get.steamrefund.com
Open in
urlscan Pro
2606:4700:20::681a:93
Public Scan
Submission: On September 29 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on August 13th 2023. Valid for: 3 months.
This is the only time get.steamrefund.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-30.fra2.r.cloudfront.net
builder-assets.unbounce.com |
ASN16509 (AMAZON-02, US)
d1wbjksx0xxdn3.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-12.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-67.fra60.r.cloudfront.net
fonts.ub-assets.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-93-137.compute-1.amazonaws.com
events.ub-analytics.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-249.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com
amplify.outbrain.com | |
wave.outbrain.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
cloudfront.net
d1wbjksx0xxdn3.cloudfront.net d9hhrg4mnvzow.cloudfront.net |
151 KB |
6 |
adroll.com
1 redirects
s.adroll.com — Cisco Umbrella Rank: 4552 d.adroll.com — Cisco Umbrella Rank: 2238 |
89 KB |
5 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 875 |
138 KB |
5 |
ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 42241 |
41 KB |
4 |
snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 955 |
750 B |
4 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878 www.google-analytics.com — Cisco Umbrella Rank: 96 |
21 KB |
4 |
outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 4075 tr.outbrain.com — Cisco Umbrella Rank: 3583 wave.outbrain.com — Cisco Umbrella Rank: 4002 |
8 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111 |
302 KB |
4 |
steamrefund.com
1 redirects
get.steamrefund.com gtm.steamrefund.com Failed |
16 KB |
3 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262 trc.taboola.com — Cisco Umbrella Rank: 907 trc-events.taboola.com — Cisco Umbrella Rank: 2331 |
22 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229 |
87 KB |
2 |
ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 46256 |
233 B |
2 |
unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 38350 |
37 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 109 |
185 B |
1 |
reddit.com
alb.reddit.com — Cisco Umbrella Rank: 2076 |
637 B |
1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1065 |
726 B |
1 |
t.co
t.co — Cisco Umbrella Rank: 707 |
376 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 3974 |
455 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 11 |
455 B |
1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1078 |
15 KB |
1 |
sc-static.net
sc-static.net — Cisco Umbrella Rank: 1100 |
17 KB |
1 |
stape.io
cdn.stape.io — Cisco Umbrella Rank: 72534 |
6 KB |
1 |
redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1759 |
8 KB |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 |
2 KB |
77 | 24 |
Domain | Requested by | |
---|---|---|
19 | d9hhrg4mnvzow.cloudfront.net |
get.steamrefund.com
|
5 | s.adroll.com |
1 redirects
get.steamrefund.com
s.adroll.com |
5 | analytics.tiktok.com |
get.steamrefund.com
analytics.tiktok.com |
5 | fonts.ub-assets.com |
builder-assets.unbounce.com
fonts.ub-assets.com |
4 | tr.snapchat.com |
sc-static.net
|
4 | www.googletagmanager.com |
get.steamrefund.com
www.googletagmanager.com |
4 | get.steamrefund.com |
1 redirects
get.steamrefund.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com get.steamrefund.com |
2 | tr.outbrain.com |
amplify.outbrain.com
|
2 | connect.facebook.net |
get.steamrefund.com
connect.facebook.net |
2 | events.ub-analytics.com |
d1wbjksx0xxdn3.cloudfront.net
|
2 | builder-assets.unbounce.com |
get.steamrefund.com
|
1 | trc-events.taboola.com |
cdn.taboola.com
|
1 | www.facebook.com |
get.steamrefund.com
|
1 | d.adroll.com |
s.adroll.com
|
1 | trc.taboola.com |
cdn.taboola.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | alb.reddit.com |
get.steamrefund.com
|
1 | wave.outbrain.com |
amplify.outbrain.com
|
1 | analytics.twitter.com |
get.steamrefund.com
|
1 | t.co |
get.steamrefund.com
|
1 | www.google.de |
get.steamrefund.com
|
1 | www.google.com |
get.steamrefund.com
|
1 | amplify.outbrain.com |
get.steamrefund.com
|
1 | static.ads-twitter.com |
get.steamrefund.com
|
1 | sc-static.net |
get.steamrefund.com
|
1 | cdn.stape.io |
www.googletagmanager.com
|
1 | cdn.taboola.com |
www.googletagmanager.com
|
1 | www.redditstatic.com |
www.googletagmanager.com
|
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | d1wbjksx0xxdn3.cloudfront.net |
get.steamrefund.com
|
0 | gtm.steamrefund.com Failed |
cdn.stape.io
|
77 | 32 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
steamrefund.com GTS CA 1P5 |
2023-08-13 - 2023-11-11 |
3 months | crt.sh |
*.unbounce.com Amazon RSA 2048 M01 |
2023-02-21 - 2024-02-07 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
fonts.ub-assets.com Amazon RSA 2048 M02 |
2023-06-01 - 2024-06-29 |
a year | crt.sh |
*.ub-analytics.com Amazon RSA 2048 M01 |
