www.ncminvest.com
Open in
urlscan Pro
192.124.249.104
Public Scan
Submitted URL: https://bit.ly/3B2osGS
Effective URL: https://www.ncminvest.com/risk-disclosure?locale=ar
Submission: On November 07 via manual from LB — Scanned from DE
Effective URL: https://www.ncminvest.com/risk-disclosure?locale=ar
Submission: On November 07 via manual from LB — Scanned from DE
Summary
This website contacted 13 IPs
in 2 countries
across 17 domains to perform 59 HTTP transactions.
The main IP is 192.124.249.104, located in
Menifee, United States and
belongs to SUCURI-SEC, US.
The main domain is www.ncminvest.com.
TLS certificate: Issued by DigiCert EV RSA CA G2 on July 25th 2023. Valid for: a year.
This is the only time www.ncminvest.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert EV RSA CA G2 on July 25th 2023. Valid for: a year.
This is the only time www.ncminvest.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
21
192.124.249.104
(Menifee, United States)
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10104.sucuri.net
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10104.sucuri.net
| www.ncminvest.com |
5
2a00:1450:4001:812::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
10
23.38.98.69
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-69.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-69.deploy.static.akamaitechnologies.com
| cdn.livechatinc.com | |
| api.livechatinc.com | |
| secure.livechatinc.com | |
| accounts.livechatinc.com | |
| cdn.livechat-files.com |
3
2a00:1450:4001:80e::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
2
2a03:2880:f083:100:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
4
2620:1ec:21::14
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| dc.ads.linkedin.com | |
| www.linkedin.com | |
| px.ads.linkedin.com |
1
2a00:1450:4001:830::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
2a03:2880:f176:181:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
ncminvest.com
www.ncminvest.com |
1 MB |
| 9 |
livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 6105 api.livechatinc.com — Cisco Umbrella Rank: 5568 secure.livechatinc.com — Cisco Umbrella Rank: 6904 accounts.livechatinc.com — Cisco Umbrella Rank: 7430 |
335 KB |
| 5 |
linkedin.com
4 redirects
dc.ads.linkedin.com — Cisco Umbrella Rank: 7073 www.linkedin.com — Cisco Umbrella Rank: 629 px.ads.linkedin.com — Cisco Umbrella Rank: 377 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003 |
5 KB |
| 5 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
430 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
| 3 |
gstatic.com
www.gstatic.com |
401 KB |
| 3 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
35 KB |
| 2 |
sucuri.net
cdn.sucuri.net |
14 KB |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174 |
90 KB |
| 1 |
livechat-files.com
cdn.livechat-files.com — Cisco Umbrella Rank: 17689 |
28 KB |
| 1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 110 |
185 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net Failed googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 |
2 KB |
| 1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 713 |
15 KB |
| 1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 6111 |
302 B |
| 0 |
twitter.com
Failed
analytics.twitter.com Failed |
|
| 0 |
t.co
Failed
t.co Failed |
|
| 0 |
google.de
Failed
www.google.de Failed |
|
| 59 | 17 |
| Domain | Requested by | |
|---|---|---|
| 21 | www.ncminvest.com |
www.ncminvest.com
|
| 5 | www.googletagmanager.com |
www.ncminvest.com
www.googletagmanager.com www.google-analytics.com |
| 4 | cdn.livechatinc.com |
www.ncminvest.com
secure.livechatinc.com |
| 3 | api.livechatinc.com |
cdn.livechatinc.com
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 3 | www.gstatic.com |
www.google.com
|
| 3 | www.google.com |
www.ncminvest.com
www.gstatic.com www.google.com |
| 2 | cdn.sucuri.net |
www.ncminvest.com
cdn.sucuri.net |
| 2 | dc.ads.linkedin.com | 2 redirects |
| 2 | connect.facebook.net |
www.ncminvest.com
connect.facebook.net |
| 1 | cdn.livechat-files.com | |
