shms.ps
Open in
urlscan Pro
168.119.236.88
Public Scan
Effective URL: https://shms.ps/hashtag/60237/%D9%85%D8%AC%D9%84%D8%B3-%D8%A7%D9%84%D8%B2%D9%8A%D8%AA%D9%88%D9%86-%D8%A7%D9%84%D...
Submission: On December 19 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on November 17th 2023. Valid for: 3 months.
This is the only time shms.ps was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN24940 (HETZNER-AS, DE)
PTR: static.139.136.251.148.clients.your-server.de
openweathermap.org |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
shms.ps
2 redirects
shms.ps |
443 KB |
15 |
google.com
www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 |
72 KB |
11 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 |
224 KB |
5 |
openweathermap.org
openweathermap.org — Cisco Umbrella Rank: 11500 |
9 KB |
3 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 |
11 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
356 B |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
259 KB |
3 |
onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4165 onesignal.com — Cisco Umbrella Rank: 1473 |
73 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168 |
89 KB |
2 |
optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 55535 get.optad360.io — Cisco Umbrella Rank: 39286 |
749 B |
1 |
iplist.cc
iplist.cc — Cisco Umbrella Rank: 323767 |
695 B |
0 |
alexametrics.com
Failed
certify-js.alexametrics.com Failed |
|
69 | 12 |
Domain | Requested by | |
---|---|---|
22 | shms.ps |
2 redirects
shms.ps
|
14 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
8 | pagead2.googlesyndication.com |
shms.ps
pagead2.googlesyndication.com tpc.googlesyndication.com |
5 | openweathermap.org |
shms.ps
|
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
|
3 | www.googletagmanager.com |
shms.ps
www.googletagmanager.com |
2 | connect.facebook.net |
shms.ps
connect.facebook.net |
2 | cdn.onesignal.com |
shms.ps
cdn.onesignal.com |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | onesignal.com |
cdn.onesignal.com
|
1 | iplist.cc |
shms.ps
|
1 | get.optad360.io |
shms.ps
|
1 | cmp.optad360.io |
shms.ps
|
0 | certify-js.alexametrics.com Failed |
shms.ps
|
69 | 16 |
This site contains links to these domains. Also see Links.
Domain |
---|
chat.whatsapp.com |
www.instagram.com |
t.me |
twitter.com |
www.facebook.com |
www.youtube.com |
m.me |
atyaf.co |
Subject Issuer | Validity | Valid | |
---|---|---|---|
shms.ps R3 |
2023-11-17 - 2024-02-15 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-03 - 2024-05-02 |
a year | crt.sh |
*.optad360.io Amazon RSA 2048 M02 |
2023-09-17 - 2024-10-15 |
a year | crt.sh |
*.openweathermap.org Sectigo RSA Domain Validation Secure Server CA |
2023-06-30 - 2024-07-30 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-09-28 - 2023-12-27 |
3 months | crt.sh |
iplist.cc R3 |
2023-12-15 - 2024-03-14 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://shms.ps/hashtag/60237/%D9%85%D8%AC%D9%84%D8%B3-%D8%A7%D9%84%D8%B2%D9%8A%D8%AA%D9%88%D9%86-%D8%A7%D9%84%D9%81%D9%84%D8%B3%D8%B7%D9%8A%D9%86%D9%8A
Frame ID: BC070BF06007A446973D86616F6C57BE
Requests: 61 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: DFA5F4E27BB9B781234DC43A3CCB8922
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9238994152380065&output=html&adk=1812271804&adf=3025194257&lmt=1703015361&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fshms.ps%2Fhashtag%2F60237%2F%25D9%2585%25D8%25AC%25D9%2584%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B2%25D9%258A%25D8%25AA%25D9%2588%25D9%2586-%25D8%25A7%25D9%2584%25D9%2581%25D9%2584%25D8%25B3%25D8%25B7%25D9%258A%25D9%2586%25D9%258A&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703015360891&bpp=11&bdt=2089&idt=231&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8695352489967&frm=20&pv=2&ga_vid=497826936.1703015359&ga_sid=1703015361&ga_hid=1296085975&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C44809531%2C95320870%2C95320884&oid=2&pvsid=1520886367171781&tmod=1098612946&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: 88B82CA3842A19C4508DD940BB567E6D
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9238994152380065&output=html&h=280&adk=1418185256&adf=2512527112&pi=t.aa~a.3552371631~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703015361&rafmt=1&to=qs&pwprc=4033372877&format=1200x280&url=https%3A%2F%2Fshms.ps%2Fhashtag%2F60237%2F%25D9%2585%25D8%25AC%25D9%2584%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B2%25D9%258A%25D8%25AA%25D9%2588%25D9%2586-%25D8%25A7%25D9%2584%25D9%2581%25D9%2584%25D8%25B3%25D8%25B7%25D9%258A%25D9%2586%25D9%258A&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703015360902&bpp=2&bdt=2099&idt=242&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8695352489967&frm=20&pv=1&ga_vid=497826936.1703015359&ga_sid=1703015361&ga_hid=1296085975&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C44809531%2C95320870%2C95320884&oid=2&pvsid=1520886367171781&tmod=1098612946&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=244
Frame ID: 736B3A4EBB81898B39626FC30298C829
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8FC9CF69717359D81B83D6E78939978B
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C25DD22F5084E57668B0715516A20AA
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
مجلس الزيتون الفلسطيني | وكالة شمس نيوز الإخبارية - Shms News || آخر أخبار فلسطينPage URL History Show full URLs
-
https://shms.ps/hashtag/60237/
HTTP 301
https://shms.ps/hashtag/60237 HTTP 301
https://shms.ps/hashtag/60237/%D9%85%D8%AC%D9%84%D8%B3-%D8%A7%D9%84%D8%B2%D9%8A%D8%AA%D9%88%... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