2023-03-11 - 2024-04-08 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-08-25 - 2024-02-21 |
6 months | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-08 - 2023-12-31 |
a year | crt.sh |
stape.io Cloudflare Inc ECC CA-3 |
2023-05-03 - 2024-05-02 |
a year | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
sc-static.net Amazon RSA 2048 M02 |
2023-01-20 - 2024-02-18 |
a year | crt.sh |
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-21 - 2024-07-19 |
a year | crt.sh |
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-09 - 2024-02-11 |
a year | crt.sh |
s.adroll.com Amazon RSA 2048 M01 |
2023-06-03 - 2024-07-01 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-07-08 - 2023-10-06 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-01 - 2024-02-28 |
6 months | crt.sh |
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-04-13 - 2024-04-12 |
a year | crt.sh |
d.adroll.com Amazon RSA 2048 M01 |
2022-11-08 - 2023-12-07 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://get.steamrefund.com/
Frame ID: 0E0FF9432BCE34BC0516FB8EA2D643B7
Requests: 73 HTTP requests in this frame
Frame:
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 3900756CBF26554D16245C93EBF5B1FB
Requests: 2 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=24e37a8f-f4eb-4696-9614-ea3c9fc10b69&u_sclid=01ca191b-b0b3-464c-8889-dded32852270
Frame ID: CA46613540F4C0450DE5354CF3A31F65
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
AdRoll (Advertising Networks) ExpandDetected patterns
- (?:a|s)\.adroll\.com
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
- https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
get.steamrefund.com/ |
91 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
d1wbjksx0xxdn3.cloudfront.net/lts/ |
43 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bundle-b8bce47.z.js
builder-assets.unbounce.com/published-js/ |
104 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
249 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a2e9656d-clock-1-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
346 B 769 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fac8add4-image-2-1_100000006v01o005000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f0c35cff-image-97_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a9be7090-f070-4fb4-808f-737fec48f704
https://get.steamrefund.com/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.ub-assets.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56c7be15-untitled-design_106f06f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9850604d-icons8-legal-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
505 B 925 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dad2e6ee-icons8-discussion-1-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
499 B 920 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
daed21bb-icons8-justice-scale-64_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
576 B 997 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9ec39a54-img-hero_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56c7be15-untitled-design_1078078000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1c9cc220-image-104_113t07b03t02z08a003028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1c9cc220-image-104_100000005z0300d000a028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1c9cc220-image-104_111d06x08902u0if00a028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1c9cc220-image-104_100000002x0300sx008028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
803304b1-ign-logo-1536x864_104502b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fccf38a4-shack-news-logo_106h016000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c3c7b570-game-rant-logo2_107e010000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f308602a-0352-eurogamer-logo.svg
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 3900 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
i
events.ub-analytics.com/_ub/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
events.ub-analytics.com/_ub/ |
2 B 233 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js
www.redditstatic.com/ads/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1515208/ |
65 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v5.js
cdn.stape.io/dtag/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
38 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
272 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
173 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obtp.js
amplify.outbrain.com/cp/ |
23 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/ |
97 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
197 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
80e0304508654d4a
get.steamrefund.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3900 |
0 461 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/11050824091/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/11050824091/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