| 1 | accounts.livechatinc.com |
cdn.livechatinc.com
|
| 1 | secure.livechatinc.com |
cdn.livechatinc.com
|
| 1 | www.facebook.com |
www.ncminvest.com
|
| 1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | px4.ads.linkedin.com |
www.ncminvest.com
|
| 1 | px.ads.linkedin.com | 1 redirects |
| 1 | www.linkedin.com | 1 redirects |
| 1 | static.ads-twitter.com |
www.ncminvest.com
|
| 1 | bit.ly | 1 redirects |
| 0 | analytics.twitter.com Failed |
www.ncminvest.com
|
| 0 | t.co Failed |
www.ncminvest.com
|
| 0 | www.google.de Failed |
www.ncminvest.com
|
| 0 | stats.g.doubleclick.net Failed |
www.google-analytics.com
|
| 59 | 24 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| demo.ncminvest.com |
| www.noorcmacademy.com |
| www.ncminvest.com.tr |
| www.nooralmal.com |
| www.ncminvest.com.my |
| ncminvest.com.tr |
| www.shuaa.com |
| api.whatsapp.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.ncminvest.com DigiCert EV RSA CA G2 |
2023-07-25 - 2024-08-24 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| livechat.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-16 - 2024-08-15 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-08-16 - 2023-11-14 |
3 months | crt.sh |
| ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-21 - 2024-07-19 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| *.sucuri.net Go Daddy Secure Certificate Authority - G2 |
2023-09-08 - 2024-10-09 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.ncminvest.com/risk-disclosure?locale=ar
Frame ID: BF268F6E453765069662502988F4A739
Requests: 51 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeReZAUAAAAANHaLYGGmT8o5wwK6BI12TPbA38P&co=aHR0cHM6Ly93d3cubmNtaW52ZXN0LmNvbTo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=kva6ypjibgfd
Frame ID: 37C2680ED9041C2ED7419359872EDE94
Requests: 4 HTTP requests in this frame
Frame:
https://secure.livechatinc.com/customer/action/open_chat?license_id=12156666&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: A4E3E63D2905E10929FC43929C5375AA
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
الكشف عن المخاطر | ان سي ام للاستثمارPage URL History Show full URLs
-
https://bit.ly/3B2osGS
HTTP 301
https://www.ncminvest.com/risk-disclosure?locale=ar Page URL
Detected technologies
LiveChat
(Live Chat)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.livechatinc\.com/.*tracking\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /recaptcha/api\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://demo.ncminvest.com/terminal
Title: إن سي إم منصة الويب للميتاتريدر 5
Title: إن سي إم منصة الويب للميتاتريدر 5
Search URL Search Domain Scan URL
URL: https://www.noorcmacademy.com/
Title: الأكاديمية
Title: الأكاديمية
Search URL Search Domain Scan URL
URL: http://www.ncminvest.com.tr/
Title: www.ncminvest.com.tr
Title: www.ncminvest.com.tr
Search URL Search Domain Scan URL
URL: https://www.nooralmal.com/
Title: www.nooralmal.com
Title: www.nooralmal.com
Search URL Search Domain Scan URL
URL: http://www.ncminvest.com.my/
Title: www.ncminvest.com.my
Title: www.ncminvest.com.my
Search URL Search Domain Scan URL
URL: https://ncminvest.com.tr/
Search URL Search Domain Scan URL
URL: https://www.shuaa.com/
Search URL Search Domain Scan URL
URL: https://www.ncminvest.com.my/
Search URL Search Domain Scan URL
URL: https://api.whatsapp.com/send?phone=96594939363
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/3B2osGS
HTTP 301
https://www.ncminvest.com/risk-disclosure?locale=ar Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://dc.ads.linkedin.com/collect/?pid=1234567&conversionId=1234567&fmt=gif HTTP 302
- https://dc.ads.linkedin.com/collect?pid=1234567&conversionId=1234567&fmt=gif&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D1234567%26conversionId%3D1234567%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?pid=1234567&conversionId=1234567&fmt=gif&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?pid=1234567&conversionId=1234567&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQKWtsMrS5Pz8gAAAYuow2oneuUi26q_Wmz5LJW6BuzyQ5_rVX9Vi2dZIvBBiwO6_NA77i0abuQx
