![](/screenshots/6dff1e52-0810-4f79-9280-bf73ee2fcdfa.png)
agoraleaks.com
Open in
urlscan Pro
108.179.242.214
Public Scan
Submission: On October 19 via api from QA — Scanned from DE
Summary
This is the only time agoraleaks.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 108-179-242-214.unifiedlayer.com
agoraleaks.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-184-95-153.me-south-1.compute.amazonaws.com
www.adonboost.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: s3.me-south-1.amazonaws.com
s3.me-south-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-16-170-73-19.eu-north-1.compute.amazonaws.com
track.adonnews.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
agoraleaks.com
agoraleaks.com |
653 KB |
10 |
adonboost.com
4 redirects
www.adonboost.com |
12 KB |
8 |
youtube.com
www.youtube.com |
660 KB |
6 |
twitter.com
platform.twitter.com syndication.twitter.com |
148 KB |
6 |
adonnews.com
track.adonnews.com |
48 KB |
3 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net static.doubleclick.net |
2 KB |
3 |
addtoany.com
static.addtoany.com |
60 KB |
3 |
google-analytics.com
www.google-analytics.com |
20 KB |
2 |
facebook.com
graph.facebook.com www.facebook.com |
2 KB |
2 |
google.com
apis.google.com |
72 KB |
2 |
facebook.net
connect.facebook.net |
78 KB |
1 |
amazonaws.com
s3.me-south-1.amazonaws.com |
73 KB |
1 |
gstatic.com
fonts.gstatic.com |
15 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
72 | 15 |
Domain | Requested by | |
---|---|---|
28 | agoraleaks.com |
agoraleaks.com
|
10 | www.adonboost.com |
4 redirects
agoraleaks.com
www.adonboost.com |
8 | www.youtube.com |
agoraleaks.com
www.youtube.com |
6 | track.adonnews.com |
www.adonboost.com
|
4 | platform.twitter.com |
agoraleaks.com
platform.twitter.com |
3 | static.addtoany.com |
agoraleaks.com
static.addtoany.com |
3 | www.google-analytics.com |
agoraleaks.com
www.google-analytics.com |
2 | syndication.twitter.com |
platform.twitter.com
|
2 | apis.google.com |
agoraleaks.com
apis.google.com |
2 | connect.facebook.net |
connect.facebook.net
|
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
1 | www.facebook.com |
connect.facebook.net
|
1 | graph.facebook.com |
static.addtoany.com
|
1 | s3.me-south-1.amazonaws.com |
agoraleaks.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | fonts.gstatic.com |
www.youtube.com
|
1 | www.googletagmanager.com |
agoraleaks.com
|
1 | fonts.googleapis.com |
agoraleaks.com
|
72 | 18 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.adonboost.com Amazon |
2021-08-12 - 2022-09-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-05 - 2022-07-04 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.s3.me-south-1.amazonaws.com Amazon |
2021-05-20 - 2022-04-22 |
a year | crt.sh |
*.adonnews.com Amazon |
2021-02-20 - 2022-03-21 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-07-29 - 2021-10-27 |
3 months | crt.sh |
*.apis.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-05 - 2021-11-09 |
a year | crt.sh |
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
http://agoraleaks.com/?p=80543
Frame ID: F1551C81327C2AD6758E7D2557B843AD
Requests: 49 HTTP requests in this frame
Frame:
https://static.addtoany.com/menu/sm.23.html
Frame ID: 37F8B0D1039DDC4834FE05E385F5F2A3
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/PEkNvh1Jq68?rel=0&wmode=opaque
Frame ID: 84AE42A774C7CE573B706830790600FA
Requests: 12 HTTP requests in this frame
Frame:
https://www.adonboost.com/tracking/index.html?pk_campaign=Agora%20Leaks&pk_kwd=Agora%20Leaks&title=Agora%20Leaks&siteId=5&_paq=%5B%5B%22setCustomUrl%22%2C%22%2Fagora-leaks%3Fpk_campaign%3DAgora%2520Leaks%26pk_kwd%3DAgora%2520Leaks%22%5D%2C%5B%22setDocumentTitle%22%2C%22Agora%20Leaks%22%5D%2C%5B%22addEcommerceItem%22%2C%225f71d6b49d543f1f290b63c4%22%2C%22Agora%20Leaks%22%2C%22https%3A%2F%2Fagoraleaks.com%2F%22%2C0.0015%5D%2C%5B%22trackEcommerceOrder%22%2C%2216346175279504763%22%2C0.0015%5D%5D
Frame ID: 58BB5C518E09DE9CBFCA81760A745E22
Requests: 4 HTTP requests in this frame
Frame:
