![](/screenshots/984c0dc9-7f51-4996-9957-32d64d20ed8a.png)
it.giornalemedi.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/?_url=%252Fr%252F...
Submission Tags: falconsandbox
Submission: On August 31 via api from US — Scanned from IT
Summary
TLS certificate: Issued by GTS CA 1P5 on August 24th 2023. Valid for: 3 months.
This is the only time it.giornalemedi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-129-40.eu-west-1.compute.amazonaws.com
go.oferting.org | |
trac.oferting.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-109-21.eu-west-1.compute.amazonaws.com
r-ext.oferting.org |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14618 (AMAZON-AES, US)
rp.liadm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-131-114.compute-1.amazonaws.com
rp4.liadm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-159-6.compute-1.amazonaws.com
i.liadm.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
giornalemedi.com
it.giornalemedi.com |
348 KB |
7 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547 |
42 KB |
7 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47 |
463 KB |
5 |
liadm.com
1 redirects
b-code.liadm.com — Cisco Umbrella Rank: 2917 rp.liadm.com — Cisco Umbrella Rank: 1552 rp4.liadm.com — Cisco Umbrella Rank: 6517 i.liadm.com — Cisco Umbrella Rank: 623 i6.liadm.com Failed |
21 KB |
5 |
oferting.org
2 redirects
go.oferting.org r-ext.oferting.org trac.oferting.org |
67 KB |
4 |
pushpushgo.com
s-eu-1.pushpushgo.com — Cisco Umbrella Rank: 36056 |
55 KB |
3 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 919 trc.taboola.com — Cisco Umbrella Rank: 614 trc-events.taboola.com — Cisco Umbrella Rank: 1999 |
22 KB |
2 |
xtro24.com
xtro24.com |
15 KB |
1 |
criteo.com
dis.criteo.com — Cisco Umbrella Rank: 596 |
363 B |
1 |
sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 706 |
187 B |
1 |
mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1098 |
443 B |
1 |
xtroglobal.com
1 redirects
xtroglobal.com |
1 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 227 |
467 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 386 |
15 KB |
1 |
ilmegliodellaweb.it
1 redirects
pixel.ilmegliodellaweb.it |
169 B |
58 | 15 |
Domain | Requested by | |
---|---|---|
18 | it.giornalemedi.com |
it.giornalemedi.com
|
7 | www.googletagmanager.com |
r-ext.oferting.org
www.googletagmanager.com xtro24.com |
5 | www.google-analytics.com |
r-ext.oferting.org
www.googletagmanager.com www.google-analytics.com |
4 | s-eu-1.pushpushgo.com |
it.giornalemedi.com
s-eu-1.pushpushgo.com |
3 | r-ext.oferting.org |
r-ext.oferting.org
|
2 | xtro24.com |
it.giornalemedi.com
xtro24.com |
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | b-code.liadm.com |
r-ext.oferting.org
b-code.liadm.com |
1 | trc-events.taboola.com |
cdn.taboola.com
|
1 | dis.criteo.com |
i.liadm.com
|
1 | pixel-sync.sitescout.com |
i.liadm.com
|
1 | sync.mathtag.com |
i.liadm.com
|
1 | xtroglobal.com | 1 redirects |
1 | trac.oferting.org | 1 redirects |
1 | i.liadm.com |
b-code.liadm.com
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
r-ext.oferting.org
|
1 | trc.taboola.com |
cdn.taboola.com
|
1 | cdn.taboola.com |
r-ext.oferting.org
|
1 | rp4.liadm.com | |
1 | rp.liadm.com | 1 redirects |
1 | go.oferting.org | 1 redirects |
1 | pixel.ilmegliodellaweb.it | 1 redirects |
0 | i6.liadm.com Failed |
i.liadm.com
|
58 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
xtroglobal.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
r-ext.oferting.net R3 |
2023-07-03 - 2023-10-01 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.liadm.com Amazon RSA 2048 M02 |
2023-02-28 - 2024-01-30 |
a year | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-08 - 2023-12-31 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-04-13 - 2024-05-14 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
giornalemedi.com GTS CA 1P5 |