59 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
risk-disclosure
www.ncminvest.com/ Redirect Chain
|
84 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all-rtl.css
www.ncminvest.com/css/ |
371 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ncm-color-logo.png
www.ncminvest.com/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mt5-logo.png
www.ncminvest.com/images/ |
140 KB 140 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qr-code.png
www.ncminvest.com/images/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
whatsapp.svg
www.ncminvest.com/user/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
www.ncminvest.com/js/ |
471 KB 151 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all-rtl.js
www.ncminvest.com/js/ |
428 KB 116 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lazysizes.min.js
www.ncminvest.com/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
185 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spritesheet.svg
www.ncminvest.com/svg/ |
59 KB 21 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer-logo.png
www.ncminvest.com/images/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
www.ncminvest.com/css/font/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DroidArabicKufi.woff2
www.ncminvest.com/css/font/ |
31 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DroidArabicKufi-Bold.woff2
www.ncminvest.com/css/font/ |
31 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BebasNeueRegular.woff
www.ncminvest.com/css/font/ |
21 KB 21 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ |
470 KB 189 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
205 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracking.js
cdn.livechatinc.com/ |
89 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.png
www.ncminvest.com/user/images/payment-logos/ |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2n.png
www.ncminvest.com/user/images/payment-logos/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3n.png
www.ncminvest.com/user/images/payment-logos/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4.png
www.ncminvest.com/user/images/payment-logos/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5.png
www.ncminvest.com/user/images/payment-logos/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
223 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer-background.png
www.ncminvest.com/user/images/ |
308 KB 309 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
333 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
43 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 84 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 37C2 |
59 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
collect
stats.g.doubleclick.net/j/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
337 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/354350256/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ga-audiences
www.google.de/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 37C2 |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 37C2 |
470 KB 188 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2418313585058240
connect.facebook.net/signals/config/ |
139 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
adsct
t.co/1/i/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
adsct
analytics.twitter.com/1/i/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ |
398 B 622 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
www.google.com/pagead/1p-user-list/354350256/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
www.google.de/pagead/1p-user-list/354350256/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame 37C2 |
102 B 135 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get_configuration
api.livechatinc.com/v3.4/customer/action/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
open_chat
secure.livechatinc.com/customer/action/ Frame A4E3 |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get_localization
