![](/screenshots/829c639a-dcf3-49eb-9520-1152fd9e6301.png)
ar.strephonsays.com
Open in
urlscan Pro
2606:4700:3030::6815:66b
Public Scan
Submission: On April 12 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.
This is the only time ar.strephonsays.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
ar.strephonsays.com | |
strephonsays.com | |
a.strephonsays.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru | |
mc.yandex.com |
ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua
www.bigmp3db.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net
optad360.mgr.consensu.org |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com | |
c.mgid.com | |
cdn.mgid.com | |
servicer.mgid.com | |
cm.mgid.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-248-17.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8594 c.mgid.com — Cisco Umbrella Rank: 5670 cdn.mgid.com — Cisco Umbrella Rank: 11443 servicer.mgid.com — Cisco Umbrella Rank: 8526 s-img.mgid.com — Cisco Umbrella Rank: 5087 cm.mgid.com — Cisco Umbrella Rank: 1313 |
170 KB |
10 |
strephonsays.com
ar.strephonsays.com strephonsays.com — Cisco Umbrella Rank: 743917 a.strephonsays.com |
459 KB |
7 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 9151 |
2 KB |
7 |
bigmp3db.com
www.bigmp3db.com — Cisco Umbrella Rank: 557275 |
20 KB |
4 |
criteo.com
1 redirects
gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381 |
1 KB |
4 |
consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 60493 |
249 KB |
4 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 |
154 KB |
3 |
yandex.ru
2 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3359 |
74 KB |
3 |
optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 54654 get.optad360.io — Cisco Umbrella Rank: 37081 |
286 KB |
2 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 |
163 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374 |
6 KB |
1 |
crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1729 |
319 B |
1 |
pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 509 |
59 KB |
1 |
id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1045 |
17 KB |
1 |
imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 12052 |
187 KB |
1 |
zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 321777 |
10 KB |
63 | 16 |
Domain | Requested by | |
---|---|---|
7 | mc.yandex.com |
3 redirects
ar.strephonsays.com
|
7 | www.bigmp3db.com |
ar.strephonsays.com
www.bigmp3db.com |
5 | a.strephonsays.com |
ar.strephonsays.com
|
4 | s-img.mgid.com | |
4 | cdn.mgid.com | |
4 | optad360.mgr.consensu.org |
cmp.optad360.io
optad360.mgr.consensu.org |
3 | securepubads.g.doubleclick.net |
get.optad360.io
securepubads.g.doubleclick.net |
3 | mc.yandex.ru |
2 redirects
ar.strephonsays.com
|
3 | strephonsays.com |
ar.strephonsays.com
|
2 | mug.criteo.com | |
2 | gum.criteo.com | 1 redirects |
2 | cm.mgid.com |
jsc.mgid.com
|
2 | c.mgid.com |
jsc.mgid.com
|
2 | jsc.mgid.com |
www.bigmp3db.com
jsc.mgid.com |
2 | pagead2.googlesyndication.com |
ar.strephonsays.com
pagead2.googlesyndication.com |
2 | get.optad360.io |
ar.strephonsays.com
get.optad360.io |
2 | cdn.jsdelivr.net |
ar.strephonsays.com
get.optad360.io |
2 | ar.strephonsays.com |
ar.strephonsays.com
|
1 | id.crwdcntrl.net |
ads.pubmatic.com
|
1 | ads.pubmatic.com |
jsc.mgid.com
|
1 | cdn.id5-sync.com |
jsc.mgid.com
|
1 | cl.imghosts.com | |
1 | servicer.mgid.com |
jsc.mgid.com
|
1 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
1 | cdn.zx-adnet.com |
ar.strephonsays.com
|
1 | cmp.optad360.io |
ar.strephonsays.com
|
63 | 26 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-07-12 - 2023-07-12 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.optad360.io Amazon RSA 2048 M02 |
2023-03-01 - 2023-11-15 |
9 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
username.digitalreceipt.co.ke GTS CA 1D4 |
2023-03-10 - 2023-06-08 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-03-17 - 2023-08-27 |
5 months | crt.sh |
www.bigmp3db.com R3 |
2023-02-27 - 2023-05-28 |
3 months | crt.sh |