https://www.adonboost.com/tracking/index.html?pk_campaign=Agora%20Leaks&pk_kwd=Agora%20Leaks&title=Agora%20Leaks&siteId=5&_paq=%5B%5B%22setCustomUrl%22%2C%22%2Fagora-leaks%3Fpk_campaign%3DAgora%2520Leaks%26pk_kwd%3DAgora%2520Leaks%22%5D%2C%5B%22setDocumentTitle%22%2C%22Agora%20Leaks%22%5D%2C%5B%22addEcommerceItem%22%2C%225f71d6b49d543f1f290b63c4%22%2C%22Agora%20Leaks%22%2C%22https%3A%2F%2Fagoraleaks.com%2F%22%2C0.0015%5D%2C%5B%22trackEcommerceOrder%22%2C%2216346175279522512%22%2C0.0015%5D%5D
Frame ID: 9A820E8ACFEF3B7965CEA134D4BF2B49
Requests: 4 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Fagoraleaks.com
Frame ID: 9E074583FBB9592CE276AA5AD982ED4C
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22428a04302eb%26domain%3Dagoraleaks.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fagoraleaks.com%252Ff29b59c37ffe068%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fagoraleaks.com%2F%3Fp%3D80543&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
Frame ID: 5FFF37EE8907C9569DAE5BD0A9FDD1F4
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: 8D49372D503051352A6E99F43D77214F
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/6dff1e52-0810-4f79-9280-bf73ee2fcdfa.png)
Page Title
بيان الحكومة الأمريكيةCDC؛: 273 حالة وفاة و 9845 حدثًا سلبي بعد 48 ساعة من بدء التلقيح.. – AgoraleaksDetected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/AddToAny.png)
Detected patterns
- addtoany\.com/menu/page\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- //platform\.twitter\.com/widgets\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
29 Outgoing links
These are links going to different origins than the main page.
Title: 273 people have died
Search URL Search Domain Scan URL
Title: VAERS
Search URL Search Domain Scan URL
Title: report
Search URL Search Domain Scan URL
Title: 25 million Americans
Search URL Search Domain Scan URL
Title: authorized for emergency use
Search URL Search Domain Scan URL
Title: do not purport
Search URL Search Domain Scan URL
Title: longer than
Search URL Search Domain Scan URL
Title: one year
Search URL Search Domain Scan URL
Title: one congressman
Search URL Search Domain Scan URL
Title: twenty-eight-year-old man
Search URL Search Domain Scan URL
Title: older Florida man
Search URL Search Domain Scan URL
Title: 45-year-old mother
Search URL Search Domain Scan URL
Title: Dr. Gregory Michael
Search URL Search Domain Scan URL
Title: pro-vaccine healthcare worker
Search URL Search Domain Scan URL
Title: four elderly women
Search URL Search Domain Scan URL
Title: Eight unborn babies
Search URL Search Domain Scan URL
Title: warned
Search URL Search Domain Scan URL
Title: seizures
Search URL Search Domain Scan URL
Title: cardiac arrest
Search URL Search Domain Scan URL
Title: total immunity
Search URL Search Domain Scan URL
Title: few legal remedies
Search URL Search Domain Scan URL
Title: federal program
Search URL Search Domain Scan URL
Title: upgraded its recommendation
Search URL Search Domain Scan URL
Title: shown to treat the virus
Search URL Search Domain Scan URL
Title: demonstrated
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: نشر
Search URL Search Domain Scan URL
Title: AddToAny
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- http://www.adonboost.com/resources/js/adon.dsp.sdk.preload.js HTTP 301
- https://www.adonboost.com/resources/js/adon.dsp.sdk.preload.js
- http://www.adonboost.com/resources/js/adon.dsp.sdk.js HTTP 301
- https://www.adonboost.com/resources/js/adon.dsp.sdk.js
- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
- http://www.adonboost.com/tracking/index.html?pk_campaign=Agora%20Leaks&pk_kwd=Agora%20Leaks&title=Agora%20Leaks&siteId=5&_paq=%5B%5B%22setCustomUrl%22%2C%22%2Fagora-leaks%3Fpk_campaign%3DAgora%2520Leaks%26pk_kwd%3DAgora%2520Leaks%22%5D%2C%5B%22setDocumentTitle%22%2C%22Agora%20Leaks%22%5D%2C%5B%22addEcommerceItem%22%2C%225f71d6b49d543f1f290b63c4%22%2C%22Agora%20Leaks%22%2C%22https%3A%2F%2Fagoraleaks.com%2F%22%2C0.0015%5D%2C%5B%22trackEcommerceOrder%22%2C%2216346175279504763%22%2C0.0015%5D%5D HTTP 301