data
gtm.steamrefund.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/1/i/ |
43 B 376 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/1/i/ |
43 B 726 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
unifiedPixel
tr.outbrain.com/ |
53 B 248 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cachedClickId
tr.outbrain.com/ |
35 B 220 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
009063823c6ff0a709127c2dd74e59c875
wave.outbrain.com/mtWavesBundler/handler/ |
2 B 443 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 785 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp.gif
alb.reddit.com/ |
42 B 637 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
851791816024757
connect.facebook.net/signals/config/ |
131 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
173 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 256 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a1860529-0aae-45cb-a054-1bba5385bf0a.js
tr.snapchat.com/config/com/ |
167 B 455 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame CA46 |
0 201 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MWQ0NWRkZTlhMA.js
analytics.tiktok.com/i18n/pixel/static/ |
370 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
trc.taboola.com/1515208/trc/3/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6FGPXF7JBVHSVDCJIPGVKW
d.adroll.com/consent/check/ |
482 B 575 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.ub-assets.com/fonts/s/poppins/v20/ |
8 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.ub-assets.com/fonts/s/sourcesanspro/v22/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 146 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ |
134 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 793 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
consent_tcfv2.js
s.adroll.com/j/ |
418 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nextroll-32x32.png
s.adroll.com/i/favicon/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ |
0 94 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
p
tr.snapchat.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 792 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1515208/log/3/ |
0 249 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
unip
trc-events.taboola.com/1515208/log/3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- gtm.steamrefund.com
- URL
- https://gtm.steamrefund.com/data?v=2&event_name=page_view
- Domain
- trc-events.taboola.com
- URL
- https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=4598&scd=0&ssd=1&est=1695948171511&ver=36&isls=true&src=i&invt=3000&msa=302&rv=1&tim=1695948176109&vi=1695948171508&ri=8bf71509d1b28eb817b0fe5ca3e525cd&ref=null&cv=20230920-27-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2F
Verdicts & Comments Add Verdict or Comment
92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| ub object| dataLayer function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| ubSnowplowInitialized object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| rdt object| __tfa_pixel_init object| _tfa string| _randomPageId string| TiktokAnalyticsObject object| ttq function| snaptr object| r function| twq function| obApi string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| fbq function| _fbq function| parseResponse function| dataTagSendData function| dataTagGetData function| dataTagMD5 function| dataTag256 function| jsSHA object| dataTagData object| regeneratorRuntime object| twttr function| apiObj object| _scPxHelper function| __adroll__ string| adroll_sid object| __adroll function| __cmp function| __tcfapi function| __gpp boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms function| adroll_tpc_callback object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| gtag function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| __adroll_consent_data object| adroll_exp_list object| gaplugins object| gaData object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sc-static.net/scevent.min.js | Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e |
|
get.steamrefund.com/ | Name: ubvs Value: 833e312d-ffa3-4573-a174-a31b8084cbb3 |
|
.steamrefund.com/ | Name: ubvt Value: v2%7C833e312d-ffa3-4573-a174-a31b8084cbb3%7Cd526434c-0dc6-4d14-b154-0300c8623898%3Aj%3Adta |
|
get.steamrefund.com/ | Name: ubpv Value: j%2Cd526434c-0dc6-4d14-b154-0300c8623898 |
|
.steamrefund.com/ | Name: _gcl_au Value: 1.1.1833466891.1695948171 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.steamrefund.com/ | Name: cf_clearance Value: 8tFAfvviONKURDybyYLpGv574rQD6zgYk7ni_KkWCRU-1695948171-0-1-33f0e27c.dbe1dec1.64f1bd9c-0.2.1695948171 |
|
.steamrefund.com/ | Name: _scid Value: f09a5164-fe92-4110-984c-e44dd50e1678 |
|
.steamrefund.com/ | Name: _scid_r Value: f09a5164-fe92-4110-984c-e44dd50e1678 |
|
.steamrefund.com/ | Name: _rdt_uuid Value: 1695948171416.4aecbaad-be16-4119-a1f0-485aea478bc7 |