optad360.mgr.consensu.org Amazon RSA 2048 M02 |
2023-02-22 - 2023-06-21 |
4 months | crt.sh |
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-25 - 2024-01-24 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-09 - 2023-06-03 |
3 months | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2022-05-01 - 2023-06-02 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://ar.strephonsays.com/
Frame ID: 40FF3AE1D804A6AB1ABEA11C6A838DAE
Requests: 58 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html
Frame ID: 1963ED63A0C482065DD821C65EB5EF5B
Requests: 1 HTTP requests in this frame
Frame:
https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: B2C07089BEC0F6776B29D44DFA827858
Requests: 2 HTTP requests in this frame
Frame:
https://cm.mgid.com/i-noref.js?cbuster=1681313393883528476170
Frame ID: 50011A89286E5252AE41954B8943A604
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/829c639a-dcf3-49eb-9520-1152fd9e6301.png)
Page Title
يعرف عن 2023Detected technologies
Detected patterns
- googlesyndication\.com/
![](/vendor/wappa/icons/PubMatic.png)
Detected patterns
- https?://[^/]*\.pubmatic\.com
![](/vendor/wappa/icons/Yandex.Metrika.png)
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
39 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9971.OAam4ujAhqL6DoiSb4bC_2bokcK9yF9HOX2EWCtR2Nt7Mp_nwuLroUy9mKQVfoAd.lCRsqZ6TfiBhGQmzsm-f45e3rwU%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9971.JSY4U9yIFe6Xok72JMG9_MQ-DppxWq8likZQlcen6I2IIZjqeTyinVaIdaq09vvC-4kuJPP6B9oryn3Cz0pEi3sOU7MjYfJTSt2szMPpC4s%2C.qy9ShXxx6tTaA3UHs_LIIm1_3gw%2C
- https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A290%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A678184861386%3Ahid%3A1003542291%3Az%3A0%3Ai%3A20230412152952%3Aet%3A1681313392%3Ac%3A1%3Arn%3A559814151%3Arqn%3A1%3Au%3A1681313392895303807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C19%2C54%2C2%2C%2C0%2C%2C189%2C3%2C%2C%2C%2C284%3Aco%3A0%3Acpf%3A1%3Ans%3A1681313391615%3Arqnl%3A1%3Ast%3A1681313392%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Far.strephonsays.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A290%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A678184861386%3Ahid%3A1003542291%3Az%3A0%3Ai%3A20230412152952%3Aet%3A1681313392%3Ac%3A1%3Arn%3A559814151%3Arqn%3A1%3Au%3A1681313392895303807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C19%2C54%2C2%2C%2C0%2C%2C189%2C3%2C%2C%2C%2C284%3Aco%3A0%3Acpf%3A1%3Ans%3A1681313391615%3Arqnl%3A1%3Ast%3A1681313392%3At%3A%D9%8A%D8%B9%D8%B1%D9%81%20%D8%B9%D9%86%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
- https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9971.vU1FqmjmbIW7AtUVFFTJmU1mPJQqUwfxnRv6vETOdbT_bp5wpCoU06UFmR20ZyiX.yG2pwOgxRflDTF6RKuli2PHz2ow%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9971.AhtRmD6LYXa4e0SLlHn7CMvSctrApCFi9Is33tggpethM1vqRujZohbIw3qbv5qdXbDwQ-uiGiML8KCfkBd66RsOZhJRNOQnRECa3Rh7Ytg%2C.eJw0TpyHlAI-4_BFMIqoWqdpQ0E%2C
- https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Far.strephonsays.com%2F&domain=ar.strephonsays.com&cw=1&lsw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=tdg4tXxxdkJKT3RrNldwWWc2aUJJYXBwNldoeXNLUVBnYVc0eDVrdUlJakdUSndsdnpKcEhaVFR1WXljVEluWWVKQm1iNlJFSklLaWZhb2c2cVNlN2RxYmJ5UU8rK3hzYk4rTElJNzBpMzBZN0prdmZzSTFmQjE5U0xXSWZVT3B6VnMzVFNwUUNSamxyanJpVGVrWXdaSnYwa3BScHNtdnVEYWVlSXlEdHFvYXJQQlh6am8zY3huOWxNdkZGWG8vUEY4ZWhhRW5Say9URkN3N2lYbWcydFVBTngveVdjb29yblhvUStKS3RmdXdzVkpkNW1QR1p0di8wcHZibUgwYTVqWVZlfA&cppv=2
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ar.strephonsays.com/ |
46 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
strephonsays.com/template/artemiz/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yt.css
strephonsays.com/template/artemiz/css/ |
69 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
cmp.optad360.io/items/ |
253 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin.min.js
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ |
286 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