- https://www.adonboost.com/tracking/index.html?pk_campaign=Agora%20Leaks&pk_kwd=Agora%20Leaks&title=Agora%20Leaks&siteId=5&_paq=%5B%5B%22setCustomUrl%22%2C%22%2Fagora-leaks%3Fpk_campaign%3DAgora%2520Leaks%26pk_kwd%3DAgora%2520Leaks%22%5D%2C%5B%22setDocumentTitle%22%2C%22Agora%20Leaks%22%5D%2C%5B%22addEcommerceItem%22%2C%225f71d6b49d543f1f290b63c4%22%2C%22Agora%20Leaks%22%2C%22https%3A%2F%2Fagoraleaks.com%2F%22%2C0.0015%5D%2C%5B%22trackEcommerceOrder%22%2C%2216346175279504763%22%2C0.0015%5D%5D
- http://www.adonboost.com/tracking/index.html?pk_campaign=Agora%20Leaks&pk_kwd=Agora%20Leaks&title=Agora%20Leaks&siteId=5&_paq=%5B%5B%22setCustomUrl%22%2C%22%2Fagora-leaks%3Fpk_campaign%3DAgora%2520Leaks%26pk_kwd%3DAgora%2520Leaks%22%5D%2C%5B%22setDocumentTitle%22%2C%22Agora%20Leaks%22%5D%2C%5B%22addEcommerceItem%22%2C%225f71d6b49d543f1f290b63c4%22%2C%22Agora%20Leaks%22%2C%22https%3A%2F%2Fagoraleaks.com%2F%22%2C0.0015%5D%2C%5B%22trackEcommerceOrder%22%2C%2216346175279522512%22%2C0.0015%5D%5D HTTP 301
- https://www.adonboost.com/tracking/index.html?pk_campaign=Agora%20Leaks&pk_kwd=Agora%20Leaks&title=Agora%20Leaks&siteId=5&_paq=%5B%5B%22setCustomUrl%22%2C%22%2Fagora-leaks%3Fpk_campaign%3DAgora%2520Leaks%26pk_kwd%3DAgora%2520Leaks%22%5D%2C%5B%22setDocumentTitle%22%2C%22Agora%20Leaks%22%5D%2C%5B%22addEcommerceItem%22%2C%225f71d6b49d543f1f290b63c4%22%2C%22Agora%20Leaks%22%2C%22https%3A%2F%2Fagoraleaks.com%2F%22%2C0.0015%5D%2C%5B%22trackEcommerceOrder%22%2C%2216346175279522512%22%2C0.0015%5D%5D
- http://connect.facebook.net/en/all.js HTTP 307
- https://connect.facebook.net/en/all.js
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
agoraleaks.com/ |
68 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style-rtl.min.css
agoraleaks.com/wp-includes/css/dist/block-library/ |
79 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
agoraleaks.com/wp-content/themes/jarida/ |
146 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
addtoany.min.css
agoraleaks.com/wp-content/plugins/add-to-any/ |
1 KB 787 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
agoraleaks.com/wp-includes/js/jquery/ |
87 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
agoraleaks.com/wp-includes/js/jquery/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
addtoany.min.js
agoraleaks.com/wp-content/plugins/add-to-any/ |
129 B 427 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rtl.css
agoraleaks.com/wp-content/themes/jarida/ |
14 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Agora-logo-300x130.jpg
agoraleaks.com/wp-content/uploads/2017/09/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AgoraBanner_728x86-2.jpeg
agoraleaks.com/wp-content/uploads/2017/05/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plus.png
agoraleaks.com/wp-content/plugins/zoom-widget/elements/images/1/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
100.png
agoraleaks.com/wp-content/plugins/zoom-widget/elements/images/1/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
minus.png
agoraleaks.com/wp-content/plugins/zoom-widget/elements/images/1/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Agora-%D8%A7%D9%84%D8%A5%D8%B9%D9%84%D8%A7%D9%85-%D9%81%D9%8A-%D8%AE%D8%AF%D9%85%D8%A9-%D8%A7%D9%84%D9%85%D8%AC%D8%AA%D9%85%D8%B9.jpg
agoraleaks.com/wp-content/uploads/2018/01/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adon.dsp.sdk.preload.js
www.adonboost.com/resources/js/ Redirect Chain
|
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
agoraleaks.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Agora_banner3.jpeg
agoraleaks.com/wp-content/uploads/2016/10/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Aoun-NO-TAWTIN-2.jpg
agoraleaks.com/wp-content/uploads/2017/09/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tie-scripts.js
agoraleaks.com/wp-content/themes/jarida/js/ |
63 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
agoraleaks.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
95 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.js
static.addtoany.com/menu/ |
72 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body-bg13.png
agoraleaks.com/wp-content/themes/jarida/images/patterns/ |
