urlscan.io logo urlscan.io
SecurityTrails logo

newsalmubasher.com Open in urlscan Pro
2606:4700:30::681b:b5b2  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Submission: On July 25 via manual from SA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 2606:4700:30::681b:b5b2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is newsalmubasher.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 16th 2019. Valid for: a year.
This is the only time newsalmubasher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 205.185.208.52 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 8
10    2606:4700:30::681b:b5b2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
newsalmubasher.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2606:4700:30::6812:37ce (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
geolocly.com
5    2606:4700:20::6818:c4f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
code.tidio.co
widget-v4.tidiochat.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
10 newsalmubasher.com newsalmubasher.com
4 widget-v4.tidiochat.com 1 redirects widget-v4.tidiochat.com
2 fonts.gstatic.com widget-v4.tidiochat.com
2 www.google-analytics.com www.googletagmanager.com
newsalmubasher.com
1 fonts.googleapis.com widget-v4.tidiochat.com
1 code.tidio.co 1 redirects
1 geolocly.com code.jquery.com
1 code.jquery.com newsalmubasher.com
1 www.googletagmanager.com newsalmubasher.com
21 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-07-16 -
2020-07-15		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
ssl387611.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-10 -
2019-10-17		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Frame ID: 06842E7AE76951988A8516FC90233220
Requests: 16 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Frame ID: D800AAE5B7588B190F32AB3CD274317C
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,600
Frame ID: A86449E66FC72B7C4FA157B60E6E50B2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

21
Requests

100 %
HTTPS

88 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

542 kB
Transfer

1457 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://code.tidio.co/mxs3gvuya9wscl373ouc7k0nyu7bicpr.js HTTP 302
  • https://widget-v4.tidiochat.com/mxs3gvuya9wscl373ouc7k0nyu7bicpr.js HTTP 302
  • https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsalmubasher.com/3557/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3d25b57e505dba378ec47d5dcae1d7189fb9536af124125e34625ea7d80df3

Request headers

:method
GET
:authority
newsalmubasher.com
:scheme
https
:path
/3557/?SMS-Nyoum-T8-NAM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
date
Thu, 25 Jul 2019 06:40:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de06ecfb6197d9eeee32bf0faca2b66a71564036847; expires=Fri, 24-Jul-20 06:40:47 GMT; path=/; domain=.newsalmubasher.com; HttpOnly; Secure
link
<https://newsalmubasher.com/wp-json/>; rel="https://api.w.org/", <https://newsalmubasher.com/?p=3557>; rel=shortlink
vary
X-Forwarded-Proto,Accept-Encoding
referrer-policy
no-referrer-when-downgrade
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4fbc24f7a87ddff7-FRA
content-encoding
br
9cd0e.css
newsalmubasher.com/wp-content/cache/minify/ 		61 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/cache/minify/9cd0e.css
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
773f3d9f81df62aba80e9feefaac0e51a4ec051550de87fbe31dd143a9b33e6a

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
content-encoding
br
cf-cache-status
HIT
age
341846
cf-polished
origSize=62933
status
200
cf-bgj
minify
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jul 2019 07:48:02 GMT
server
cloudflare
etag
W/"2ad5-58e03f2301601"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31363480
cf-ray
4fbc24fa4b6ddff7-FRA
expires
Wed, 22 Jul 2020 06:45:27 GMT
df983.js
newsalmubasher.com/wp-content/cache/minify/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/cache/minify/df983.js
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a769481dfbf7877ea57644f87e606d49b9cc0b33a2d77e99d47b8dcbdb7cbe1

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
content-encoding
br
cf-cache-status
HIT
age
341847
cf-polished
origSize=106927
status
200
cf-bgj
minify
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jul 2019 07:48:02 GMT
server
cloudflare
etag
W/"9121-58e03f230ba14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31363481
cf-ray
4fbc24fa4b6edff7-FRA
expires
Wed, 22 Jul 2020 06:45:28 GMT
js
www.googletagmanager.com/gtag/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131354453-3
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f97dd3aef87ac908cbe043bf2dff6fedb7233c4a562add297cfd3b97ccb84342
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
content-encoding
br
last-modified
Thu, 25 Jul 2019 06:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
26365
x-xss-protection
0
expires
Thu, 25 Jul 2019 06:40:47 GMT
almubasher-logo5.svg
newsalmubasher.com/wp-content/themes/eqtsad/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsalmubasher.com/wp-content/themes/eqtsad/images/almubasher-logo5.svg
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0006822c745633c1e4f1e506c6df6b40bb806335fa92e129cd8d24fff9b6b42a