|
.steamrefund.com/ | Name: _ga_P48CLNLYJE Value: GS1.1.1695948171.1.0.1695948171.0.0.0 |
|
.tiktok.com/ | Name: _ttp Value: 2W34wtC8cCqoX2vQeDdY2OvYBns |
|
.steamrefund.com/ | Name: _fbp Value: fb.1.1695948171530.681601976 |
|
.t.co/ | Name: muc_ads Value: fd7293ea-eefc-4683-9c2e-33f6c22414a5 |
|
.twitter.com/ | Name: guest_id_marketing Value: v1%3A169594817149148395 |
|
.twitter.com/ | Name: guest_id_ads Value: v1%3A169594817149148395 |
|
.twitter.com/ | Name: personalization_id Value: "v1_DlQoINUG36MTLUS8Y3MgIw==" |
|
.twitter.com/ | Name: guest_id Value: v1%3A169594817149148395 |
|
.steamrefund.com/ | Name: _ga Value: GA1.2.751002646.1695948171 |
|
.steamrefund.com/ | Name: _gid Value: GA1.2.154532433.1695948172 |
|
.steamrefund.com/ | Name: _gat_gtag_UA_252624536_1 Value: 1 |
|
.steamrefund.com/ | Name: _tt_enable_cookie Value: 1 |
|
.steamrefund.com/ | Name: _ttp Value: fr64fzbOHeYekOrydQGoUU_S3RX |
|
get.steamrefund.com/ | Name: outbrain_cid_fetch Value: true |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
builder-assets.unbounce.com
cdn.stape.io
cdn.taboola.com
connect.facebook.net
d.adroll.com
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
get.steamrefund.com
googleads.g.doubleclick.net
gtm.steamrefund.com
region1.google-analytics.com
s.adroll.com
sc-static.net
static.ads-twitter.com
t.co
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
gtm.steamrefund.com
trc-events.taboola.com
104.244.42.133
104.244.42.3
13.224.189.30
13.32.99.67
141.226.228.48
143.204.207.250
146.75.116.157
151.101.65.140
151.101.65.44
2001:4860:4802:32::36
23.32.185.60
23.36.163.249
2600:9000:21f3:d800:b:3165:13c0:21
2600:9000:225e:2600:6:9280:1080:93a1
2606:4700:20::681a:93
2606:4700::6812:130
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::396
2a05:d018:cc3:fe04:fcc6:f60a:82b7:5097
35.190.43.134
52.1.93.137
52.222.250.12
64.202.112.31
096f7954e8e41553e39e3f290efc4a79553cb926cc4fa362e126c7204fc9130d
0afb6faff44a842fe76a446a279686f8e6a9fceae1549a22468033c653860225
0f0cfd5a80cfc1fb5f173aa7aeb25944ebfb884c5412df7d422073a7af5bc521
1a71fa8e28d72055d1ded8a45a44d9a400b983bf4f26dc0e7815199b44828078
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
296403224467b0696e952995d954fb75927f2c50449963d2664d6c425227fb68
2db42f12b070f135689bb618006b73e3e90df04bc085f0baa3e1457a5f36ebcc
320d4eb4df987dd82522b916ae2ce75617584ca508d77dde11fa2b64ab421e71
328bf78d9037cf1d442674cf214abe79dfe9bb1d5990958d3f150aa1960c0770
337665b1caaf7516f69b017528b7c5424eedc18b00332d2994f992ade8cc1aa5
3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641
3f73bffee4913fc7089e22702007292c65eedb5c06c5707fa2a1f159a066fa99
4206aea9d4731e3537b5a3e0d6b0bed82179891d0c6354ebb9cf80cc0d30cfef
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
5836fd0454a66f98cc72445de9a15615492621c13002c2470e1a1cf0af1b7b59
59ac725429ede98f74947527e56ee6adefc25fa1ecc4758248a14dc9725f9ea4
5b736956c1f3a80e4e3e648ed16d564efa58726119e6804abd3081541a9470d5
5c20e5367fe55a37143fa026b9879587fe3cc93f436c88274a4366cd166c0497
5edcb92d5c6a2d3aac5e13cf012f684ac293b4404f4506e6c8e3fa6013bceb1a
60b708e3bb317a230cc4346b52705c032293a83e7d5be775b02b4d4a36db1005
6431a51e2f443ed44327689ff39e23de9b7f55268301a2c58e9a6a2e409a9cd1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f0f20c2a0443bc08689acb871745e8d80299d6a8c568ad713413a0d1c4968d5
6f1287a2a9dfbc3192e41926df9f5f2322564b06e2bc32892bf6a3f954d4ba4f
6f74450faec88eabf16301ed4659dfcda539a123ae0ff8ffcc00037d18c69b31
73f36eb6ec77cac66e5623eb4afb2b312f70a6922f0d3d62b4f7f4bf302820a2
7899c5cab027e001814e1641c3949923e9f17a49a70a7a066710fc3dd1ae318b
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1e9a17ca7de1669b96ae622b530c46a3f7aad0a477c526e8fc174c3368dfb0
92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a0ce992672dcec644634af802f494b8e0857147cb1b6316dad59a76d9763c589
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
bc8eb177d036c7cd7e85f0d2637e8746d5c0740b01fb15fca100d02d37179854
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bddcdc2d4855929eaa9f4e469c2e860a98b18708da57af571e32c24fd79521a1
be6f0dab542b9db3753c4ab63a5f7c9814826f652471b174f3503fbc0b3b6065
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773
d7ec4180be0bee401745f81e14821e442e17fcdb19c6a9b90986c783e0584c90
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c11eef6f6ab1e486807d65ceb85f844c8692c2b1d41e8e7b5a7dbfc1d7e8a3
e1e5b21a92e417a421cec29ba2ccc6dd60eeca773aa145c4802657d8fed02a42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ec2cf5494e365f8f0a96c77612b354a7d44e9e2b73d90cfec11f109fbd3cbcb3
ed966363875350fba0f26f05693dd6978316ecd005b69d31880387a0c0abaaf2
edead83bade592bfbb518785d5a375b822a95d91b6874325efc9af58520821b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10d6b4c19c7e53e5d781ed10e3c856d7766ac1e9325dd9cf63dfeb48e82cd15
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7b74161fa6c24f59b2479fbdf03b0984dc91f1036d809ee0b218b0cd5a94541