hab.sifanoro.com
Open in
urlscan Pro
109.70.148.62
Public Scan
Effective URL: https://hab.sifanoro.com/
Submission: On February 17 via api from US — Scanned from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 17th 2024. Valid for: 3 months.
This is the only time hab.sifanoro.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 17 | 109.70.148.62 109.70.148.62 | 25369 (BANDWIDTH-AS) (BANDWIDTH-AS) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c07::5f | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c17::61 | 15169 (GOOGLE) (GOOGLE) | |
16 | 2607:f8b0:400... 2607:f8b0:4004:c07::9c | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4004:c06::5e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c08::71 | 15169 (GOOGLE) (GOOGLE) | |
11 | 2607:f8b0:400... 2607:f8b0:4004:c06::65 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2620:1ec:29:1... 2620:1ec:29:1::38 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 151.101.65.108 151.101.65.108 | 54113 (FASTLY) (FASTLY) | |
5 | 2607:f8b0:400... 2607:f8b0:4004:c09::84 | 15169 (GOOGLE) (GOOGLE) | |
2 5 | 2600:1408:540... 2600:1408:5400:7::170c:9225 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 68.67.179.164 68.67.179.164 | 29990 (ASN-APPNEX) (ASN-APPNEX) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c08::63 | 15169 (GOOGLE) (GOOGLE) | |
66 | 14 |
ASN25369 (BANDWIDTH-AS, GB)
PTR: greyhound.hostns.io
www.hab.sifanoro.com | |
hab.sifanoro.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com | |
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 |
385 KB |
17 |
sifanoro.com
1 redirects
www.hab.sifanoro.com hab.sifanoro.com |
215 KB |
12 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com — Cisco Umbrella Rank: 2 |
71 KB |
5 |
bing.com
2 redirects
www.bing.com — Cisco Umbrella Rank: 65 |
17 KB |
5 |
adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1940 nym1-ib.adnxs.com — Cisco Umbrella Rank: 1480 |
30 KB |
4 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 |
33 KB |
3 |
gstatic.com
fonts.gstatic.com |
48 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48 |
2 KB |
1 |
microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4545 |
31 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45 |
245 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52 |
93 KB |
66 | 11 |
Domain | Requested by | |
---|---|---|
16 | hab.sifanoro.com |
hab.sifanoro.com
|
12 | pagead2.googlesyndication.com |
hab.sifanoro.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
11 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
5 | www.bing.com |
2 redirects
googleads.g.doubleclick.net
|
5 | tpc.googlesyndication.com |
hab.sifanoro.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
4 | nym1-ib.adnxs.com |
googleads.g.doubleclick.net
cdn.adnxs.com |
4 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
hab.sifanoro.com
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | cdn.adnxs.com |
hab.sifanoro.com
|
1 | adsdk.microsoft.com |
hab.sifanoro.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
hab.sifanoro.com
|
1 | www.hab.sifanoro.com | 1 redirects |
66 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
wordpress.org |
www.candidthemes.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hab.sifanoro.com cPanel, Inc. Certification Authority |
2024-02-17 - 2024-05-17 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 03 |
2024-01-08 - 2024-07-06 |
6 months | crt.sh |
cdn.adnxs.com GeoTrust TLS RSA CA G1 |
2023-03-27 - 2024-04-26 |
a year | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
r.bing.com Microsoft Azure ECC TLS Issuing CA 05 |
2023-10-18 - 2024-06-27 |
8 months | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2023-02-13 - 2024-03-15 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://hab.sifanoro.com/
Frame ID: 15DF737C6860E7817C87C844BE3AA54E
Requests: 44 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 7E77D9251E2A461BBA9FEBD06B498C8E
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9466362027422135&output=html&adk=1812271804&adf=3025194257&lmt=1708210347&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fhab.sifanoro.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16~18&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708210347011&bpp=4&bdt=878&idt=247&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6780239304185&frm=20&pv=2&ga_vid=484174178.1708210347&ga_sid=1708210347&ga_hid=31390762&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081140%2C31081189%2C95324581%2C95325069%2C31081219%2C95321867%2C95324155%2C95324160%2C95325078&oid=2&pvsid=40976374770688&tmod=1665648942&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=273
Frame ID: D2D8B03AD75BB7AB9A427935E411B047
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C4CB7745D3F98628A64D31AC3DA69E5A
Requests: 1 HTTP requests in this frame
Frame:
https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 5B0118D1CE1F43DB573ADDF4FC8F4F05
Requests: 15 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15ED1A6129AF692C8C54DDD971642636
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 07346FCA33E50B3823FE122CB6D36304
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Hab sinPage URL History Show full URLs
-
https://www.hab.sifanoro.com/
HTTP 301
https://hab.sifanoro.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Slick (JavaScript Libraries) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