api.livechatinc.com/v3.4/customer/action/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0.20694fc3.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame A4E3 |
46 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.3c503051.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame A4E3 |
210 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe.db960d17.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame A4E3 |
799 KB 216 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
token
accounts.livechatinc.com/v2/customer/ Frame A4E3 |
195 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
new108.gif
cdn.livechat-files.com/api/file/lc/main/default/eyeCatchers/ |
28 KB 28 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
badge.js
cdn.sucuri.net/badge/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
badge.css
cdn.sucuri.net/badge/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- stats.g.doubleclick.net
- URL
- https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1405334-33&cid=1192932264.1699343460&jid=162292584&gjid=496441323&_gid=1313866802.1699343460&_u=YADAAUABAAAAACAAI~&z=49840942
- Domain
- www.google.de
- URL
- https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-93M90SRMD2&cid=1192932264.1699343460>m=45je3b60v899067323z8813242393&aip=1&z=94212456
- Domain
- t.co
- URL
- https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=7dcf34ba-8d52-4e69-b868-b63408eecd42&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=62eaabc9-5b85-4b91-9264-48929f43db89&tw_document_href=https%3A%2F%2Fwww.ncminvest.com%2Frisk-disclosure%3Flocale%3Dar&tw_iframe_status=0&txn_id=ny6sg&type=javascript&version=2.3.29
- Domain
- analytics.twitter.com
- URL
- https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=7dcf34ba-8d52-4e69-b868-b63408eecd42&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=62eaabc9-5b85-4b91-9264-48929f43db89&tw_document_href=https%3A%2F%2Fwww.ncminvest.com%2Frisk-disclosure%3Flocale%3Dar&tw_iframe_status=0&txn_id=ny6sg&type=javascript&version=2.3.29
- Domain
- www.google.com
- URL
- https://www.google.com/pagead/1p-user-list/354350256/?random=1699343460261&cv=11&fst=1699340400000&bg=ffffff&guid=ON&async=1>m=45je3b60v899067323z8813242393&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ncminvest.com%2Frisk-disclosure%3Flocale%3Dar&frm=0&tiba=%D8%A7%D9%84%D9%83%D8%B4%D9%81%20%D8%B9%D9%86%20%D8%A7%D9%84%D9%85%D8%AE%D8%A7%D8%B7%D8%B1%20%7C%20%D8%A7%D9%86%20%D8%B3%D9%8A%20%D8%A7%D9%85%20%D9%84%D9%84%D8%A7%D8%B3%D8%AA%D8%AB%D9%85%D8%A7%D8%B1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNxXfV8spVsGOOLVY3-SZAPQwqqW8dGQ&random=2085434705&rmt_tld=0&ipr=y
- Domain
- www.google.de
- URL
- https://www.google.de/pagead/1p-user-list/354350256/?random=1699343460261&cv=11&fst=1699340400000&bg=ffffff&guid=ON&async=1>m=45je3b60v899067323z8813242393&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ncminvest.com%2Frisk-disclosure%3Flocale%3Dar&frm=0&tiba=%D8%A7%D9%84%D9%83%D8%B4%D9%81%20%D8%B9%D9%86%20%D8%A7%D9%84%D9%85%D8%AE%D8%A7%D8%B7%D8%B1%20%7C%20%D8%A7%D9%86%20%D8%B3%D9%8A%20%D8%A7%D9%85%20%D9%84%D9%84%D8%A7%D8%B3%D8%AA%D8%AB%D9%85%D8%A7%D8%B1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNxXfV8spVsGOOLVY3-SZAPQwqqW8dGQ&random=2085434705&rmt_tld=1&ipr=y
Verdicts & Comments Add Verdict or Comment
49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| Laravel string| base_url string| asset_url function| _ function| jQuery function| $ function| axios function| io object| core object| __core-js_shared__ number| position function| WOW object| bootstrap function| Sly object| toastr object| input_country string| spin object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| gtag object| dataLayer object| __lc object| LiveChatWidget object| lazySizes object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| twq object| gaGlobal object| gaplugins object| gaData object| recaptcha object| closure_lm_238859 function| onYouTubeIframeAPIReady object| GooglebQhCsO object| regeneratorRuntime object| twttr boolean| __lc_inited object| LC_API23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .accounts.livechatinc.com/v2/customer/token | Name: __lc_cid Value: f77c993d-8661-474e-b064-9d2475be44cc |