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
server
cloudflare
age
341846
etag
W/"c36-58ae83c2a3c80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=31536000
cf-ray
4fbc24fa4b6fdff7-FRA
expires
Fri, 24 Jul 2020 06:40:47 GMT
40230.jpg
newsalmubasher.com/wp-content/uploads/2019/07/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsalmubasher.com/wp-content/uploads/2019/07/40230.jpg
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
512804db1d4573ae8fb7feb7709f65eac3ca0c7d927fe92eb847811df3fc1011

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
cf-cache-status
HIT
age
341846
status
200
content-length
74500
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jul 2019 09:47:32 GMT
server
cloudflare
etag
"12304-58db526235500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
4fbc24fa9bcedff7-FRA
expires
Fri, 24 Jul 2020 06:40:47 GMT
3f294.js
newsalmubasher.com/wp-content/cache/minify/ 		888 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/cache/minify/3f294.js
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4896dff81755ed7a52fdb10152b5f97c827f2f0d40bd37e35034acb042f8109f

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
content-encoding
br
cf-cache-status
HIT
age
341845
status
200
last-modified
Fri, 19 Jul 2019 07:48:02 GMT
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
server
cloudflare
etag
W/"1b3-58e03f23096eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31363480
cf-ray
4fbc24fa6b8adff7-FRA
expires
Wed, 22 Jul 2020 06:45:27 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Thu, 25 Jul 2019 06:40:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-14e4a"
Vary
Accept-Encoding
X-HW
1564036847.dop035.fr8.shc,1564036847.dop035.fr8.t,1564036847.cds035.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29811
d5404.js
newsalmubasher.com/wp-content/cache/minify/ 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/cache/minify/d5404.js
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c512771353d695b68c419ebd2fe4064f668d607b6a6be3d07bcd361204354e1

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
content-encoding
br
cf-cache-status
HIT
age
1377
cf-polished
origSize=71893
status
200
cf-bgj
minify
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jul 2019 09:09:56 GMT
server
cloudflare
etag
W/"523c-58e558e7486b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31373526
cf-ray
4fbc24fa9bcddff7-FRA
expires
Wed, 22 Jul 2020 09:32:53 GMT
eqtsad-regular.woff
newsalmubasher.com/wp-content/themes/eqtsad/css/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/themes/eqtsad/css/fonts/eqtsad-regular.woff
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecfede779ce0f2ea0ca054cdf779c252079bfad44b26d6f4e38078789b1612f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://newsalmubasher.com/wp-content/cache/minify/9cd0e.css
Origin
https://newsalmubasher.com

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
server
cloudflare
age
341846
etag
W/"8084-583bcf2abf800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/font-woff
status
200
cache-control
public, max-age=31536000
cf-ray
4fbc24fa9bd1dff7-FRA
expires
Fri, 24 Jul 2020 06:40:47 GMT
eqtsad-bold.woff
newsalmubasher.com/wp-content/themes/eqtsad/css/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsalmubasher.com/wp-content/themes/eqtsad/css/fonts/eqtsad-bold.woff
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8173d15688083c9cdcf4d4737977d580e28f749cf04ad035a216b781ecf3eb48

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://newsalmubasher.com/wp-content/cache/minify/9cd0e.css
Origin
https://newsalmubasher.com

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
server
cloudflare
age
1377
etag
W/"7c5c-583bcf2abf800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/font-woff
status
200
cache-control
public, max-age=31536000
cf-ray
4fbc24faabd5dff7-FRA
expires
Fri, 24 Jul 2020 06:40:47 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131354453-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
6819
date
Thu, 25 Jul 2019 04:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Thu, 25 Jul 2019 06:47:08 GMT
collect
www.google-analytics.com/r/ 		35 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=485278910&t=pageview&_s=1&dl=https%3A%2F%2Fnewsalmubasher.com%2F3557%2F%3FSMS-Nyoum-T8-NAM&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%7C%20%D8%B1%D8%A6%D9%8A%D8%B3%20%D9%85%D8%B4%D8%B1%D9%88%D8%B9%20%E2%80%9C%D9%86%D9%8A%D9%88%D9%85%E2%80%9D%3A%20%E2%80%9C%D9%88%D9%84%D9%8A%20%D8%A7%D9%84%D8%B9%D9%87%D8%AF%E2%80%9D%20%D9%88%D8%AC%D9%87%20%D8%A8%D8%A5%D8%B9%D8%AF%D8%A7%D8%AF%20%D9%84%D9%88%D8%A7%D8%A6%D8%AD%20%D9%85%D9%84%D8%A7%D8%A6%D9%85%D8%A9%20%D9%84%D9%84%D8%A7%D8%B3%D8%AA%D8%AB%D9%85%D8%A7%D8%B1%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%85%D8%B4%D8%B1%D9%88%D8%B9&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=961733418&gjid=1290158546&cid=2044015812.1564036848&tid=UA-131354453-3&_gid=974794751.1564036848&_r=1&gtm=2ou7i2&z=422400854
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jul 2019 06:40:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
getip.php
geolocly.com//geoservice/ 		90 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocly.com//geoservice/getip.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:37ce , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.2.17
Resource Hash
c957bb0df4d3a6f3b8f49a685aa5026814e12aefe9edc50f6504ef577fa43355