137 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
strephonsays.com/template/artemiz/js/ |
177 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ar.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookies_gdpr.js
cdn.zx-adnet.com/consent/ |
34 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
212 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1duwt.min.js
www.bigmp3db.com/ |
67 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
41 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
a.strephonsays.com/business/ |
47 KB 47 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Roti-and-Chapati-1.webp
a.strephonsays.com/life-style-2/ |
47 KB 47 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Sol-Solution-and-Suspension-2.webp
a.strephonsays.com/science-nature/ |
60 KB 61 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Caramel-and-Salted-Caramel.webp
a.strephonsays.com/life-style-2/ |
61 KB 62 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Deterrence-and-Retribution-2.webp
a.strephonsays.com/public/ |
118 KB 119 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ |
347 KB 116 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/ Frame 1963 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v4/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
76 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid7.17.1.js
get.optad360.io/sf/ |
495 KB 156 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 269 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
615 B 569 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 79 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-3.0.0.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame B2C0 |
691 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 268 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fondoperlaterra.org.1228643.js
jsc.mgid.com/f/o/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/ |
398 KB 124 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
90 B 94 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 268 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame B2C0 |
406 KB 54 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fondoperlaterra.org.1228643.es6.js
jsc.mgid.com/f/o/ |
252 KB 71 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 268 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/53480917/ Redirect Chain
|
447 B 530 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
fe3c772d-1513-4bd7-bd5e-9481a799c59d
https://ar.strephonsays.com/ |
0 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
dfae5621-e4f0-4d85-b639-a9b740a85b33
https://ar.strephonsays.com/ |
250 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 268 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
branding-ads.svg
optad360.mgr.consensu.org/icons/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 125 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide_secondary
mc.yandex.com/ Redirect Chain
|
43 B 94 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
c.mgid.com/pv/ |
0 43 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
7bc6e61c-b446-462c-94aa-ac39425056ae
https://ar.strephonsays.com/ |
1 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mgid_ua.svg
cdn.mgid.com/images/mgid/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Adchoices.svg
cdn.mgid.com/images/logos/ |
836 B 887 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
servicer.mgid.com/1228643/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mgid_ua.svg
cdn.mgid.com/images/mgid/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Adchoices.svg
cdn.mgid.com/images/logos/ |
836 B 1010 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS81OGQ0M...
s-img.mgid.com/g/15323152/492x328/-/ |
22 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzQ3MDMzNS9kMTE2M...
s-img.mgid.com/g/15875214/492x328/-/ |
19 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzUzMDQ1My9kN2QwM...
s-img.mgid.com/g/15659581/492x328/-/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAyLzU2MTUwOS82MjQ4N...