OneSignal (Marketing automation) Expand
Detected patterns
- cdn\.onesignal\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://shms.ps/hashtag/60237/
HTTP 301
https://shms.ps/hashtag/60237 HTTP 301
https://shms.ps/hashtag/60237/%D9%85%D8%AC%D9%84%D8%B3-%D8%A7%D9%84%D8%B2%D9%8A%D8%AA%D9%88%D9%86-%D8%A7%D9%84%D9%81%D9%84%D8%B3%D8%B7%D9%8A%D9%86%D9%8A Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
69 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
%D9%85%D8%AC%D9%84%D8%B3-%D8%A7%D9%84%D8%B2%D9%8A%D8%AA%D9%88%D9%86-%D8%A7%D9%84%D9%81%D9%84%D8%B3%D8%B7%D9%8A%D9%86%D9%8A
shms.ps/hashtag/60237/ Redirect Chain
|
32 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.css
shms.ps/style/assets/stylesheet/ |
225 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
shms.ps/style/assets/stylesheet/ |
44 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o2.css
shms.ps/style/assets/stylesheet/ |
2 KB 848 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c6e0bfdc-53e7-492f-872f-5d17016ac8ed.min.js
cmp.optad360.io/items/ |
3 B 392 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin.min.js
get.optad360.io/sf/50235a4f-4b72-4939-a198-6ea555913ecc/ |
2 B 357 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
03n@2x.png
openweathermap.org/img/wn/ |
837 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
01d@2x.png
openweathermap.org/img/wn/ |
948 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
10d@2x.png
openweathermap.org/img/wn/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
03d@2x.png
openweathermap.org/img/wn/ |
837 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
02d@2x.png
openweathermap.org/img/wn/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
shms.ps/style/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
N0Rwd.jpg
shms.ps/thumb/230x150/uploads/images/2022/11/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
atyafco.png
shms.ps/style/assets/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
270 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
shms.ps/style/assets/javascript/ |
79 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
shms.ps/style/assets/javascript/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment-with-locales.js
shms.ps/style/assets/javascript/plugins/ |
462 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment-timezone-with-data.js
shms.ps/style/assets/javascript/plugins/ |
190 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o2.js
shms.ps/style/assets/javascript/ |
3 KB 989 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
breaking.js
shms.ps/style/assets/javascript/ |
2 KB 832 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
245 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-text.png
shms.ps/style/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
URWGeometricArabic-Medium.woff2
shms.ps/style/assets/stylesheet/fonts/font/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
URWGeometricArabic-Light.woff2
shms.ps/style/assets/stylesheet/fonts/font/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
URWGeometricArabic-Regular.woff2
shms.ps/style/assets/stylesheet/fonts/font/ |
50 KB 51 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.ttf
shms.ps/style/assets/stylesheet/fonts/icons/ |
18 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
URWGeometricArabic-ExtraBold.woff2
shms.ps/style/assets/stylesheet/fonts/font/ |
54 KB 54 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
302 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
284 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
atrk.js
certify-js.alexametrics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api
iplist.cc/ |
155 B 695 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
breaking
shms.ps/ |
2 B 166 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
onesignal.com/api/v1/sync/4c165310-38dc-4e51-8dee-1af97cd3c6cc/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 248 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
245 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
147 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ |
399 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame DFA5 |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 88B8 |
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 736B |
710 B 554 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8FC9 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 0C25 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8FC9 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C25 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 8FC9 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-9238994152380065
fundingchoicesmessages.google.com/i/ |
182 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxWOfeycN4OrTgdkZLZMQNt8Cu1E06QxjryEOnmzASxMJukutuMHIEb3eROdrTUIdls0cQbOvju3KQhBMouJytoeIqLPI7lqVaqm-D2ims3UF3DDnEREUz5H3BTiGR0VgFKfv0BwFw==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxX7YesXBw-cN4k6Zmt9hPdO4C7Wwi5ypUhki95jTJAJubgqjSg15H_9QdEr9yM2KKj9ys_NVKcscwzXJUE3OJnj4cfnhrzKIsXJh2md5DM-Ki7cuD4RMSreM5u_XzCvdLuCmpRiGw==
fundingchoicesmessages.google.com/f/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
px.gif
fundingchoicesmessages.google.com/img/ |
43 B 68 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
px.gif
fundingchoicesmessages.google.com/img/ |
43 B 68 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVABzJPOxIRtNFIiOQVGEQmKW4zMGm007qP104l846VTrT32s4sphzeyatHFmuhQy3Iz7p4rRL9qFpVbDx20yEvITFKoOc-3mj_igJwpQJ0JjjR8zKRft1tKvKNKU7VweUqcyXRzg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads.