2023-08-24 - 2023-11-22 |
3 months | crt.sh |
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-30 - 2024-04-29 |
a year | crt.sh |
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2023-01-09 - 2024-02-02 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-19 - 2023-10-18 |
3 months | crt.sh |
*.pushpushgo.com DOMENY SSL DV Certification Authority |
2023-03-23 - 2024-03-21 |
a year | crt.sh |
xtro24.com R3 |
2023-08-06 - 2023-11-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/?_url=%252Fr%252Fi2Nczk8EQV-EA4n1vgZFj&utm_campaign=30556&utm_content=35863&utm_medium=17&utm_source=126&utm_sub_id=07494087301001883909745865397893l8z6dcnbh68cfhcyz1ybxb5z5w78x3do&sub_id=A9512a0648ca92202da5ff893a5fc90e3&adi=A9512a0648ca92202da5ff893a5fc90e3&adref=i2Nczk8EQV-EA4n1vgZFj&adrf=r-ext.oferting.org&adp=12839&adr=eHRyb2dsb2JhbC5jb20%3D&adnid=126
Frame ID: 5D829D382DC1F69AEF135671ADD1B15B
Requests: 53 HTTP requests in this frame
Frame:
https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01h96cvkqrpbcebfyxxn8qq8te&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 47C550E0B685A801BA73930227C83919
Requests: 5 HTTP requests in this frame
Screenshot
![](/screenshots/984c0dc9-7f51-4996-9957-32d64d20ed8a.png)
Page Title
SlimmestarPage URL History Show full URLs
-
https://pixel.ilmegliodellaweb.it/?main_url=aHR0cHM6Ly9nby5vZmVydGluZy5vcmcvMXBtWVo%3D&vars=_vextclickid%3D_%2...
HTTP 301
https://go.oferting.org/1pmYZ?main_url=aHR0cHM6Ly9nby5vZmVydGluZy5vcmcvMXBtWVo%3D&vars=_vextclickid%... HTTP 302
https://r-ext.oferting.org/r/?utm_source=slimmestar&utm_medium=sopext&utm_campaign=10018839-9745865&ori... Page URL
-
https://trac.oferting.org/of/?extclickid=_*extclickid&emn_i=873&emn_a=7494&emn_c=397893&emn_rt=0&ol=B&...
HTTP 302
https://xtroglobal.com/r/i2Nczk8EQV-EA4n1vgZFj?utm_source=126&utm_medium=17&utm_campaign=30556&utm_... HTTP 302
https://it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specch... Page URL
Detected technologies
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: News
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://pixel.ilmegliodellaweb.it/?main_url=aHR0cHM6Ly9nby5vZmVydGluZy5vcmcvMXBtWVo%3D&vars=_vextclickid%3D_%2Aextclickid
HTTP 301
https://go.oferting.org/1pmYZ?main_url=aHR0cHM6Ly9nby5vZmVydGluZy5vcmcvMXBtWVo%3D&vars=_vextclickid%3D_%2Aextclickid HTTP 302
https://r-ext.oferting.org/r/?utm_source=slimmestar&utm_medium=sopext&utm_campaign=10018839-9745865&orig=automatic&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid%26emn_i%3D873%26emn_a%3D7494%26emn_c%3D397893%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10018839-9745865%26term%3D%26emn_t%3D9745865%26ref_offer%3D10018839%26hs%3D2707667995%26go%3Dhttps%253A%252F%252Fxtroglobal.com%252Fr%252Fi2Nczk8EQV-EA4n1vgZFj%253Futm_source%253D126%2526utm_medium%253D17%2526utm_campaign%253D30556%2526utm_content%253D35863%2526utm_sub_id%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu Page URL
-
https://trac.oferting.org/of/?extclickid=_*extclickid&emn_i=873&emn_a=7494&emn_c=397893&emn_rt=0&ol=B&emn_p=&emn_cat=10018839-9745865&term=&emn_t=9745865&ref_offer=10018839&hs=2707667995&go=https%3A%2F%2Fxtroglobal.com%2Fr%2Fi2Nczk8EQV-EA4n1vgZFj%3Futm_source%3D126%26utm_medium%3D17%26utm_campaign%3D30556%26utm_content%3D35863%26utm_sub_id%3Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
HTTP 302
https://xtroglobal.com/r/i2Nczk8EQV-EA4n1vgZFj?utm_source=126&utm_medium=17&utm_campaign=30556&utm_content=35863&utm_sub_id=07494087301001883909745865397893l8z6dcnbh68cfhcyz1ybxb5z5w78x3do HTTP 302
https://it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/?_url=%252Fr%252Fi2Nczk8EQV-EA4n1vgZFj&utm_campaign=30556&utm_content=35863&utm_medium=17&utm_source=126&utm_sub_id=07494087301001883909745865397893l8z6dcnbh68cfhcyz1ybxb5z5w78x3do&sub_id=A9512a0648ca92202da5ff893a5fc90e3&adi=A9512a0648ca92202da5ff893a5fc90e3&adref=i2Nczk8EQV-EA4n1vgZFj&adrf=r-ext.oferting.org&adp=12839&adr=eHRyb2dsb2JhbC5jb20%3D&adnid=126 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://pixel.ilmegliodellaweb.it/?main_url=aHR0cHM6Ly9nby5vZmVydGluZy5vcmcvMXBtWVo%3D&vars=_vextclickid%3D_%2Aextclickid HTTP 301