|
| .accounts.livechatinc.com/v2/customer/token | Name: __lc_cst Value: 9e2f31a4f8ba5062b4bc2da3b8aceb0b8396d616e501d42de69052e66bd8cbf50a3715172c17120ddc633dd1b4af3f904e49f8fc285f5bb57907b48f6f30 |
|
| .accounts.livechatinc.com/customer/token | Name: __lc_cid Value: f77c993d-8661-474e-b064-9d2475be44cc |
|
| .accounts.livechatinc.com/customer/token | Name: __lc_cst Value: 9e2f31a4f8ba5062b4bc2da3b8aceb0b8396d616e501d42de69052e66bd8cbf50a3715172c17120ddc633dd1b4af3f904e49f8fc285f5bb57907b48f6f30 |
|
| .bit.ly/ | Name: _bit Value: na77OX-9d6340a2d6a64990a8-00L |
|
| www.ncminvest.com/ | Name: ncm_investment_session Value: eyJpdiI6IkM5TUh4OE1ZeloyZE5NaWpSUE1aR1E9PSIsInZhbHVlIjoibFROaWU2djZ4T0FYR0t4d09TN0JiWE9jaUtnSWVDY2VuNTZMSEJYd1UzZkdvYkVuVWRaQzdtNnlURGxZWld2b2FcL2daNVRjczl1aTNOV2I2aWx4cGhTUTJOQnE2cjhjb2xIaDRPdUVKSjQwbjA5ODlmU1h6UGVNQU00NmZOcXkzIiwibWFjIjoiMzhiZDE4MjUxN2UwM2YwMWJjZjIyZGQ0MjNhMDJiYjYzOWVkY2U4YjUxMGQwYTEzMWY3MDFhOGI3OWUzZDcxMSJ9 |
|
| .ncminvest.com/ | Name: _ga_D24EKLN320 Value: GS1.1.1699343460.1.0.1699343460.0.0.0 |
|
| .ncminvest.com/ | Name: _gid Value: GA1.2.1313866802.1699343460 |
|
| .ncminvest.com/ | Name: _gat_gtag_UA_150909497_1 Value: 1 |
|
| .ncminvest.com/ | Name: _gat_UA-1405334-33 Value: 1 |
|
| .ncminvest.com/ | Name: _gcl_au Value: 1.1.162773113.1699343460 |
|
| .ncminvest.com/ | Name: _ga_93M90SRMD2 Value: GS1.1.1699343460.1.0.1699343460.60.0.0 |
|
| .ncminvest.com/ | Name: _ga Value: GA1.1.1192932264.1699343460 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .linkedin.com/ | Name: li_sugr Value: c173f9e2-f0ac-4023-b560-6d7c37ef83f0 |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&f89df51b-3ad6-48c8-8797-0d6bbd30d691" |
|
| .linkedin.com/ | Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2673:u=1:x=1:i=1699343460:t=1699429860:v=2:sig=AQE2HAOKTncd9UQlGMP3AbXo5pf3JAiy" |
|
| .ncminvest.com/ | Name: _fbp Value: fb.1.1699343460559.1013175085 |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQJ0Rm5APjNXHQAAAYuow2h_93aqKpFt8Jarjw0F3BDYYtf2TCItKP9ohou0K_OF5WHK3RKm3BjAEQ |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQJB7CLa8br3HwAAAYuow2h_2AnOtsriCNURUcMGkseh-jMCP75PBoe-J03XM-iRhmdOv4EMJc5cPURfjGHwGw |
|
| .www.linkedin.com/ | Name: bscookie Value: "v=1&20231107075100b5fa742c-13ba-42a9-8bf2-3e6ef164d212AQFy3bzCjMsBxHU61UBINtkjSmHlRmln" |
|
| .linkedin.com/ | Name: li_gc Value: MTswOzE2OTkzNDM0NjA7MjswMjEanC2MgtemAs/Vu1Ghh3WCC13eYSGu1VC+1nr6Td7ITA== |
|
| accounts.livechatinc.com/ | Name: __oauth_redirect_detector Value: counter=1&t=1699343491&tag=f19af7016f3bb15f541a52599b87cc3070e4afeb |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | upgrade-insecure-requests; base-uri 'none';object-src 'none';default-src 'self' maxcdn.bootstrapcdn.com staticcontent.fxstreet.com fonts.gstatic.com *.twimg.com cdn.livechatinc.com;connect-src 'self' api.livechatinc.com www.google-analytics.com authorization.fxstreet.com staticcontent.fxstreet.com wss://wsred.ncminvest.com *.ncminvest.com;frame-src 'self' www.google.com www.youtube.com platform.twitter.com secure.livechatinc.com cdn.lightwidget.com *.doubleclick.net;img-src 'self' data: cdn.livechatinc.com cdn.livechat-files.com www.google-analytics.com www.facebook.com *.linkedin.com *.fxstreet.com *.twimg.com;media-src 'self' cdn.livechatinc.com;style-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.sucuri.net cdn.jsdelivr.net cdnjs.cloudflare.com fonts.googleapis.com maxcdn.bootstrapcdn.com staticcontent.fxstreet.com platform.twitter.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' api.livechatinc.com cdn.lightwidget.com cdn.livechatinc.com cdn.sucuri.net platform.twitter.com static.ads-twitter.com www.google.com www.googletagmanager.com www.gstatic.com www.youtube.com cdn.jsdelivr.net calendar.fxstreet.com staticcontent.fxstreet.com staticcontent.azureedge.net www.google-analytics.com connect.facebook.net googleads.g.doubleclick.net cdnjs.cloudflare.com ajax.googleapis.com maxcdn.bootstrapcdn.com www.googleadservices.com *.twimg.com;block-all-mixed-content;upgrade-insecure-requests |
