urlscan.io logo urlscan.io
SecurityTrails logo

newsalmubasher.com Open in urlscan Pro
2606:4700:30::681b:b5b2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/2JBe1lG
Effective URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Submission: On July 24 via manual from SA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 21 HTTP transactions. The main IP is 2606:4700:30::681b:b5b2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is newsalmubasher.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 16th 2019. Valid for: a year.
This is the only time newsalmubasher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 395224 (BITLY-AS)
10 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 205.185.208.52 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 8
1    67.199.248.10 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
PTR: bit.ly
bit.ly
10    2606:4700:30::681b:b5b2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
newsalmubasher.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2606:4700:30::6812:36ce (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
geolocly.com
5    2606:4700:20::6818:d4f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
code.tidio.co
widget-v4.tidiochat.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
10 newsalmubasher.com newsalmubasher.com
4 widget-v4.tidiochat.com 1 redirects widget-v4.tidiochat.com
2 fonts.gstatic.com widget-v4.tidiochat.com
2 www.google-analytics.com www.googletagmanager.com
newsalmubasher.com
1 fonts.googleapis.com widget-v4.tidiochat.com
1 code.tidio.co 1 redirects
1 geolocly.com code.jquery.com
1 code.jquery.com newsalmubasher.com
1 www.googletagmanager.com newsalmubasher.com
1 bit.ly 1 redirects
21 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-07-16 -
2020-07-15		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
ssl387611.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-10 -
2019-10-17		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Frame ID: 90971B0F48212B448BAC069742EFA725
Requests: 16 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Frame ID: F7C7A82A909549A78D9F02C00154DFC5
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,600
Frame ID: 977203A93680220FD4CD9DAE93F1943D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/2JBe1lG HTTP 301
    https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

21
Requests

100 %
HTTPS

78 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

542 kB
Transfer

1457 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/2JBe1lG HTTP 301
    https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://code.tidio.co/mxs3gvuya9wscl373ouc7k0nyu7bicpr.js HTTP 302
  • https://widget-v4.tidiochat.com/mxs3gvuya9wscl373ouc7k0nyu7bicpr.js HTTP 302
  • https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsalmubasher.com/3557/
Redirect Chain
  • http://bit.ly/2JBe1lG
  • https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
587f23b7d366adb7856358b4247f72d0ee833fb6e6ac5f63214138c43193fadb

Request headers

:method
GET
:authority
newsalmubasher.com
:scheme
https
:path
/3557/?SMS-Nyoum-T8-NAM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
date
Wed, 24 Jul 2019 10:07:37 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d1b505c5d97b4bc7b7e971805368b4b501563962856; expires=Thu, 23-Jul-20 10:07:36 GMT; path=/; domain=.newsalmubasher.com; HttpOnly; Secure
link
<https://newsalmubasher.com/wp-json/>; rel="https://api.w.org/", <https://newsalmubasher.com/?p=3557>; rel=shortlink
vary
X-Forwarded-Proto,Accept-Encoding
referrer-policy
no-referrer-when-downgrade
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4fb5168f2facc26d-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Wed, 24 Jul 2019 10:07:36 GMT
Content-Type
text/html; charset=utf-8
Content-Length
136
Connection
keep-alive
Cache-Control
private, max-age=90
Location
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Set-Cookie
_bit=j6oa7A-4649bd6d694ae7f3fd-00C; Domain=bit.ly; Expires=Mon, 20 Jan 2020 10:07:36 GMT
9cd0e.css
newsalmubasher.com/wp-content/cache/minify/ 		61 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/cache/minify/9cd0e.css
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
773f3d9f81df62aba80e9feefaac0e51a4ec051550de87fbe31dd143a9b33e6a

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
content-encoding
br
cf-cache-status
HIT
age
267856
cf-polished
origSize=62933
status
200
cf-bgj
minify
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jul 2019 07:48:02 GMT
server
cloudflare
etag
W/"2ad5-58e03f2301601"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31363480
cf-ray
4fb516921a57c26d-FRA
expires
Tue, 21 Jul 2020 10:12:17 GMT
df983.js
newsalmubasher.com/wp-content/cache/minify/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/cache/minify/df983.js
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a769481dfbf7877ea57644f87e606d49b9cc0b33a2d77e99d47b8dcbdb7cbe1