- https://go.oferting.org/1pmYZ?main_url=aHR0cHM6Ly9nby5vZmVydGluZy5vcmcvMXBtWVo%3D&vars=_vextclickid%3D_%2Aextclickid HTTP 302
- https://r-ext.oferting.org/r/?utm_source=slimmestar&utm_medium=sopext&utm_campaign=10018839-9745865&orig=automatic&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid%26emn_i%3D873%26emn_a%3D7494%26emn_c%3D397893%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D10018839-9745865%26term%3D%26emn_t%3D9745865%26ref_offer%3D10018839%26hs%3D2707667995%26go%3Dhttps%253A%252F%252Fxtroglobal.com%252Fr%252Fi2Nczk8EQV-EA4n1vgZFj%253Futm_source%253D126%2526utm_medium%253D17%2526utm_campaign%253D30556%2526utm_content%253D35863%2526utm_sub_id%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
- https://rp.liadm.com/j?dtstmp=1693505671035&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01h96cvkqrpbcebfyxxn8qq8te&tna=v2.7.10&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dslimmestar%26utm_medium%3Dsopext%26utm_campaign%3D10018839-9745865%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid%2526emn_i%253D873%2526emn_a%253D7494%2526emn_c%253D397893%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10018839-9745865%2526term%253D%2526emn_t%253D9745865%2526ref_offer%253D10018839%2526hs%253D2707667995%2526go%253Dhttps%25253A%25252F%25252Fxtroglobal.com%25252Fr%25252Fi2Nczk8EQV-EA4n1vgZFj%25253Futm_source%25253D126%252526utm_medium%25253D17%252526utm_campaign%25253D30556%252526utm_content%25253D35863%252526utm_sub_id%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gU2xpbW1lc3RhcidzIHdlYnNpdGU8L3RpdGxlPg HTTP 302
- https://rp4.liadm.com/j?dtstmp=1693505671035&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01h96cvkqrpbcebfyxxn8qq8te&tna=v2.7.10&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dslimmestar%26utm_medium%3Dsopext%26utm_campaign%3D10018839-9745865%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_%2Aextclickid%2526emn_i%253D873%2526emn_a%253D7494%2526emn_c%253D397893%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10018839-9745865%2526term%253D%2526emn_t%253D9745865%2526ref_offer%253D10018839%2526hs%253D2707667995%2526go%253Dhttps%25253A%25252F%25252Fxtroglobal.com%25252Fr%25252Fi2Nczk8EQV-EA4n1vgZFj%25253Futm_source%25253D126%252526utm_medium%25253D17%252526utm_campaign%25253D30556%252526utm_content%25253D35863%252526utm_sub_id%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gU2xpbW1lc3RhcidzIHdlYnNpdGU8L3RpdGxlPg&i6=MjAwMTphYzg6MjQ6NDQ6OjEz&n3pc=true
58 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
r-ext.oferting.org/r/ Redirect Chain
|
35 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
222 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a-00xy.min.js
b-code.liadm.com/ |
44 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preload.gif
r-ext.oferting.org/images/ |
18 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
r-ext.oferting.org/js/ |
85 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
214 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
114 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync-container.js
b-code.liadm.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
222 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 256 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j
rp4.liadm.com/ Redirect Chain
|
13 B 552 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1192092/ |
63 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
trc.taboola.com/1192092/trc/3/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-rum.3709cb75-1.238.0.min.js
js-agent.newrelic.com/ |
43 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