fundingchoicesmessages.google.com/f/AGSKWxXCEF1Z5Ek8F0p7HeMn5NnVC4j9IN5bX8oqDEGdBxnqJoBccGx-xOe43N2n_Tkw1vnoLw6mJha4apmscGSDUZQjyAcdI0v8ci0r5NK3LEPqqOP9BYCee_TF0MrlPqPzWMC6tdVRQ5c_q7sDslosSM2U_4plz... |
54 B 109 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ |
47 B 67 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVABzJPOxIRtNFIiOQVGEQmKW4zMGm007qP104l846VTrT32s4sphzeyatHFmuhQy3Iz7p4rRL9qFpVbDx20yEvITFKoOc-3mj_igJwpQJ0JjjR8zKRft1tKvKNKU7VweUqcyXRzg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVABzJPOxIRtNFIiOQVGEQmKW4zMGm007qP104l846VTrT32s4sphzeyatHFmuhQy3Iz7p4rRL9qFpVbDx20yEvITFKoOc-3mj_igJwpQJ0JjjR8zKRft1tKvKNKU7VweUqcyXRzg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVABzJPOxIRtNFIiOQVGEQmKW4zMGm007qP104l846VTrT32s4sphzeyatHFmuhQy3Iz7p4rRL9qFpVbDx20yEvITFKoOc-3mj_igJwpQJ0JjjR8zKRft1tKvKNKU7VweUqcyXRzg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVABzJPOxIRtNFIiOQVGEQmKW4zMGm007qP104l846VTrT32s4sphzeyatHFmuhQy3Iz7p4rRL9qFpVbDx20yEvITFKoOc-3mj_igJwpQJ0JjjR8zKRft1tKvKNKU7VweUqcyXRzg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxVJyp1BvqDJxuFF1P5bMZTW7L8bbT80RciSkSVNbcscBJ-JlTWa95XjluMlLniBPk7m1pdSe0KJCChobNmFV3eyuBxIxmgsnZ4c8pFE4B7t6Y7tXbNsrOnRmFdY2LAKUwVymJV5_g==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWb-YwlNuqkF_AwYf4egIWLXaaspiQSOSyWnI6IVGE_gHt22ZrP5YV0NAYyoVJNyYbLLwIoG885vGSCIs1sGKaa9RLFydVj_E85g1JY-f-lMeX5SspMygv51JhsrVa59I7sAY9wgg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVABzJPOxIRtNFIiOQVGEQmKW4zMGm007qP104l846VTrT32s4sphzeyatHFmuhQy3Iz7p4rRL9qFpVbDx20yEvITFKoOc-3mj_igJwpQJ0JjjR8zKRft1tKvKNKU7VweUqcyXRzg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- certify-js.alexametrics.com
- URL
- https://certify-js.alexametrics.com/atrk.js
Verdicts & Comments Add Verdict or Comment
81 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture function| OneSignal function| getCookie function| gtag object| dataLayer number| uidEvent object| bootstrap function| $ function| jQuery object| FB function| moment string| site_url string| time_zone function| template function| dd function| array_pluck function| array_diff function| submit_form object| $breaking_container object| $breaking_news_array number| $current_breaking_index object| $time_zone function| update_breaking function| show_breaking string| jsClass object| _atrk_opts number| __oneSignalSdkLoadCount function| __jp0 object| __buffer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTk4MzAwZDEyOTE0OGIxN2xvYWRlcl9qcw== string| ZTk4MzAwZDEyOTE0OGIxN2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
shms.ps/ | Name: XSRF-TOKEN Value: eyJpdiI6IlZNc3NDY0tzSGJHVUZKUDFveENwbmc9PSIsInZhbHVlIjoicUdOUWUwcjM2T0ZWb0JDVU93RU1PSGpSZCtWaDJBU1ZDYXpqK25BaFgzaTFkQ1E4WSsxaEwyWUU4b1wvVGJVWEUiLCJtYWMiOiIxNjYyOTJmYTFkYzljZjEyNmUxMGQxZDQyN2M3NTViNGM2ZGZlYzdhMDlhYWJlNzY2ZTFmOTU5NzJmZWFhZTQxIn0%3D |
|