- (?:/([\d.]+))?/slick(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: A WordPress Commenter
Search URL Search Domain Scan URL
Title: Candid Themes
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.hab.sifanoro.com/
HTTP 301
https://hab.sifanoro.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=57b36fb2-d16a-4f48-a597-c7bcdf8547cf&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=3613e174-840e-4f87-bd9b-363d17522155&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dd345f192daaf44ebb566723f1a687d2e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_cp&aid=3076739186509404249&wp= HTTP 303
- https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d345f192daaf44ebb566723f1a687d2e&SNR=1&GV=2&med=10
- https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=57b36fb2-d16a-4f48-a597-c7bcdf8547cf&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=3613e174-840e-4f87-bd9b-363d17522155&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dd345f192daaf44ebb566723f1a687d2e%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_cp&aid=3076739186509404249&wp= HTTP 303
- https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d345f192daaf44ebb566723f1a687d2e&tids=15000&med=10
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hab.sifanoro.com/ Redirect Chain
|
105 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
hab.sifanoro.com/wp-includes/css/dist/block-library/ |
108 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 599 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 944 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.css
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ |
2 KB 526 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick-theme.css
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ |
3 KB 806 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
hab.sifanoro.com/wp-content/themes/fairy/ |
103 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
hab.sifanoro.com/wp-includes/js/jquery/ |
86 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
hab.sifanoro.com/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
280 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
147 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f044eac9-a8af-4f02-b19a-40903f05ef88
https://hab.sifanoro.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.js
hab.sifanoro.com/wp-content/themes/fairy/js/ |
3 KB 1021 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theia-sticky-sidebar.js
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ |
16 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.js
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ |
90 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imagesloaded.min.js
hab.sifanoro.com/wp-includes/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
masonry.min.js
hab.sifanoro.com/wp-includes/js/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
hab.sifanoro.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
hab.sifanoro.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ |
407 KB 138 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 7E77 |
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 245 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame D2D8 |
84 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ |
165 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-9466362027422135
fundingchoicesmessages.google.com/i/ |
182 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ |
90 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
pagead2.googlesyndication.com/pagead/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame C4CB |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxW652Q5Fnf7SQbn3JVmluy6JYXIE2YNFqOv6zE55dAjQoUSZQoKqImx6QNO8qSx1lk1wlUkyT4qEco7WZRROjTSmDUYkYXgccrTKAI_CQoX11aZXXRSdKK05cWfe4eG9wZCPZzuog==
fundingchoicesmessages.google.com/f/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 5B01 |
93 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trk.js
cdn.adnxs.com/v/s/241/ Frame 5B01 |
81 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5B01 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5B01 |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5B01 |
204 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
www.bing.com/aes/ Frame 5B01 Redirect Chain
|
0 545 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
www.bing.com/ Frame 5B01 |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rd_log
nym1-ib.adnxs.com/ Frame 5B01 |
0 657 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
vevent
nym1-ib.adnxs.com/ Frame 5B01 |
0 680 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 5B01 |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 5B01 |
0 23 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
it
nym1-ib.adnxs.com/ Frame 5B01 |
0 656 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15ED |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 0734 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
slider.ad.
fundingchoicesmessages.google.com/f/AGSKWxVASrojwp4HqMecmyTLewfENSwGt8HCi9T7uyvv-8GjEZfsRxIMv0TeGu-u3KytoJXO4-l8NO8IQAsMQKgH3rETPka7KGLiDaQHld3MrTsy3GHmrdzQdYT9qLfcnu3SJDNBzWCOge1YrwZDppFgdWKlF0bGS... |
54 B 110 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ |