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
content-encoding
br
cf-cache-status
HIT
age
267857
cf-polished
origSize=106927
status
200
cf-bgj
minify
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jul 2019 07:48:02 GMT
server
cloudflare
etag
W/"9121-58e03f230ba14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31363481
cf-ray
4fb516921a5bc26d-FRA
expires
Tue, 21 Jul 2020 10:12:18 GMT
js
www.googletagmanager.com/gtag/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131354453-3
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03ee40202419c48691dd51087f33e7019d3cf74cf19b2677edb8aa86f270e0bf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
26359
x-xss-protection
0
expires
Wed, 24 Jul 2019 10:07:37 GMT
almubasher-logo5.svg
newsalmubasher.com/wp-content/themes/eqtsad/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsalmubasher.com/wp-content/themes/eqtsad/images/almubasher-logo5.svg
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0006822c745633c1e4f1e506c6df6b40bb806335fa92e129cd8d24fff9b6b42a

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
server
cloudflare
age
267856
etag
W/"c36-58ae83c2a3c80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=31536000
cf-ray
4fb516921a5dc26d-FRA
expires
Thu, 23 Jul 2020 10:07:37 GMT
40230.jpg
newsalmubasher.com/wp-content/uploads/2019/07/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsalmubasher.com/wp-content/uploads/2019/07/40230.jpg
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
512804db1d4573ae8fb7feb7709f65eac3ca0c7d927fe92eb847811df3fc1011

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
cf-cache-status
HIT
age
267856
status
200
content-length
74500
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jul 2019 09:47:32 GMT
server
cloudflare
etag
"12304-58db526235500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
4fb516925b52c26d-FRA
expires
Thu, 23 Jul 2020 10:07:37 GMT
3f294.js
newsalmubasher.com/wp-content/cache/minify/ 		888 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/cache/minify/3f294.js
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4896dff81755ed7a52fdb10152b5f97c827f2f0d40bd37e35034acb042f8109f

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
content-encoding
br
cf-cache-status
HIT
age
267855
status
200
last-modified
Fri, 19 Jul 2019 07:48:02 GMT
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
server
cloudflare
etag
W/"1b3-58e03f23096eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31363480
cf-ray
4fb516923ae2c26d-FRA
expires
Tue, 21 Jul 2020 10:12:17 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Wed, 24 Jul 2019 10:07:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-14e4a"
Vary
Accept-Encoding
X-HW
1563962872.dop030.fr8.shc,1563962872.dop030.fr8.t,1563962872.cds035.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29811
d5404.js
newsalmubasher.com/wp-content/cache/minify/ 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/cache/minify/d5404.js
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c512771353d695b68c419ebd2fe4064f668d607b6a6be3d07bcd361204354e1

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
content-encoding
br
cf-cache-status
HIT
age
267857
cf-polished
origSize=71893
status
200
cf-bgj
minify
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jul 2019 07:48:02 GMT
server
cloudflare
etag
W/"523c-58e03f230e124"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31363481
cf-ray
4fb516925b4fc26d-FRA
expires
Tue, 21 Jul 2020 10:12:18 GMT
eqtsad-regular.woff
newsalmubasher.com/wp-content/themes/eqtsad/css/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/themes/eqtsad/css/fonts/eqtsad-regular.woff
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecfede779ce0f2ea0ca054cdf779c252079bfad44b26d6f4e38078789b1612f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://newsalmubasher.com/wp-content/cache/minify/9cd0e.css
Origin
https://newsalmubasher.com

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
server
cloudflare
age
267856
etag
W/"8084-583bcf2abf800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/font-woff
status
200
cache-control
public, max-age=31536000
cf-ray
4fb516925b62c26d-FRA
expires
Thu, 23 Jul 2020 10:07:37 GMT
eqtsad-bold.woff
newsalmubasher.com/wp-content/themes/eqtsad/css/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/themes/eqtsad/css/fonts/eqtsad-bold.woff
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8173d15688083c9cdcf4d4737977d580e28f749cf04ad035a216b781ecf3eb48

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://newsalmubasher.com/wp-content/cache/minify/9cd0e.css
Origin
https://newsalmubasher.com