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.livechatinc.com
analytics.twitter.com
api.livechatinc.com
bit.ly
cdn.livechat-files.com
cdn.livechatinc.com
cdn.sucuri.net
connect.facebook.net
dc.ads.linkedin.com
googleads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
secure.livechatinc.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.ncminvest.com
analytics.twitter.com
stats.g.doubleclick.net
t.co
www.google.com
www.google.de
13.107.42.14
146.75.120.157
192.124.249.104
23.38.98.69
2620:1ec:21::14
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:830::2002
2a02:fe80:1010::16
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
67.199.248.11
0d12b86cfffcd6046885f6990b22b643735fdc695521bd29b063ec9e789d2bde
122c344e3c23afe4ee39f7ac4742ecaa52c9a810c897f2062c02277f046cc35a
13680bfc573e980065d462129f4a44ba2b00a05d1b0c1445824acb7fb1a0eb81
15be39804fe34ebc6f04bdd0479d511a64fe70117194c3083b9413115372794c
22fa287202509552377dc6b9044d014f988a193e86b1cc63244dbd96eebc4c0e
23599cc936bcfeaac29f665ccda5c26d92fcdd25f0d3d497094ee5570e77375e
2a116fbb01adc832de9e40d83751f068237ee3a4f6f5637e60afa0bd012b4f50
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3026fd3cfd3abd4c78d8a2fd95fc76a72b602bdef91dbe5a7113c43fa5fe4719
3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71
3ba066e35f34a264f6935fc4eb5f97ff01970062b9b9ab5cabdaf7e2d0435213
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
456e85daee926e6180537345bc46ecc69d51cd14d2134a280cdf10b6521a5ced
4bfc6e50d9f88e9e28eb23d3cf221231d965a7a8638e08fdf1c8a7b87fa95c82
4c38b25f1c710345621108433306f7e784d97f2600add6a9fad881c32614d95b
5a9926dc80a16211cc39feb73443c67c5627dc12ff83ab3162c4e15e98a7cd50
5d79ea2fbf1829f7076444469efd53dcca4f429bd9f23313ee344f97df5cbdb5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76612af2e9d7c69f4a1a6ba6d8cd74c10d57b077354138b88bc2e91aa818e7ba
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c99923e01ed84b1ea147f6d0de446987b0f58f8c4849f1772b6a071cc34d3bc
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
81301708e07d4805a6fbadd734bb527119a057e2b902a287f7c6726aea9cd41c
89afa8c23d8d64fbe123f547da5e08df355f2c5d7cbdaa784327d341682cd79f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c2aca7b7b571da1efba9fd503f86141eea0c817e8ecebacd8f16fe63d85eedd
8e57f0128c61d61fbcc91700609328b84865cbf5f3c5895064b9182ff11fbac3
90f6a005dba9417a1c429356e030e4fc5f202709a9b62f7c041f88bd2da852dd
968111b81a588b8ac91f32ae69f3f607dd8236def3d3366e62d48defb7cccdc5
96a531c22b5666a118908b8c4be87452c271d8bcff28179a1aab7200c09cc5e2
9afa54f51337a7ad1975752c0b10bd07e6daf4e4f4a7999bdd6f4855530cd761
a74e0fc0d1c3f5b292767f40bdcfa6739258528d6e4e3ea6622a671eeb9a39b7
a767103c42975f29953e83b20806e144cfdbfa46a675c96bfdcc1ea3609ced94
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8
ace3d06a9d5d3b4da07d86e0492bd1c9541306660e7e8804e50b99542a2b1873
b8c0dd16ecb6f5b950e8ed4818cbbb92fa7386413b985a84bd24b61b454834e8
ba36331bfb6bfeb5a3c2f2d64023d0ec0ab42994c1edd5d069ba61a4229c4f83
c193f31eb8f5ff56c024ad366a79020db93a8788608eb2c28112bab1623d7fac
c7d6db8e38c73e279b4bbc68afe32ca9d918fff16b1910e7a551c2114a9e9b78
ce331a9a83020c772c18fb0822e7a04a9b8874d43fd7daf879a54608ade15a84
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d8d06f8a04fd821a8a984b60dfa96ea80092aefe907731a499493b79568af80d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4319d1daaaf8dae0aec56f900abb404f2afbd033b8ea65fc8356f67c4f34327
e4612f1554d9bdaee01577ddea6e94bc6eb8bd8fc89d27e9ce3e2d64cd58b194
e761df1176008b30a995279992dacc1910fe75c8b45920203cbe9c0298ba92fa
eaa1f61c852b0d2d6ddd1d43fb977771a66f30774f622c44c6f8ffa26a8a5116
ef88a8256f21bb4890a11784bcf4c9926eb2990083c7e73d7fe598330420f327
f499237287520bdb00bb63f5aa6797d0e5f6353fa9a5557252e3218ee4a29737
f87ecbfe800007048d14e191ea35bd625f0742b3e4bf9310c2a02004ce11356a
f8e94d760350e910dbad27622d26caa414b77b61dcd14af43ab6dff51cdf8256
fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5