mail.savingscorner.org
Open in
urlscan Pro
2001:df0:27b:2::3:c2f3
Public Scan
Submission: On January 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on December 8th 2023. Valid for: 3 months.
This is the only time mail.savingscorner.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 2001:df0:27b:... 2001:df0:27b:2::3:c2f3 | 58487 (CRI-AS-AP...) (CRI-AS-AP CV. Rumahweb Indonesia) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:822::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80e::2008 | 15169 (GOOGLE) (GOOGLE) | |
7 | 2607:f8b0:400... 2607:f8b0:4006:80a::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:823::2003 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2607:f8b0:400... 2607:f8b0:4006:809::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:36::178 | 15169 (GOOGLE) (GOOGLE) | |
14 | 2607:f8b0:400... 2607:f8b0:4006:80e::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:80d::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
62 | 11 |
ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID)
mail.savingscorner.org | |
savingscorner.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
savingscorner.org
mail.savingscorner.org savingscorner.org |
359 KB |
15 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 www.google.com — Cisco Umbrella Rank: 6 |
71 KB |
10 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185 |
275 KB |
5 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 |
11 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101 |
250 B |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
78 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115 |
2 KB |
62 | 8 |
Domain | Requested by | |
---|---|---|
26 | savingscorner.org |
mail.savingscorner.org
|
14 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
7 | pagead2.googlesyndication.com |
mail.savingscorner.org
pagead2.googlesyndication.com tpc.googlesyndication.com |
5 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.googletagmanager.com |
mail.savingscorner.org
|
1 | fonts.googleapis.com |
mail.savingscorner.org
|
1 | mail.savingscorner.org | |
62 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
savingscorner.org |
www.facebook.com |
twitter.com |
amazenesia.com |
trialtechno.com |
sharingilmu.web.id |
Subject Issuer | Validity | Valid | |
---|---|---|---|
savingscorner.org R3 |
2023-12-08 - 2024-03-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://mail.savingscorner.org/
Frame ID: 470D10007E8630096D5333385A91A79C
Requests: 52 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Frame ID: 752D07C6D28DCCFF7086C4A8552FE567
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9415570300629968&output=html&adk=1812271804&adf=3025194257&lmt=1704674120&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fmail.savingscorner.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704674120270&bpp=4&bdt=1058&idt=249&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=924592574551&frm=20&pv=2&ga_vid=2029385248.1704674120&ga_sid=1704674121&ga_hid=1029874664&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320378&oid=2&pvsid=199561728687895&tmod=1524967175&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: 54DF6733A6B040A527C79C72A3ED6061
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9415570300629968&output=html&h=280&slotname=9334563689&adk=4010461371&adf=4265191846&pi=t.ma~as.9334563689&w=1150&fwrn=4&fwrnh=100&lmt=1704674120&rafmt=1&format=1150x280&url=https%3A%2F%2Fmail.savingscorner.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704674120274&bpp=2&bdt=1062&idt=298&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=924592574551&frm=20&pv=1&ga_vid=2029385248.1704674120&ga_sid=1704674121&ga_hid=1029874664&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320378&oid=2&pvsid=199561728687895&tmod=1524967175&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303
Frame ID: 8028B552CE9EDB1F2197EEB74058EB39
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9415570300629968&output=html&h=523&slotname=5299949905&adk=279982646&adf=1924015800&pi=t.ma~as.5299949905&w=788&lmt=1704674120&rafmt=11&format=788x523&url=https%3A%2F%2Fmail.savingscorner.org%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704674120276&bpp=1&bdt=1064&idt=304&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=924592574551&frm=20&pv=1&ga_vid=2029385248.1704674120&ga_sid=1704674121&ga_hid=1029874664&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320378&oid=2&pvsid=199561728687895&tmod=1524967175&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=309
Frame ID: 18BE3FE8D0BE2B6618D46306D0CEF616
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9415570300629968&output=html&h=600&slotname=3781518949&adk=1709138295&adf=2617714903&pi=t.ma~as.3781518949&w=300&fwrn=4&fwrnh=100&lmt=1704674120&rafmt=1&format=300x600&url=https%3A%2F%2Fmail.savingscorner.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704674120277&bpp=1&bdt=1066&idt=311&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C788x523&nras=1&correlator=924592574551&frm=20&pv=1&ga_vid=2029385248.1704674120&ga_sid=1704674121&ga_hid=1029874664&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320378&oid=2&pvsid=199561728687895&tmod=1524967175&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=316
Frame ID: D7ADA55B88AC645696EB233E7954E610
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2713A5DFCC7B0BAC772D847D8BCED8B9
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 19B1D7D663266F557F481B609D6BF4E4
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Savings Corner - Knowledge About Insurance and InvestmentDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
49 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: RSS
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Uncategorized
Search URL Search Domain Scan URL
Title: admin
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: Credit Card Company That You Can Trust: Chase
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: Learning About Cash Back Credit Cards: Good or Bad Idea?