47 B 67 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 15ED |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxVrgpf4dQlUoHiH0tS4kQcrhhnxYDiaSM7wNJlwBPPzG5z9Cj5-Ap2equ57scfLKDOU_tMSWlr-Kdn6UJKRAhsKBJ-EAjLVYKr36h0nnkNhnoqECiOO7_WIgjyvPpn8aI3p_0cAEA==
fundingchoicesmessages.google.com/f/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 0734 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 15ED |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxWPuvBP-j7Tiw9KmQVs0Y7Mq-PD7GLD0F6u86CTJ_uBrskpI0UasDCuxWHbrpJZu2Bxaby9QAJFjQ2T_T4qeC8AyNE42OR-0b5GZJvBTTb_3iEVQEA161lAFiyZOzM8MBhbz71ZqQ==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUcNU1BCcKl14HcppZomEeHtc4jLdGsyIs4Yeq_rc_kBIt8b0JGdtMeYvcxllKT7GSHXiWRXBlAGAPFR5uMyYS1b6qPVLAYLEUyzeB4zlpjVYc02k8wKZ-2zCSNHNT378f2QNn8Jg==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVwS5g1W3qUy0LmwYp6UeVo0FDYe6DsJry8EeMic0omLwCUlb84fNKy_ZIrqa_ouOmaIxyirzEIac2mNM3HjKo2R-GVjxSDV9Al9WUlKxWmC2Pd7BG4-cb-te3ISBb8tyMLvsuxnQ==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
vevent
nym1-ib.adnxs.com/ Frame 5B01 |
0 679 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c.gif
www.bing.com/aes/ Frame 5B01 Redirect Chain
|
0 18 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B01 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
117 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| nav_tag function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element boolean| ai_process_elements_active function| MobileDetect function| ai_process_lists boolean| ai_js_code function| goToTop object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NDY5OGE1YzQ1MTI4MzY5YmxvYWRlcl9qcw== string| NDY5OGE1YzQ1MTI4MzY5YmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag object| GoogleGcLKhOms boolean| google_empty_script_included boolean| 8ec47ca5-5edf-429d-abb9-4e440271d356 object| google_image_requests9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sifanoro.com/ | Name: _ga_P458M37XVJ Value: GS1.1.1708210347.1.0.1708210347.0.0.0 |
|
.sifanoro.com/ | Name: _ga Value: GA1.1.484174178.1708210347 |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.bing.com/ | Name: MUID Value: 006FEE558457693A123EFA7D859068A2 |
|
.sifanoro.com/ | Name: __gads Value: ID=5c52686af34d41dd:T=1708210347:RT=1708210347:S=ALNI_MYJExajdnvpzbPCeeZfM_VT4DPpZA |
|
.sifanoro.com/ | Name: __gpi Value: UID=00000dcad61e9da2:T=1708210347:RT=1708210347:S=ALNI_MbDisOQK49t7XiYQIN6UPzVseupqQ |
|
.sifanoro.com/ | Name: __eoi Value: ID=b672487b4d78194b:T=1708210347:RT=1708210347:S=AA-Afja1XHvrjHm5dDIiOL6S8KAx |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnethA0Z5BgVZehb9OHK3ylsopDuhkxOMlFBIlG7ihz6ab2ibWV6erXMjOceZo |
|
.sifanoro.com/ | Name: FCNEC Value: %5B%5B%22AKsRol9Vq1cc5VjYMbtvPPAGy7_DbuhXWMm5x-Z6tlAkSiwZbqcsqlxA8soy0WthXy_H_ydEuFtfiQkKJ8D33oCcf0MHN86EVLyV8j80l8ulN45N7CVfM06XWjYa31c88ADoSZxtBfdN9Oh8YVd8zAbUMHqTIuWWfQ%3D%3D%22%5D%5D |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adsdk.microsoft.com
cdn.adnxs.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hab.sifanoro.com
nym1-ib.adnxs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hab.sifanoro.com
109.70.148.62
151.101.65.108
2600:1408:5400:7::170c:9225
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::65
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::63
2607:f8b0:4004:c08::71
2607:f8b0:4004:c09::84
2607:f8b0:4004:c17::61
2620:1ec:29:1::38
68.67.179.164
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
018da23a9f13dd5042bd624238bcd1f017b0cbba6339069a2a7a009311fc7d30
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1
0a5be79b8c932028f14780db4e40a063803f5fddf5b40d595cacea88b3d48c0b
19adc4a55ecbc2288bef9222e072e5e80f78752791cf4efe86030a97afadb734
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c
2bc2a6e1f5ee6c31781e0b037984e25e47da9ca32682b8208291366d6bf4755f
2be0bb4ae4ebc787f3dfa9b336144bd74e65d2101413c30b9befc4513081b065
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36f2840a6b0bfd5079dc22329ff6754c006affd611b4f1244a58c44b60289d1d
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457895dffcacf56d61e8ef4b25a9fa4cdca4429f3424cf8a1cbc4bb9ae7a804d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
59b80782ed79e574293cde378d8f0a42ef167cf5cb07cf944b34761e632b0ed5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638a7002e03d7b0dd89a369d8997a8a7d2f7558b03c22950a4feea6842a46d82
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
87b3aaa273d83e411e0068f909570dca37d520b93d3bf0276b329549d4a6bed3
92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a37c1ae4753e4d5dc3902ba4737a44d813eb4891ee26ca8c94b0e4a089068f23
ab5fbe63ee0785bb10ce8ca992371098297e54a2c9814b6c7a704ad0fc36d59a
afe98f8b8845ca7a1b92397e5a310c0a88b8c1bd2f55c58a813bdd9792114085
b4104381f660e261e004d9191b69030554d2e256f3524479b12dcb88263f36e0
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
bc3f0979e101efe27fcee670fe0fa77355e102e5f42680028ecd56d32b3089f6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d1fe17a123a6e2690721e9f55f3e96f5a3f77d820e104150f32cd38cea03f177
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e2f9fea49ed780b05a93acff0476a7d1a026d74f942afe3a213e20b44031ddf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f388048df43af18022331a39e86b4bb8c0b5222a1e82600082f07a78cab67979
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929