s-img.mgid.com/g/15323147/492x328/-/ |
35 KB 35 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8d6340827b1d26a4812d1e7f6f4cddc2.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2022-12/741329/ |
186 KB 187 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.js
cm.mgid.com/ |
0 124 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i-noref.js
cm.mgid.com/ Frame 5001 |
0 37 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id5-api.js
cdn.id5-sync.com/api/1.0/ |
58 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ |
190 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
json
gum.criteo.com/sid/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Redirect Chain
|
420 B 585 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
id.crwdcntrl.net/ |
43 B 319 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
sid
mug.criteo.com/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c
c.mgid.com/ |
43 B 213 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| zxConsentParams object| t object| e function| ym object| rbConfig string| token object| rsdfhse object| webpackChunk function| $ function| jQuery object| __cfQR object| AdSlotCollection object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter number| 2f1acc6c3a606b082e5eef5e54414ffb function| __tcfapi string| google_user_agent_client_hint boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| _0xe9ce object| $jscomp function| $jscomp$lookupPolyfilledValue function| ZxStartMainModule21 object| __ZXCONSENT21 number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays object| Ya object| yaCounter53480917 object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO function| google_sa_impl object| googleToken object| googleIMState object| _mgIntExchangeNews object| MarketGidInfC1228643 boolean| mg_loaded_761202_1228643 boolean| __cfRLUnblockHandlers object| _mgUserPages object| onClickExcludes function| mgReject1228643 function| mgLoadAds1228643 function| MarketGidCReject1228643 function| MarketGidLoadGoods1228643 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint761202 string| _mgCanonicalUri object| _mgPageView761202 string| _mgPvid string| _mgUniqueHash1228643_05bf7 boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT object| pbjs function| setImmediate function| clearImmediate object| ID5 object| ihowpbjsChunk object| ihowpbjs object| IHPWT object| _mgwcapping object| _mgPageImp76120216 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.strephonsays.com/ | Name: _ym_uid Value: 1681313392895303807 |
|
.strephonsays.com/ | Name: _ym_d Value: 1681313392 |
|
ar.strephonsays.com/ | Name: _pbjs_userid_consent_data Value: 6683316680106290 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 3705873847fake |
|
.strephonsays.com/ | Name: _sharedID Value: 35fe2b16-51c2-4315-896f-6cda08178079 |
|
.mgid.com/ | Name: __cf_bm Value: j5ml4hKFjZOVk6LeRZlEYr0eV5k1gVQHInEooiaC4eA-1681313392-0-AbSYQ5dgeiS9ymtU/yRlR+NpPjIvkZrwQAlDV3WU0YYxZwsSuXXDZgW3YonNxiOogA/nwynia/oXo8ExICJNfv0= |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 2493825994fake |
|
mc.yandex.com/ | Name: yabs-sid Value: 1189192111681313392 |
|
.yandex.com/ | Name: i Value: W7hhD27aHhYFwUzPpdaO+EphbB+aHDPDAFHMjHk+qzsjn/2enKVE72dakJEHLDix+FoY49cso3BDTvjH+woSvYP00AQ= |
|
.yandex.com/ | Name: yandexuid Value: 9654765801681313392 |
|
.yandex.com/ | Name: yuidss Value: 9654765801681313392 |
|
.yandex.com/ | Name: ymex Value: 1712849392.yc.1681313392#1712849392.yrts.1681313392#1712849392.yrtsi.1681313392 |
|
.strephonsays.com/ | Name: _ym_isad Value: 2 |
|
ar.strephonsays.com/ | Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1228643%22%3A%7B%22page%22%3A1%2C%22time%22%3A1681313393829%7D%7D |
|
.strephonsays.com/ | Name: cto_bundle Value: HV9oG19WcVJTb0RHTm9Lb2VUJTJCMU5ZUEFzUkI3b0R4cHVFSkFlYWhlRHlFY0wwSUc3RG5hTlJFbkRaM0tJVTVhQjFPTlglMkZ4dUhkNEJTN3VrcVYlMkJmOSUyRmVNNE9XY1BXaFY4QktLUXlzVVptelhDamJMQ3RWdG5UUHJpaXZNTjV4M3NuRHhZ |