801818eb79
bam.nr-data.net/1/ |
40 B 467 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a-00xy
i.liadm.com/s/c/ Frame 47C5 |
914 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/ Redirect Chain
|
33 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img
sync.mathtag.com/sync/ Frame 47C5 |
43 B 443 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 47C5 |
0 187 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usersync.aspx
dis.criteo.com/dis/ Frame 47C5 |
43 B 363 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
a-00xy
i6.liadm.com/s/c/ Frame 47C5 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1192092/log/3/ |
0 249 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
region1.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
801818eb79
bam.nr-data.net/events/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
801818eb79
bam.nr-data.net/jserrors/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62e7f0ea883c3c562f79bbcb.js
s-eu-1.pushpushgo.com/js/ |
79 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_clp_bdfb3db0addf94eca7ce7541e0703c05.js
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/ |
215 B 508 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.5ada9560da7691ff1bbe.bundle.js
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.59a05077560e7e1c1d0d.min.css
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
xtro24.com/ |
59 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
event.php
it.giornalemedi.com/ |
32 B 448 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
278968ab91f5098ca513278968ab91f5098ca5130e9bc962a8cb.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b6af445cb1fc01982d6ab6af445cb1fc01982d6a1362946bdc36.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
887 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dfdf821096bfce3d1e10dfdf821096bfce3d1e10a8efd23d2e51.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2fe2e7e43c35fc66103b2fe2e7e43c35fc66103b475f6ac5da4d.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b1ba6e3a71aaa36e5ad6b1ba6e3a71aaa36e5ad62e7fec8fa14b.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
142 KB 143 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ec607593246af5463bdaec607593246af5463bda67d99e00b0c3.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
114 KB 114 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
42f139885850fb10d8a242f139885850fb10d8a2db688f59544b.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5a8f2156adc86589384a5a8f2156adc86589384a22ba9f8ffb00.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
214edc8fa42fccfd1b4a214edc8fa42fccfd1b4a04951652a296.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e262f1cb796e5749d07be262f1cb796e5749d07b16fcc45f485f.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cc243731efcc433e7a41cc243731efcc433e7a41507b35975be0.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f532da0e920e863e7dd0f532da0e920e863e7dd07bd400d6e760.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d3683504ba2c26f3115ad3683504ba2c26f3115a7d2d5855d116.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7a279b9d3e3b39950ce2533a768453935edae3bf690b6745daab.png
it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sentry.js
s-eu-1.pushpushgo.com/scripts/64a58d33c585b9d43753972c/ |
70 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin-push.js
s-eu-1.pushpushgo.com/scripts/64a58d33c585b9d43753972c/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin-beacon.js
s-eu-1.pushpushgo.com/scripts/64a58d33c585b9d43753972c/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm
xtro24.com/ |
336 B 536 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
120 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
180 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
218 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- i6.liadm.com