Response headers

date
Wed, 24 Jul 2019 10:07:37 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
server
cloudflare
age
267856
etag
W/"7c5c-583bcf2abf800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/font-woff
status
200
cache-control
public, max-age=31536000
cf-ray
4fb516925b6ec26d-FRA
expires
Thu, 23 Jul 2020 10:07:37 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131354453-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
4829
date
Wed, 24 Jul 2019 08:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Wed, 24 Jul 2019 10:47:08 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=97048894&t=pageview&_s=1&dl=https%3A%2F%2Fnewsalmubasher.com%2F3557%2F%3FSMS-Nyoum-T8-NAM&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%7C%20%D8%B1%D8%A6%D9%8A%D8%B3%20%D9%85%D8%B4%D8%B1%D9%88%D8%B9%20%E2%80%9C%D9%86%D9%8A%D9%88%D9%85%E2%80%9D%3A%20%E2%80%9C%D9%88%D9%84%D9%8A%20%D8%A7%D9%84%D8%B9%D9%87%D8%AF%E2%80%9D%20%D9%88%D8%AC%D9%87%20%D8%A8%D8%A5%D8%B9%D8%AF%D8%A7%D8%AF%20%D9%84%D9%88%D8%A7%D8%A6%D8%AD%20%D9%85%D9%84%D8%A7%D8%A6%D9%85%D8%A9%20%D9%84%D9%84%D8%A7%D8%B3%D8%AA%D8%AB%D9%85%D8%A7%D8%B1%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%85%D8%B4%D8%B1%D9%88%D8%B9&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1752488216&gjid=1815378434&cid=1892307076.1563962857&tid=UA-131354453-3&_gid=1811267169.1563962857&_r=1&gtm=2ou7f1&z=86716382
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2019 10:07:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
getip.php
geolocly.com//geoservice/ 		90 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocly.com//geoservice/getip.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:36ce , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.2.17
Resource Hash
c957bb0df4d3a6f3b8f49a685aa5026814e12aefe9edc50f6504ef577fa43355

Request headers

Accept
*/*
Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Origin
https://newsalmubasher.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:53 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
server
cloudflare
status
200
x-powered-by
PHP/7.2.17
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
4fb516f3f8d2befb-FRA
access-control-allow-headers
X-Requested-With
expires
Thu, 23 Jul 2020 10:07:52 GMT
flags.png
newsalmubasher.com/wp-content/themes/eqtsad/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsalmubasher.com/wp-content/themes/eqtsad/images/flags.png
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/wp-content/cache/minify/df983.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
288a4fe8808a7fc985e7945ba529bf23b7bb4388adc5be1c9eaa75d6e64cd391

Request headers

Referer
https://newsalmubasher.com/wp-content/cache/minify/9cd0e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:52 GMT
cf-cache-status
HIT
age
261223
status
200
content-length
32291
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2019 12:53:52 GMT
server
cloudflare
etag
"7e23-583bcf2abf800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
4fb516f3ab9dc26d-FRA
expires
Thu, 23 Jul 2020 10:07:52 GMT
render.b21bd57fa5355f13bfb3.js
widget-v4.tidiochat.com/1_12_1/static/js/
Redirect Chain
  • https://code.tidio.co/mxs3gvuya9wscl373ouc7k0nyu7bicpr.js
  • https://widget-v4.tidiochat.com/mxs3gvuya9wscl373ouc7k0nyu7bicpr.js
  • https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6818:d4f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
832f52a29d0b6f280d5ce740a44a3e6389e0d5e910ca3933b826bd80351fb936

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2019 08:53:38 GMT
server
cloudflare
age
5626
etag
W/"5d245612-15b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=691200
cf-ray
4fb516f9fd0bc29a-FRA
expires
Thu, 01 Aug 2019 10:07:53 GMT

Redirect headers

date
Wed, 24 Jul 2019 10:07:53 GMT
cf-cache-status
MISS
server
cloudflare
location
https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
302
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
4fb516f6a8f4c29a-FRA
widget.b21bd57fa5355f13bfb3.js
widget-v4.tidiochat.com//1_12_1/static/js/ Frame F7C7 		803 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6818:d4f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe55c985114a682764f57172d48019f1b0ca348d3afbe574e9c5c9a8654b1842

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 10:07:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2019 08:50:04 GMT
server
cloudflare
age
5608
etag
W/"5d24553c-c8ddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=691200
cf-ray
4fb516fa1d5fc29a-FRA
expires
Thu, 01 Aug 2019 10:07:53 GMT
tururu.mp3
widget-v4.tidiochat.com// Frame F7C7 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6818:d4f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Range
bytes=0-
Accept-Encoding
identity;q=1, *;q=0