Request headers

Accept
*/*
Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
Origin
https://newsalmubasher.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:48 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
server
cloudflare
status
200
x-powered-by
PHP/7.2.17
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
4fbc24fb8cb7c2f4-FRA
access-control-allow-headers
X-Requested-With
expires
Fri, 24 Jul 2020 06:40:47 GMT
flags.png
newsalmubasher.com/wp-content/themes/eqtsad/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsalmubasher.com/wp-content/themes/eqtsad/images/flags.png
Requested by
Host: newsalmubasher.com
URL: https://newsalmubasher.com/wp-content/cache/minify/df983.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5b2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
288a4fe8808a7fc985e7945ba529bf23b7bb4388adc5be1c9eaa75d6e64cd391

Request headers

Referer
https://newsalmubasher.com/wp-content/cache/minify/9cd0e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:47 GMT
cf-cache-status
HIT
age
1356
status
200
content-length
32291
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2019 12:53:52 GMT
server
cloudflare
etag
"7e23-583bcf2abf800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
4fbc24fb3c5ddff7-FRA
expires
Fri, 24 Jul 2020 06:40:47 GMT
render.b21bd57fa5355f13bfb3.js
widget-v4.tidiochat.com/1_12_1/static/js/
Redirect Chain
  • https://code.tidio.co/mxs3gvuya9wscl373ouc7k0nyu7bicpr.js
  • https://widget-v4.tidiochat.com/mxs3gvuya9wscl373ouc7k0nyu7bicpr.js
  • https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6818:c4f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
832f52a29d0b6f280d5ce740a44a3e6389e0d5e910ca3933b826bd80351fb936

Request headers

Referer
https://newsalmubasher.com/3557/?SMS-Nyoum-T8-NAM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2019 08:50:04 GMT
server
cloudflare
age
1381
etag
W/"5d24553c-15b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=691200
cf-ray
4fbc24ffdd4dbef6-FRA
expires
Fri, 02 Aug 2019 06:40:48 GMT

Redirect headers

date
Thu, 25 Jul 2019 06:40:48 GMT
cf-cache-status
MISS
server
cloudflare
location
https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
302
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
4fbc24fc9bcdbef6-FRA
widget.b21bd57fa5355f13bfb3.js
widget-v4.tidiochat.com//1_12_1/static/js/ Frame D800 		803 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com/1_12_1/static/js/render.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6818:c4f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe55c985114a682764f57172d48019f1b0ca348d3afbe574e9c5c9a8654b1842

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date
Thu, 25 Jul 2019 06:40:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2019 08:53:38 GMT
server
cloudflare
age
1381
etag
W/"5d245612-c8ddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=691200
cf-ray
4fbc24fffd52bef6-FRA
expires
Fri, 02 Aug 2019 06:40:48 GMT
tururu.mp3
widget-v4.tidiochat.com// Frame D800 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6818:c4f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Range
bytes=0-
Accept-Encoding
identity;q=1, *;q=0

Response headers

date
Thu, 25 Jul 2019 06:40:48 GMT
cf-cache-status
HIT
age
1191362
status
206
Content-Length
7224
pragma
public
Content-Range
bytes 0-7223/7224
last-modified
Tue, 09 Jul 2019 08:53:38 GMT
server
cloudflare
etag
"5d245612-1c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
4fbc2500bdafbef6-FRA
expires
Fri, 24 Jul 2020 06:40:48 GMT
css
fonts.googleapis.com/ Frame A864 		2 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7127862fbadbd0ca8a5bd8311f8e49cf516d39fc79da0b443d94f88afd438d24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 25 Jul 2019 06:40:49 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 25 Jul 2019 06:40:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 25 Jul 2019 06:40:49 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v16/ Frame A864 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Muli:400,600
Origin
https://newsalmubasher.com