- URL
- https://i6.liadm.com/s/c/a-00xy?duid=0d3d1fb3a190--01h96cvkqrpbcebfyxxn8qq8te&ls=true&monitorExternalSyncs=false&cim=&ps=true&ci=0&ppid=0&s=&euns=0&nosync=false&version=sc-v0.2.0
- Domain
- region1.google-analytics.com
- URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-B5QPSJDJ8N>m=45je38u0&_p=597134105&cid=391288244.1693505671&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1693505671&sct=1&seg=0&dl=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dslimmestar%26utm_medium%3Dsopext%26utm_campaign%3D10018839-9745865%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid%2526emn_i%253D873%2526emn_a%253D7494%2526emn_c%253D397893%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D10018839-9745865%2526term%253D%2526emn_t%253D9745865%2526ref_offer%253D10018839%2526hs%253D2707667995%2526go%253Dhttps%25253A%25252F%25252Fxtroglobal.com%25252Fr%25252Fi2Nczk8EQV-EA4n1vgZFj%25253Futm_source%25253D126%252526utm_medium%25253D17%252526utm_campaign%25253D30556%252526utm_content%25253D35863%252526utm_sub_id%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&dt=World%20--%20we%20are%20redirecting%20you%20to%20Slimmestar%27s%20website&_s=2
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/events/1/801818eb79?a=193777088&v=1.238.0&to=b1BbMUZZDxBTAkFYWlYaeAZAUQ4NHQBFQWpKUF0MRl0CFw%3D%3D&rst=3162&ck=0&s=a73aa73eaf27cff0&ref=https://r-ext.oferting.org/r/
- Domain
- bam.nr-data.net
- URL
- https://bam.nr-data.net/jserrors/1/801818eb79?a=193777088&v=1.238.0&to=b1BbMUZZDxBTAkFYWlYaeAZAUQ4NHQBFQWpKUF0MRl0CFw%3D%3D&rst=3163&ck=0&s=a73aa73eaf27cff0&ref=https://r-ext.oferting.org/r/
- Domain
- it.giornalemedi.com
- URL
- https://it.giornalemedi.com/article/weightloss_it/ancora-un-mese-fa-non-riusciva-a-guardarsi-allo-specchio/img/42f139885850fb10d8a242f139885850fb10d8a2db688f59544b.png
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| getQueryString function| sendCLPEvent function| formEvents string| IntredoAnalyticsObject function| xtro object| ppg function| __cdnJSPath function| webpackJsonpppg__name_ object| __SENTRY__ boolean| xtroInitialized object| dataLayer object| dataLayer_xtro object| google_tag_manager object| google_tag_data function| gtag string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
trac.oferting.org/of | Name: emntkgidentifiant Value: l8z6dcnbh68cfhcyz1ybxb5z5w78x3do |
|
trac.oferting.org/of | Name: emntkgidentifiant_cpl Value: l8z6dcnbh68cfhcyz1ybxb5z5w78x3do |
|
trac.oferting.org/of | Name: emntkgidentifiant_cpv Value: l8z6dcnbh68cfhcyz1ybxb5z5w78x3do |
|
trac.oferting.org/of | Name: emntkg_f70852389580fee310e2dcb33b27bfca Value: 7494%7C397893%7C873%7C0%7C |
|
trac.oferting.org/of | Name: emntkg_cpl_f70852389580fee310e2dcb33b27bfca Value: 7494%7C397893%7C873%7C0%7C |
|
trac.oferting.org/of | Name: emntkg_cpv_f70852389580fee310e2dcb33b27bfca Value: 7494%7C397893%7C873%7C0%7C |
|
r-ext.oferting.org/r | Name: _liChk Value: 0.9236234320624555 |
|
i.liadm.com/s | Name: _li_ss Value: CiEKBQgGEPQVCgUICRD0FQoGCN0BEPQVCgkI_____wcQ_hU |
|
.oferting.org/ | Name: _li_dcdm_c Value: .oferting.org |
|
.oferting.org/ | Name: _lc2_fpi Value: 0d3d1fb3a190--01h96cvkqrpbcebfyxxn8qq8te |
|
.oferting.org/ | Name: _ga Value: GA1.1.391288244.1693505671 |
|
.liadm.com/ | Name: lidid Value: 19153921-c643-4724-8baa-623d71938f0e |
|
xtroglobal.com/ | Name: adi Value: A9512a0648ca92202da5ff893a5fc90e3 |
|
xtroglobal.com/ | Name: adi-legacy Value: A9512a0648ca92202da5ff893a5fc90e3 |
|
.oferting.org/ | Name: _ga_B5QPSJDJ8N Value: GS1.1.1693505671.1.0.1693505672.0.0.0 |
|
it.giornalemedi.com/ | Name: adserver_data Value: {%22adi%22:%22A9512a0648ca92202da5ff893a5fc90e3%22%2C%22adref%22:%22i2Nczk8EQV-EA4n1vgZFj%22%2C%22adp%22:%2212839%22} |
|
.giornalemedi.com/ | Name: _gid Value: GA1.2.1214340101.1693505674 |
|
.giornalemedi.com/ | Name: _gat_gtag_UA_169027420_21 Value: 1 |
|
