8428c040cf1401411c8c7471a7bb8945330d663e626918ef
2eaae326e3a0bf708624703a56f7b3574e3f893ec2c9154bbbb66d0f48c590e5
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
37d8bced2c9ce5998a53e111927c75b7bffb235ee5769db693ddb9d80eb1b0e2
3b3edb9e800725c1c56bf8aa7eee0773b1c0db5f95f264b711549e2b51b5361f
3b8c8515af46ee03159aba9b48c94f897acccd814a59b2f740ead16fdd058467
3c64e3cad0da54c6339aca12d719f300b43c65dcb8e6e9f720aaa5eb6f0c4d8e
3d27bca28a0b2c986f6234447d9077d5ec380a31aa3e30c2659e176ce276fcbc
3ec5374a644b10bdc31592eafb811f727a57f403125991b5fed36c60ef627ce7
4fe6ba458a6d212613c63605ac59645cb12246bf8ed4bfd415e98723c5794d29
501dcbc06fb55a77ff50fe8f3eb98df3d7d56995fee89e98f4b71dd09cb59a89
508a7fa3b5aa60c5493270c6157d37b16fe61451445ea0a35b76b1a6f5428799
52d8169d154ed7a7fcd6b89772f294bf39ea53c4ac108c0cb5ccf1d0d7278c8d
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a536c560589fc364daacce993cb96a9d60a30508a2fe008080f92c10a6decb0
5ff973bc8d474a3678a16e2e6c9def3f5feb3cddff5c7aeb2a22b09e30e04791
6823c4e0ae21ede8a86b5ae82853b39f6726f7e951ea31edf8aba3e7802a1f88
68395334bbc643405780d19423c243f69ea46d165e8b1ef9c05bd4925b69f7fb
70a119f49c6a92e4b79a8092581b55f90da41aaed9c8a52517262d19e8a82a25
72f7952ce5f82350d4e8bad68b10e4a9f8a315c63d0f2bc188e9fac31e43acd1
7970cf104f372b7249ec662b9ce731b7ec0098c2a80829a37353cafe0b3f7ca5
7ebf3024d7091007d0635f6f729158fd7168e2af56748254e80a0389f98a4abf
809a33502387f48aa29182e6ec5fabcffd5c1385c8bff91a1cd7325b36e119ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85bace1b7697af079d118c5c3dc36caaa75a758e426f1f71e55ac5d35335418c
901936a97e43601118c50ab8c11512f9649c528b22965231cbf48ee468c01b3e
95045347f438c2512764824b7bd997e68b8c18b06ef5c234962eba3b3024f6e8
96abd61c8fddc54426c233577dcc31c803542d5b561bc01dc3f447e46ed64d97
9c1bcb05f4d133741942c21b302862bb75e8d2f2b669f3e5846ab854c45f6a79
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1140d57421ae5baa9e14a690f2bac09054b2a9d355829623cbd719d845f3639
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e
a76d1bd757bd4fb0f5c6e6dd71a0127b9ae1bbb37979d34095b814a4c9287415
ad1a8d0cc688a8336fe1ef55376b3c15225dae06019cc76130acef7bc71999df
adc04bacf29c5f1d6b46f98f6eda184c81c6b58ffd8a0901e9ea3ab62b8fab00
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bffab0676dbca56f827f2e126d918975ce0777ffee3999a335fe4f62d5a085d8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca5a3fa71451559e4862c867d7e14433afd39c5e9479fe14912dbdc1e7581a33
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1fb7a09a782ba758c23a65209d65d5fa87d67f9d7e7b863f2510da9f573195f
d25690d08c08f3b223bc3fc14435b9afe19439cf2c04ff8050b12da2997ced23
d4ee2ee64d9a9ef902b3aea4977bb7c3eef5db95aa7507e1888e625947d53a8e
d6e04300c39eb6e44f46d5a45dd05237f85e1a8395ec9da05e7a859473ffca1b
d91a996c11346047337621b3b4a493fbbc71f39b3c2b23d0ce55b2e9590bfc0c
dc37c5df1557dff810cc07a09cc68e14995c644f9f422009a3ea0a660c244752
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e65d08671752da0aaf460af9e2a702b11d784fdc6bac707f7803fbfe4df9658e
e6dc67750af04c939b6bad22529e07df87eb5eea40247ea70b9dd45a01ccd18a
ed827e607bae3a4cedae42a0c0ca49c0dc4f158ddc6b6d97a38b5499eba0836f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef94505ee60677b6d7943aa3885f4c3cb76d8e6e6ac410d5b9f9014a6dcb1401
f1169162c66b01694fa58f2f34647bb942ed202ab44f5a533f3155990671f40b
f40746cab75cba8503d025e900c2d488813ebc528a16669a1308a2ffa83eee79
f696ef0ae3142ebbd97a69653e0e3e9b7a688fcf8d50818fec1d142080dd4c7d
fe51695a4ec686cc0bff2f425ec3f773c5be272d63d079eca59f40e8ce23e02f