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: Credit card debt: A problem called ‘Credit Card Debt ‘
Search URL Search Domain Scan URL
Title: Share
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: 2
Search URL Search Domain Scan URL
Title: 45
Search URL Search Domain Scan URL
Title: NerdWallet
Search URL Search Domain Scan URL
Title: Credit
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: December
Search URL Search Domain Scan URL
Title: Calculator
Search URL Search Domain Scan URL
Title: Disclaimer
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Amazenesia.com
Search URL Search Domain Scan URL
Title: Trialtechno.com
Search URL Search Domain Scan URL
Title: Sharingilmu.web.id
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mail.savingscorner.org/ |
84 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
majalahpro-core.css
savingscorner.org/wp-content/plugins/majalahpro-core/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dashicons.min.css
savingscorner.org/wp-includes/css/ |
58 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontend.min.css
savingscorner.org/wp-content/plugins/post-views-counter/css/ |
215 B 171 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
22 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
savingscorner.org/wp-content/themes/majalahpro/ |
70 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
savingscorner.org/wp-includes/js/jquery/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
savingscorner.org/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
219 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Savings_Corner-removebg-preview-Copy-Copy-1.png
savingscorner.org/wp-content/uploads/2023/08/ |
70 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rss-feeds-700x350.png
savingscorner.org/wp-content/uploads/2024/01/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NW-default_og-image-700x350.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1703718305_NW-default_og-image-700x350.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GettyImages-1205473468-1440x864-700x350.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GettyImages-1278843079-1440x864-700x350.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rss-feeds-148x111.png
savingscorner.org/wp-content/uploads/2024/01/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NW-default_og-image-148x111.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1703718305_NW-default_og-image-148x111.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GettyImages-1205473468-1440x864-148x111.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GettyImages-1278843079-1440x864-148x111.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js-plugin-min.js
savingscorner.org/wp-content/themes/majalahpro/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infinite-scroll-custom.js
savingscorner.org/wp-content/themes/majalahpro/js/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vanilla-js-tabs.js
savingscorner.org/wp-content/themes/majalahpro/js/ |
1 KB 552 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splide.min.js
savingscorner.org/wp-content/themes/majalahpro/js/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splide-custom.js
savingscorner.org/wp-content/themes/majalahpro/js/ |
620 B 332 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
customscript.js
savingscorner.org/wp-content/themes/majalahpro/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a621e7bd-e657-4139-a9f2-292535d9b236
https://mail.savingscorner.org/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Food-truck-148x111.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FB-professional-degrees-student-debt-study-story-148x111.jpg
savingscorner.org/wp-content/uploads/2023/12/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ |
403 KB 136 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame 752D |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 54DF |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 8028 |
730 B 583 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 18BE |
730 B 532 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame D7AD |
730 B 530 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
savingscorner.org/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-9415570300629968
fundingchoicesmessages.google.com/i/ |
182 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxXkBkmfRdafX4A2qO9Ft9ho9OMqgXyq5FT8Cb_bhYBVFk77v3AhQz4B9mTTfX06ZN6xqRcbLC0dMHMuPYksgXxfyFmVSdQDclRvvasoLYRYdAtrKP-l1Ff-_1R6rgEhMxiSpEaRdQ==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxU003JzgQB9JfgHyiVn9VG7H2Sdqg58ZQxk3BeE3nB4Z3pH8SjNk9CwqHnKPXl9J37b7FhUwEjiOqG30OE7x1pFz7bQsgVHs8vISCylEet4VlB2DLlrp-ipLCRvM3Vnimc8rTyikw==
fundingchoicesmessages.google.com/f/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2713 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 19B1 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 2713 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 2713 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 19B1 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
px.gif
fundingchoicesmessages.google.com/img/ |
43 B 68 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
px.gif
fundingchoicesmessages.google.com/img/ |
43 B 68 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUybWlQpaY4O8__wyLXZZEGzIPllyfSZDccDwEJH8TwyqRukuNtPNigvXU2cS7ryAsZNoHcCnxjVgWYNdN9MBNBQWDI6OKy4-LJ6q2Yi1ySlFMJzMsrsbdcbijurlxSQ0bdtwPV8w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adtext.