.giornalemedi.com/ | Name: _ga_XV7ZBP7D1N Value: GS1.1.1693505673.1.0.1693505673.0.0.0 |
|
.giornalemedi.com/ | Name: _ga Value: GA1.1.1006996831.1693505674 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b-code.liadm.com
bam.nr-data.net
cdn.taboola.com
dis.criteo.com
go.oferting.org
i.liadm.com
i6.liadm.com
it.giornalemedi.com
js-agent.newrelic.com
pixel-sync.sitescout.com
pixel.ilmegliodellaweb.it
r-ext.oferting.org
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s-eu-1.pushpushgo.com
sync.mathtag.com
trac.oferting.org
trc-events.taboola.com
trc.taboola.com
www.google-analytics.com
www.googletagmanager.com
xtro24.com
xtroglobal.com
bam.nr-data.net
i6.liadm.com
it.giornalemedi.com
region1.google-analytics.com
141.226.228.48
151.101.129.44
151.101.194.137
162.247.241.14
178.250.7.11
18.213.131.114
185.29.134.248
2001:4860:4802:32::36
2600:1f18:730:b120:36ce:d863:4d84:6a38
2600:9000:225e:ea00:8:8845:1500:93a1
2a00:1450:4001:80e::2008
2a00:1450:4001:82f::200e
2a00:b6e0:1:20:13::1
2a06:98c1:3120::3
2a06:98c1:3121::3
44.205.159.6
51.178.244.69
51.83.214.237
54.246.109.21
54.246.129.40
98.98.134.243
154eb1fe58c7334c3fd967231fae66b94e37684791495e6eed3fc41472fedcce
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2143e3d7e3cf408b7b620d029562a3fa39972642d9ec14203da88f3a3c6d1924
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
36caf74190f53acc779fbc765db54dd7762a3506306fe16c0d7d516b28ac7784
4402497007c4fa241343602003a8eb68cba285bfe31c76129672c78b40cda1a6
498fed317e8a1a61ff36d3c2a052ef9e9f57e629bc50f8975d3168de58ad0732
506c52a0b3e6a6adf05e981dbe8249234910d3c06e985eeeb64d7584622d2d4d
567c016abd258a4b856b6f8f8a4eff5026756e7a6c7999c6b91996224cb8a560
57fdc663553b82cd6e6d491ba9ee695169de5de1181b3af6b8665ca8f40ef9d2
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
626b55eec0c819bcc0e797faccf7393babe486645f1860673218e9aaa0697f4b
66e94fb5f2c7088b0f9933506525cfc6d63369bd3acfeb104865b3601ba3b4fb
672e93e0450f3497828de8f642c213663a75a17ce13be5d4371a03ac2b53b9ee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9962dc76fb37f24a1b800a0f78231993b0322d1355d28fd5860402e900ed5f
6d75cc2ce0e67b80b892b326bb780d5b296f23abf441cd9a6e377c2004e29a91
742ef7836513d8cd45951729fac18e491ced683021bd01e782a1c002155696fb
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
8005a0d5b6ba94a51c89e1655dbec2579fd7ec7f9f26924d9abb809a6fe8bb4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
901e2edc6a0661925af1bba62c44ccecabffc7af44da7d8c6e284bc8d21c80d3
9202d96116bf3c896553645cca0c0b8108d5511afd12f448d13a6acdde6af2eb
9e418c06d1dd64aa2f117958dba447d8a2047c21653d3d209ea307a541f9edd5
a28cf0f41a0a0e5403b50f46b7d67308a63024d3f5a13e42cc779ea3758d0e47
a2a91622041d96bf7ca1422f44ed5b895331cde8003f30dcb7d2a95e50bdf0d3
ab942b3268da396a49c99ef2350a6a8e42eaeb328b778d31f5e2d7c3b26bfb70
ac34a4a743de553738c95f9ca52e4ae83878f1e4e4eca9fd5ae3b52a93e477f0
ae8c55c04ada1b2b7b674afdefaba68373962a1c4531e3d893426583010bf9cb
aebf1a581a7bb90f4d5b9adca37b514d39e39f1382e7247012d24eed4a378b44
b1ee78067be71d64a71888bd6fd30555f22b31e490a568e784fa5b6ab4328ad1
b5ba5995a4fc0be8ac76aaf24a14f1272c035f3f88af8fa59f406de08ee9d268
b646f15717493e773cf6d5972aa6aa2bd072bd967089b0399155ab9a115a789a
b78f3ce2ea817d5204e1e66d57fe8bd4b351589deeb0aed79cd53795cc9439dc
bcc8b7786574e6c6d9af5b07988661f58c7ae9c922761560fb1acf84a8995e11
ca42ce7d44d6b97cb55f6490ce0e3863f46dbe74463d278f8889e737cccd3c84
cbb3bf495c22e4c18b1fea72b432881053ba5e0a8c3ae85d69a8ec01065535b8
d6335481e502e8ff24127772a7b6e1fae92885d1843fe80e3ae4c7495a556814
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edcd53f483e2ce53e0076c3f3a4ee99375d227d9aabc9960a69b7fec4fe98741
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2fddba4af065eac1f09e1ede74ff5334a478e4c7b526ffddeffa65f42b31f23
f4ac3b46ed3a6e539534fbf61e7e8350adc617a40a51a5847e9743c1109db787
f94d440fd806c5f125db82e6f2cec23b98fc2903f8486b9dd5a112e0a1f5c39a