Response headers

date
Wed, 24 Jul 2019 10:07:54 GMT
cf-cache-status
HIT
age
1117388
status
206
Content-Length
7224
pragma
public
Content-Range
bytes 0-7223/7224
last-modified
Tue, 09 Jul 2019 08:53:38 GMT
server
cloudflare
etag
"5d245612-1c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
4fb516fae82ac29a-FRA
expires
Thu, 23 Jul 2020 10:07:54 GMT
css
fonts.googleapis.com/ Frame 9772 		2 KB
527 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7127862fbadbd0ca8a5bd8311f8e49cf516d39fc79da0b443d94f88afd438d24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 24 Jul 2019 10:07:55 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 24 Jul 2019 10:07:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 24 Jul 2019 10:07:55 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v16/ Frame 9772 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Muli:400,600
Origin
https://newsalmubasher.com

Response headers

date
Mon, 22 Jul 2019 19:37:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:05 GMT
server
sffe
age
138605
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11528
x-xss-protection
0
expires
Tue, 21 Jul 2020 19:37:50 GMT
7Au_p_0qiz-ade3iOCX2z24PMFk.woff2
fonts.gstatic.com/s/muli/v16/ Frame 9772 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au_p_0qiz-ade3iOCX2z24PMFk.woff2
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bbf725af901c16b2cae1d7975ef1d333a8ccccf2bea304aa738ff26640b42d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Muli:400,600
Origin
https://newsalmubasher.com

Response headers

date
Mon, 22 Jul 2019 19:45:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:52 GMT
server
sffe
age
138176
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11552
x-xss-protection
0
expires
Tue, 21 Jul 2020 19:45:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| gtag object| dataLayer object| uwrData object| google_tag_manager function| readyDOM function| debounce string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| startTimer object| countryData object| input object| addressDropdown object| iti object| country object| optionNode object| textNode object| intlTelInputGlobals function| intlTelInput object| wp object| SENTRY_RELEASE object| tidioChatApi

1 Cookies

Domain/Path Name / Value
.newsalmubasher.com/ Name: __cfduid
Value: d44ceda03bf089875490ec629961238ff1563962872

3 Console Messages

Source Level URL
Text
console-api log URL: https://newsalmubasher.com/wp-content/cache/minify/df983.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://newsalmubasher.com/wp-content/cache/minify/3f294.js(Line 2)
Message:
[object Object]
console-api log URL: https://newsalmubasher.com/wp-content/cache/minify/3f294.js(Line 2)
Message:
API: debugger is disable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
code.jquery.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
geolocly.com
newsalmubasher.com
widget-v4.tidiochat.com
www.google-analytics.com
www.googletagmanager.com
205.185.208.52
2606:4700:20::6818:d4f
2606:4700:30::6812:36ce
2606:4700:30::681b:b5b2
2a00:1450:4001:80b::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200e
2a00:1450:4001:825::200a
67.199.248.10
0006822c745633c1e4f1e506c6df6b40bb806335fa92e129cd8d24fff9b6b42a
03ee40202419c48691dd51087f33e7019d3cf74cf19b2677edb8aa86f270e0bf
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ecfede779ce0f2ea0ca054cdf779c252079bfad44b26d6f4e38078789b1612f
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1a769481dfbf7877ea57644f87e606d49b9cc0b33a2d77e99d47b8dcbdb7cbe1
288a4fe8808a7fc985e7945ba529bf23b7bb4388adc5be1c9eaa75d6e64cd391
4896dff81755ed7a52fdb10152b5f97c827f2f0d40bd37e35034acb042f8109f
4c512771353d695b68c419ebd2fe4064f668d607b6a6be3d07bcd361204354e1
512804db1d4573ae8fb7feb7709f65eac3ca0c7d927fe92eb847811df3fc1011
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
587f23b7d366adb7856358b4247f72d0ee833fb6e6ac5f63214138c43193fadb
7127862fbadbd0ca8a5bd8311f8e49cf516d39fc79da0b443d94f88afd438d24
773f3d9f81df62aba80e9feefaac0e51a4ec051550de87fbe31dd143a9b33e6a
8173d15688083c9cdcf4d4737977d580e28f749cf04ad035a216b781ecf3eb48
832f52a29d0b6f280d5ce740a44a3e6389e0d5e910ca3933b826bd80351fb936
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
bbf725af901c16b2cae1d7975ef1d333a8ccccf2bea304aa738ff26640b42d30
c957bb0df4d3a6f3b8f49a685aa5026814e12aefe9edc50f6504ef577fa43355
fe55c985114a682764f57172d48019f1b0ca348d3afbe574e9c5c9a8654b1842