217 KB 217 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ge-ss-med.ttf
agoraleaks.com/wp-content/themes/jarida/fonts/ |
30 KB 30 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tiefontello.woff
agoraleaks.com/wp-content/themes/jarida/fonts/ |
17 KB 18 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-shadow.png
agoraleaks.com/wp-content/themes/jarida/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
emerg-room-620x330.jpg
agoraleaks.com/wp-content/uploads/2021/02/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 205 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sm.23.html
static.addtoany.com/menu/ Frame 37F8 |
741 B 554 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adon.dsp.sdk.js
www.adonboost.com/resources/js/ Redirect Chain
|
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PEkNvh1Jq68
www.youtube.com/embed/ Frame 84AE |
49 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sidebar-bullet.png
agoraleaks.com/wp-content/themes/jarida/images/ |
82 B 322 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Tayyar2021-13-Teshrin-300x160.jpg
agoraleaks.com/wp-content/uploads/2021/10/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Melissa-Strickler-300x160.jpg
agoraleaks.com/wp-content/uploads/2021/10/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Brazill-300x160.jpg
agoraleaks.com/wp-content/uploads/2020/03/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.29.svg.js
static.addtoany.com/menu/svg/ |
78 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 68 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-player-webp.css
www.youtube.com/s/player/03869671/ Frame 84AE |
335 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-embed-player.js
www.youtube.com/s/player/03869671/www-embed-player.vflset/ Frame 84AE |
209 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/ Frame 84AE |
2 MB 512 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fetch-polyfill.js
www.youtube.com/s/player/03869671/fetch-polyfill.vflset/ Frame 84AE |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84AE |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
googleads.g.doubleclick.net/pagead/ Frame 84AE Redirect Chain
|
113 B 474 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 84AE |
29 B 609 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
qoe
www.youtube.com/api/stats/ Frame 84AE |
0 200 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
www.youtube.com/s/player/03869671/player_ias.vflset/de_DE/ Frame 84AE |
25 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 84AE |
244 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
728x90
www.adonboost.com/search/5f71d6b49d543f1f290b63c4/ |
777 B 933 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
300x600
www.adonboost.com/search/5f71d6b49d543f1f290b63c4/ |
495 B 912 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
www.adonboost.com/tracking/ Frame 58BB Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
www.adonboost.com/tracking/ Frame 9A82 Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3mdgjv4pn9u83fc94bzzg7y893l4dxe9lk2y8d4uj6a49rlknv.png
s3.me-south-1.amazonaws.com/aon.media.bahrain.demo/2021-03-29/ |
73 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.js
track.adonnews.com/matomo/ Frame 58BB |
69 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.js
track.adonnews.com/matomo/ Frame 9A82 |
69 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.php
track.adonnews.com/matomo/ Frame 58BB |
278 B 387 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.php
track.adonnews.com/matomo/ Frame 9A82 |
278 B 387 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en/ Redirect Chain
|
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plusone.js
apis.google.com/js/ |
52 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
graph.facebook.com/ |
235 B 657 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame 9E07 |
319 KB 103 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
266 KB 75 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ |
147 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame 9E07 |