fundingchoicesmessages.google.com/f/AGSKWxU6WeaJbsaYwq8DUJi9Lr8Q4PIhYRwkcTe2JaqOB5FMBp05nw8vg9T7mHjcaGME5fdZ0gYfE4ton0B5KLYg4YZcZ2L5Pvf-91y3jiRjGw9TFZ6nUcM9Ug9-zlhJsJH-RxiaqlX04UrMJgobtkE0xHOVCS1_2... |
54 B 109 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUybWlQpaY4O8__wyLXZZEGzIPllyfSZDccDwEJH8TwyqRukuNtPNigvXU2cS7ryAsZNoHcCnxjVgWYNdN9MBNBQWDI6OKy4-LJ6q2Yi1ySlFMJzMsrsbdcbijurlxSQ0bdtwPV8w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUybWlQpaY4O8__wyLXZZEGzIPllyfSZDccDwEJH8TwyqRukuNtPNigvXU2cS7ryAsZNoHcCnxjVgWYNdN9MBNBQWDI6OKy4-LJ6q2Yi1ySlFMJzMsrsbdcbijurlxSQ0bdtwPV8w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUybWlQpaY4O8__wyLXZZEGzIPllyfSZDccDwEJH8TwyqRukuNtPNigvXU2cS7ryAsZNoHcCnxjVgWYNdN9MBNBQWDI6OKy4-LJ6q2Yi1ySlFMJzMsrsbdcbijurlxSQ0bdtwPV8w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUybWlQpaY4O8__wyLXZZEGzIPllyfSZDccDwEJH8TwyqRukuNtPNigvXU2cS7ryAsZNoHcCnxjVgWYNdN9MBNBQWDI6OKy4-LJ6q2Yi1ySlFMJzMsrsbdcbijurlxSQ0bdtwPV8w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxXsqiIBAr1TLN2mGyOV5oGsIth5IfX_OfwswZJmiAVyf4OGTNp9s4t1zBY2olnRZCNP-XhYJnJqyEZGDBY6pkst88RL3OIgIf2gzLo4ojuUC377i3gihg0uTtA9qZB_V1-cDtotNw==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVn05afNzDZg4fjorZrWpHPFJKrtM8OKcxIWrYPjcSGFlYgg4kY42sUP35mPDoboaE0RBvJdQScI33IPNy97Ei9jRCIAiv3lhqLskgZMdTCsu7C-3EZTbfmtgnOjgabFhHyjF2xVA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUybWlQpaY4O8__wyLXZZEGzIPllyfSZDccDwEJH8TwyqRukuNtPNigvXU2cS7ryAsZNoHcCnxjVgWYNdN9MBNBQWDI6OKy4-LJ6q2Yi1ySlFMJzMsrsbdcbijurlxSQ0bdtwPV8w==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| gaGlobal object| sidr object| gmrobjinf function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| jQueryBridget function| EvEmitter object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded function| Tabs function| At object| n function| t function| Splide object| twemoji object| wp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTBiN2MxZDJiYTM3ZWUxN2xvYWRlcl9qcw== string| ZTBiN2MxZDJiYTM3ZWUxN2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms object| google_image_requests boolean| 1afb01e7-5582-4e16-a577-8ba7fa7749496 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.savingscorner.org/ | Name: _ga_XKHLMJXVH9 Value: GS1.1.1704674120.1.0.1704674120.0.0.0 |
|
.savingscorner.org/ | Name: _ga Value: GA1.1.2029385248.1704674120 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.savingscorner.org/ | Name: __gads Value: ID=28c1a0ec741e1378:T=1704674120:RT=1704674120:S=ALNI_MYo8fI4WDhgEWNSIr8yWN9RBNzFIA |
|
.savingscorner.org/ | Name: __gpi Value: UID=00000db5363bb3b7:T=1704674120:RT=1704674120:S=ALNI_MZ8wHPbDKpPWm49CQ0De5VhXcxB3Q |
|
.savingscorner.org/ | Name: FCNEC Value: %5B%5B%22AKsRol-K2K3zSDTOOXJvV7WrWGW-LAwUv2Ibs2OaKXLT9M8gLNObgxvzsuUVt_IkMY77DhiSwSaSZrXx4QmG5_LC1h6AKyjTyZxB0_mpzmXSc3RvXwHh09kXekEgOSBHFy3-XMTn91Q4OR_AqqVyxNo8OVb0vJAV8g%3D%3D%22%5D%5D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mail.savingscorner.org
pagead2.googlesyndication.com
savingscorner.org
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:36::178
2001:df0:27b:2::3:c2f3