|
.strephonsays.com/ | Name: cto_bidid Value: rSWoVV9WcVJTb0RHTm9Lb2VUJTJCMU5ZUEFzUkI3b0R4cHVFSkFlYWhlRHlFY0wwSUc3RG5hTlJFbkRaM0tJVTVhQjFPTlglMkZ4dUhkNEJTN3VrcVYlMkJmOSUyRmVNNE9XY1BXaFY4QktLUXlzVVptelhDamJJRGMlMkJCekwlMkZQb205byUyRlJSdFhab1Nh |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.strephonsays.com
ads.pubmatic.com
ar.strephonsays.com
c.mgid.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cl.imghosts.com
cm.mgid.com
cmp.optad360.io
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
jsc.mgid.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
strephonsays.com
www.bigmp3db.com
151.101.65.195
178.250.1.11
2.19.228.187
2600:9000:2156:8400:6:b871:4f00:93a1
2600:9000:225e:6c00:11:a4de:2580:93a1
2606:4700:10::6816:3456
2606:4700:1::6813:864e
2606:4700:1::6813:874e
2606:4700:3030::6815:66b
2606:4700::6812:d2d
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a02:2638:3::c
2a02:6b8::1:119
2a04:4e42:600::485
52.209.248.17
95.216.65.102
99.86.4.99
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
04eb0579a6ea414f51af9beb69bd8d4816cb50919a6554212daf2e6c0a3883ed
059c65361fabb1491df95a87e47ecb85e2bafc1216c073cc064ddddeecfe265a
08a327a7a18f24e566fe0b0d86271109abbca277c5e226785b6740d18a4e59d7
15b3ebe5b609b257c925c2e30a73d8832738c6c508574a6103ce1e57865f85ba
184a0e223e905649a4adf44a852e5f0d7c58a394f512501003af6effc35751d6
198350a787373f881a2a1d2af746a86ac35c158617bd2d273323b54dab63196e
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986
2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696
331265e716919a38450577b87b2916f3a580883667dd383b3fe38adf38af3ef2
331759cc07003ed9a0efba0c6355ce686fdb7f68a24d0d72b086e7fa2aae81e6
36bd7516a7e43f420111787723560c46d88f6b193d0d8c22039372d68a802a06
5229a89af0d83ae2201c2ff2a572284c5c0b9fbcfdec7fc9f535f863d225ef77
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca
56ae2a10cd6ec3ddd872559ea9bb8f03cff58ffdf1dc4038a1c8e28611c2c222
5f703f7c5f79c2c0e3219a42902b4c472360214ebf9402fc45dee683b6cf4c6f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6342420a6a7214787a77d44b80759ad990a287e9aea3f5387f3e3df443dda919
661d11a25f04b1396352b49ea31984fc1a68a4c30e87f241873a240666d3f8c2
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
688708971d125171e4ca49c4437825acdf8778e5fa23fc10c51a5925dc494316
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9
6a9f667053394455ba7d064b526119757f84042d8078b2642093bbca2891bad0
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
70e8b6db69fe62d1ddbf326b78fabe363cc238f51319bd5f7b71c25213fe89f4
71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
7288c20b13b744af212d6df6ad459628687cf60a1ffe7f99d72e033b556450f0
774b02a17e7c4833990a848acfafbc9b622e7b4ea730845f665ebcfee80c27da
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
83e36e7190bf0f00b631c0cc933f9ef7deeb12cf05da1affa3fc7c544acc36f0
925bf96428c2caafdc661c7b24f7a2461c5f06e57e5b2811da92ef07f47bfa9b
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae8ed10fa0e4a665d75dbf7a2cb8cf035c568b7bfee2966e73367a1c9638b68a
af01797d233b68aec87f1010e56321396844af9daeb28662d888939e92a76b91
b7942073155358805ba386e0e2c5bfacbd203323321a49436ce8abfc8a6c8622
bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab
bcbf5baf3fbe1ce55828221062341d9a30a688ce01378be721ad3123041ae6a4
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
df8e948910f886c0cbc6fde45d00fa57bf2d5bb7b49cdfe24cd0b701bae146d9
e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
eb2254281cbbebfe5c3d091c67dea35bec8075b59e7d1fae735c13c810485b07
f1847af3947589999cfd242b4e6b344de6f4cf9b4f3a2fce05a074def7c85c07
fa42bae02655421ebe9bee852fbea63569fb7da75781afc95357e03774cc4f12
fb7b852e74c07fce6d901f1cc61855a7d857949644b66e475af187d87cb1df7c
ff6704748b62620378cca78f4d535953f9766b054e5afa473cc7c7d9c7c3b0af