Response headers

date
Mon, 22 Jul 2019 19:37:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:05 GMT
server
sffe
age
212579
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11528
x-xss-protection
0
expires
Tue, 21 Jul 2020 19:37:50 GMT
7Au_p_0qiz-ade3iOCX2z24PMFk.woff2
fonts.gstatic.com/s/muli/v16/ Frame A864 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au_p_0qiz-ade3iOCX2z24PMFk.woff2
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_12_1/static/js/widget.b21bd57fa5355f13bfb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bbf725af901c16b2cae1d7975ef1d333a8ccccf2bea304aa738ff26640b42d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Muli:400,600
Origin
https://newsalmubasher.com

Response headers

date
Mon, 22 Jul 2019 19:45:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:52 GMT
server
sffe
age
212151
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11552
x-xss-protection
0
expires
Tue, 21 Jul 2020 19:45:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| gtag object| dataLayer object| uwrData function| readyDOM function| debounce object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| startTimer object| countryData object| input object| addressDropdown object| iti object| country object| optionNode object| textNode object| intlTelInputGlobals function| intlTelInput object| wp object| SENTRY_RELEASE object| tidioChatApi

4 Cookies

Domain/Path Name / Value
.newsalmubasher.com/ Name: _gat_gtag_UA_131354453_3
Value: 1
.newsalmubasher.com/ Name: _gid
Value: GA1.2.974794751.1564036848
.newsalmubasher.com/ Name: _ga
Value: GA1.2.2044015812.1564036848
.newsalmubasher.com/ Name: __cfduid
Value: de06ecfb6197d9eeee32bf0faca2b66a71564036847

3 Console Messages

Source Level URL
Text
console-api log URL: https://newsalmubasher.com/wp-content/cache/minify/df983.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://newsalmubasher.com/wp-content/cache/minify/3f294.js(Line 2)
Message:
[object Object]
console-api log URL: https://newsalmubasher.com/wp-content/cache/minify/3f294.js(Line 2)
Message:
API: debugger is disable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
geolocly.com
newsalmubasher.com
widget-v4.tidiochat.com
www.google-analytics.com
www.googletagmanager.com
205.185.208.52
2606:4700:20::6818:c4f
2606:4700:30::6812:37ce
2606:4700:30::681b:b5b2
2a00:1450:4001:814::2003
2a00:1450:4001:816::200e
2a00:1450:4001:817::2008
2a00:1450:4001:820::200a
0006822c745633c1e4f1e506c6df6b40bb806335fa92e129cd8d24fff9b6b42a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ecfede779ce0f2ea0ca054cdf779c252079bfad44b26d6f4e38078789b1612f
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1a769481dfbf7877ea57644f87e606d49b9cc0b33a2d77e99d47b8dcbdb7cbe1
288a4fe8808a7fc985e7945ba529bf23b7bb4388adc5be1c9eaa75d6e64cd391
4896dff81755ed7a52fdb10152b5f97c827f2f0d40bd37e35034acb042f8109f
4c512771353d695b68c419ebd2fe4064f668d607b6a6be3d07bcd361204354e1
512804db1d4573ae8fb7feb7709f65eac3ca0c7d927fe92eb847811df3fc1011
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
7127862fbadbd0ca8a5bd8311f8e49cf516d39fc79da0b443d94f88afd438d24
773f3d9f81df62aba80e9feefaac0e51a4ec051550de87fbe31dd143a9b33e6a
8173d15688083c9cdcf4d4737977d580e28f749cf04ad035a216b781ecf3eb48
832f52a29d0b6f280d5ce740a44a3e6389e0d5e910ca3933b826bd80351fb936
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d3d25b57e505dba378ec47d5dcae1d7189fb9536af124125e34625ea7d80df3
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
bbf725af901c16b2cae1d7975ef1d333a8ccccf2bea304aa738ff26640b42d30
c957bb0df4d3a6f3b8f49a685aa5026814e12aefe9edc50f6504ef577fa43355
f97dd3aef87ac908cbe043bf2dff6fedb7233c4a562add297cfd3b97ccb84342
fe55c985114a682764f57172d48019f1b0ca348d3afbe574e9c5c9a8654b1842