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2003
0028b8250bc817fa0d47fdac55f9dd0b9728ff8bdc6671daf67f85bda3ed309a
03e148538b9fcf13db5414fb932c570c1bb6a2e6584f88e66c85714a7ab6b8a3
0ba5fb094b3a9282083219448bfe2cb2031eccfbf76787ba1830d18752c7d713
0e7883ba90053c9f08c1c6fb628868d8d2d80fac680a9b3ef2a204e0ed552874
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1f81cc0a1717b7ce3f011c594b7188d9b1213b168b397cd8614ed147b9924feb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4480d364a8916b60db4fcb36def9bee473099789bf01c81196858f0ae88eaa74
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
483885b9bff877626debab82912f6bac4847b160617d814a7242fbd97b0ebdf8
491fde704d66eeb9eb42a694e3733234a60105148f6113ab820ff96bbdd67316
4eadfd1658a0f0c99ac7f4a239835c40e29a5b888d45a4d2659658336bd3f2d6
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
513eb9ef8c94d9836fc01ddf31a996e7313215f614aaab7934d86937e58c0196
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5320fc31163b87db51219c99003193885c0d940d9930b7d981c0de542498f438
54cf8983c68e80639b3cdbd6e5f41fda52aa95dd02f6c88d52b600689cabfb76
55474ebec44008d4d00a9f6a0c10b81933805741c0df7dbc355301e3c7c514bc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582cecc99a3bc123dce67afbf631b3fb6811073a37dbe83080e30639c3c2781d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ca106488dc6cfc26e87aabb633d05a2e59f0f4ad6c02c35b7ba47d4b1e535dc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62673e6c47b0d4d585f8ba2bdac26749e7084060cac1cf8d29788c2248a5a6dd
6a10b6cd936ef0140c1675c532589d1195530faaae46cf46710fa81f9e17e51f
6caab38d200257e008164259bf4374f122da1d8572e3bbdb5233d08ba022ec49
70afb94654e3e2001e6deff7e6d7cb95e4adc8977dcb1b6290f6861d03e681f0
73bd5fe3407ff464f8f783180b776799e762b803f64908fe7b7a11151309dde4
851a934721a28409326b95e7a72246a38d41df7f492248ababede9fe018d8402
a083b7975fb40afa41b1cfaef77899ae083b9147e0dc509232eb377bc4dafc61
a478c138c14594a13d9e115d18c269ef97762e8ab68519e4bb2e500ef40de415
b72d6067d9c99b367a664d0649c2e199a372641fe8baeca728b8e68befe769c3
ba69daffec97ee045338b8be958f71045659c4e7d090239dc271184e73ea9e25
ba7e7fb406d091f99c4b90bdb9b7ac10a4ecbfd25ad3a96cf9be207473199049
bbf2f2887255673a7473f1255ceef6d76b0d0e4ea78aa6f210fbf427908e29e7
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c363258ff11df91e3999359920c248af9b986f1b6a4df1c7c4a23477291da616
c68a4a921fc1d20b89ddb353e646f349e5e7340eef70de4415b858b887699e17
cd15f25a077dc43728842e5160a4e29247b793439640c83f040786aea76f4816
d223fdd205247c14bedb174cb422496f4c60075156aa52f7c3125477a8b2d153
d38aeb88520fa1c43ffc51af3b4765393f8b132c64463750945b6f94a9adba74
d953e6554d76b8147697837f157892425c11db8deadfe32a397838864aeee6ad
da88ad3463892ab3a592763bea728bc463941705a2559798b7b7b0e297dd06f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e807ff953c617619bc0c51a37c11cb6e5a7753be06f71e2ce35724606af47eec
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb274b1463d42570550a4cb21c4aa995e59f9de323b893bea4157935ca56af6b
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
f1d85ddd345af8a206e22287b8875025e9920b0d9b1ceb92c480da4869664a0a
f68baa376e9a27109e575e5e38026963a500cba4929daae30db73fd83901eef0