232 B 432 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 5FFF |
0 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
platform.twitter.com/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
platform.twitter.com/widgets/ Frame 8D49 |
32 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jot
syndication.twitter.com/i/ |
43 B 375 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.php
track.adonnews.com/matomo/ Frame 58BB |
278 B 387 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matomo.php
track.adonnews.com/matomo/ Frame 9A82 |
278 B 387 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log_event
www.youtube.com/youtubei/v1/ Frame 84AE |
28 B 320 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
128 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster string| GoogleAnalyticsObject function| ga object| _wpemojiSettings undefined| $ function| jQuery object| a2a_config object| a2a_localize string| tag string| class_ string| id_ number| max_ number| min_ object| all_elems object| elements_id boolean| al_id boolean| al_class object| allow_ids object| allow_classes function| getTextNodesIn boolean| prefsLoaded_my number| defaultFontSize_my number| currentFontSize_my function| changeFontSize_my function| setFontSize_my function| revertStyles_my function| createCookie_my function| readCookie_my function| getElementsByClassName function| zoomOnload function| setUserOptions_my function| saveSettings_my function| zoomAddToOnload function| zoomAddToOnUnload function| zoomLoadBody object| zoomOldFunctionOnLoad object| zoomOldFunctionOnUnload string| x object| adontag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| a2a object| twemoji object| wp object| adonDspPreload__existingElement function| adonDspPresynchWait function| adonDspPresynchLoader object| ___gcfg object| tie function| createTicker function| rotateTicker boolean| isInTag function| typetext function| removeFilter boolean| pp_alreadyInitialized function| gtag object| dataLayer function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2apage_init object| google_tag_manager object| $window object| $the_post boolean| doresize object| scroll_pos boolean| hashtag number| window_height object| dspElementsArray object| dspElementsAvailable object| dspElementContainers object| dspScriptElement string| dspSearchServerHost string| dspSearchServerPrefix string| dspSearchSiteId string| dspSearchServerProtocol string| dspSearchDefaultLatitude string| dspSearchDefaultLongitude string| dspSearchEnvironment string| dspSearchServerUrl boolean| dspConfigurationOK function| dspElementActivate function| adonDspSetLoadQueCount string| adonDspLoadQueInitialized object| adonDspLoadQueDb function| adonDspFade function| adonDspSetLoadQue function| adonDspFadeIn function| adonDspOnClickSwiper function| adonDspTriggerIframeLoad function| adonDspTriggerAsynchStatView function| adonDspTriggerFallbackCreativeClick function| adonDsp_Util__inIframe function| adonDspMatomoTracking function| adonDspTriggerPassbackControl function| requestNewCreative function| CheckElementsActive function| StartAdonDspService object| cookie object| parent_ object| __twttrll object| twttr object| __twttr object| FB object| gapi object| ___jsl object| ___gu object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.agoraleaks.com/ | Name: _ga Value: GA1.2.1577084741.1634617527 |
|
.agoraleaks.com/ | Name: _gid Value: GA1.2.556373488.1634617527 |
|
.agoraleaks.com/ | Name: _gat Value: 1 |
|
.youtube.com/ | Name: YSC Value: 1A0Kkj_jF0w |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: JmrYfr7tugM |
|
.agoraleaks.com/ | Name: _gat_gtag_UA_107855475_1 Value: 1 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUm0QeZzxeDr5Ei9lTM2IwVxeSPyqhe36UQzu1Kz8A60Pga_Z5gTZU4KCU2r |
|
.google.com/ | Name: NID Value: 511=DR_DCnkWsx6m1Si3ArSE7GiZKNhPL-NaCguZ_B7wSKBRcPtGYCCojDshm60ZecQhMlhplzDh1dh03qh7r6PUhIByktF6e6qRxCltVhr3SwU1gokP7bD-DiSnBIOB9toSLwvba4Pe2iFeAH9tZNZiUbNL6NClUQSJ--uacQ17Reg |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
agoraleaks.com
apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
platform.twitter.com
s3.me-south-1.amazonaws.com
static.addtoany.com
static.doubleclick.net
syndication.twitter.com
track.adonnews.com
www.adonboost.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.244.42.72
108.179.242.214
15.184.95.153
16.170.73.19
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:46c5
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.95.173.33
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
0299b95ef83435053561d14f9b56e1d3cc9186384198174235dba157c8e341dd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0491dc86d6637879d2dd5ef977e14758bed42d050cdea0214cf6c7f7fd98de03
092d378ef24ae36296c8c139f7ab035ec2e9ecb871a40e05102971f896db07de
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
0cb76f63f076e3ffeebb5f5c96a0406f1dabea46dd7eb7ee1789bb61163e11cc
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f090e6bd57a0b92920d33f7e4f57356b7e21a1ecd8ccf48598e6cf4d8c84e62
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa
30d79fbf6ddb4778a4863ad36fa9c90d4da6c90d7a0893c19e5adcee8e8554ac
35501bfd5f2a8d2d8fb04695bc80793b9aa7160ded872a9f89cc094b140f8702
36ec8e8c702a4c1b69be799c1294e730360eb146f1ec77ec8272528fdc4e3c17
3a651836b99c6cc27a6fc99b7d572d4db3b47abd17fbf63f0baf170edc95d650
3bb9f9f0651c37aa74a68d715af30b0e4be2bf3b26241731017450552879e4ae
3cda37599c5e49a384d3d8318461a126dd7dc9a3a7642bb39968ccf3def805df
3d6b7ddb62fd6cca0b540c2566231315049f1face6cf15838d687a368bf95179
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44bd4220ae9afb42bdf6199a39b14bc6f4cc6ea44c1481dcde55e8359fc6f41c
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4e21ced46a87d53101a4e0c7b732a7da9341432e9422405fa8b37a2570360e81
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
572900648ddb05d28f272213968e1d6c3eaea277f27e0306c96b4944719ccc05
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
62a870c1830eb7d4b90583cc0be3c0a2d4f6ddc841a1c0086e3871512796c5cf
63436cbd383dcf6fa70cb1ba99cc16830a1aea144385eb44fb17c85a6dd0afb1
650d721f07cb4a6d23313e4fb253a58ae16dbdd91e85692c1610cded90136e8e
6542ff36e48787988d38b9cfc3f01a601d1d7ab35ed500cef36bf825d9fed75b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
83e9eadcfefc66cf0bff70c9e3cdfde37f8a2071f82a0ed6bc464736e10463f6
8982a3c8d8fd62c8569e31a7c25d8acdcc010d48705eb42c1e53b0ac1c86ba19
8a0995f9b2e21c2c2f581af82327ebac668eb475c6eed2480f6b762505aa0736
8dcee071040500dd82d90677e11d47cbb6e8ec24c568d2b164af26aa876c9ffc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0a3efc86203052eed55e91f34436eda94c19ea18a8007e73942b8bdcb2f2290
a2fdc38accc5a487073b20404be789284a4c6ea86473d3bffa6d510a23cbc900
a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3a702639b1572146819e9103a571983a53131c6d4ee3963afdfe24daf747f81
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cb8dcc1c739f349114292341d10b77c2a80ab92aabe5dc8863cadeb147021156
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
d3629c4e5cbf91582756818abd70d1032bd75eaf6323234e7e8b3221dc307778
d56b1a4a5d03b55957e008fbd4d48b99bb0d177ecf1192dcbaccc4f4a3ca5f99
d75a9523c49bda62ffff15339ddeebc2cb5ba208d5219ff1702a42a069e5340b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef
da58077af2feb19d9fe5619ff374fdcd5cab25ce98d4d972d82de961cb270cb2
dcfa85a6564a303dd20695dd553f83fd28c4f8516b92bda934d8f6110a8821f2
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2ccfd5160c78a6cab852dd311b59982d95dd7561516f4209f7f27e45bb99135
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3a1046683ed69da9aac20ec38db6e19b3d93d6158e1a855e255a6f85e5381eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10
e8eea0a6ee9267d57d0f82e942aa084a887c24f532b8e40913d3e57bb69cc86f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0794b545fe33f26049293f15988d5cf9974d4df069fef6658690eadc2c26e25
f0cc40a4f5902f58f823e94316970801b731370b1f6a2b65392ae9e6149cc25c
f6b5da04fa44e9bd96ff49c1b07d0805d98c94b641b2b633e3185c07310f8033
f7fd24d942f5656a5756d31673d703e279e21db6cbed4cc6f51004b6ff242c47
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd26232315c5199c77306e32e6d400ff94626317cf370d19595d9153cbbf0b5e