shms.ps/ | Name: shms_session Value: eyJpdiI6Imc2aTB4bUR0U1Q2a0IyQ3MzdVQrZFE9PSIsInZhbHVlIjoidUxPNEVcLzRDQjNaY2pER2Z0UHU4RHZtcUoycDIwNGRGZVNWRU9RM0FkQWRMa20wYWp3OEd2MUtRSXh3Zkw0ZHIiLCJtYWMiOiI4YTZhNWNhOTU3MTQzZDZkZjFmODNjNTJlMjdjYzQyMzZhMGM3MzRiMTNmNWE5NWFkZjExNjRlZjQwNTEwZmIyIn0%3D |
|
.onesignal.com/ | Name: __cf_bm Value: JkiLcNVHROyaseNo019bwJxkc73S1PL2ki_rYltucbo-1703015358-1-AezgSfLyxR1iSIEeqMt1QuIDj2mHs2LduL752L19G/rpujKsSR7anNmMeXwjYoj9SMZzKU7y3ES+nxFzqSIcGAM= |
|
.shms.ps/ | Name: _ga Value: GA1.1.497826936.1703015359 |
|
.shms.ps/ | Name: _ga_339BWQS9WK Value: GS1.1.1703015358.1.0.1703015358.0.0.0 |
|
.shms.ps/ | Name: _ga_ZT3H0508SX Value: GS1.1.1703015358.1.0.1703015358.0.0.0 |
|
.shms.ps/ | Name: _ga_B8JN5ZM0VL Value: GS1.1.1703015358.1.0.1703015358.0.0.0 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.shms.ps/ | Name: __gads Value: ID=432290520b500004:T=1703015361:RT=1703015361:S=ALNI_MZBHAjzkh_gsrrHJxg-ExnqmtROPQ |
|
.shms.ps/ | Name: __gpi Value: UID=00000d21c8140954:T=1703015361:RT=1703015361:S=ALNI_MaNwnL8lFLPKK5b8M9bVFwCo9eQTA |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.onesignal.com
certify-js.alexametrics.com
cmp.optad360.io
connect.facebook.net
fundingchoicesmessages.google.com
get.optad360.io
googleads.g.doubleclick.net
iplist.cc
onesignal.com
openweathermap.org
pagead2.googlesyndication.com
shms.ps
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
certify-js.alexametrics.com
148.251.136.139
168.119.236.88
2600:9000:243d:6200:6:b871:4f00:93a1
2600:9000:243d:8e00:11:a4de:2580:93a1
2606:4700::6812:d63b
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::200e
2a00:d880:5:509::face
2a03:2880:f084:d:face:b00c:0:3
066603aedce94a43afd2f048c49290a1f041eadf6c168bbf838ca993b3e9726d
091cb4db21de97e1ad720bde01d3b7201934edf8238b04141053467f1cf34cd9
0c700b8fbe690099cee582da2fb7c91efe59cd2d6accea537f37a956b2a77f8f
0e82c218b990e530fb3f81a55a88bcd85c30ec775edec41f233b96c2774f385f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
153c0d767a5b4142020e07325c7e909e0858e020b3464ed2c4e8dfee6a8e5d5d
1e69abacdc7a787400fe0921538579b33ddc00d2c3804181e3cd1d4c0bd55aa7
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
268b6ac9f9cdd114d39c5b7a1982eb6ae38f65c5a7e3d969c87d7ac2a26b59bf
2bde280de9232c9f713fd1a9b4adcd2d385a87956885078a6cd16ad7bc59820c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3551d8da8976d68677ee9b26b5ceab59c3a645da149808da2dd8d8ddef219c0c
35a89cd96633683b06fa7ff5dce8b928e5893b9f3635af099ee22ae5831590a5
38a62cf8cd8e541821969d7c84df4d7077862a06048b01e47ebedf24c27c8d03
40e9f4ccfd8413617cfbc069db69d7de42871acf5f7ed0496a85d7e2f46d199d
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d97d68ba45f75d6f63fea2575659c8d48ae087894f58adce61cab400845dba2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502f6201642ee13eca293758091112851a24f21f1a0acee230f3beb03ab972f0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638b145e2b1079c761760930791009f99c187c78ca5a88b731e782ddf1126479
649bddef1d5b18d1ad2a9bcc9394f9a21c06617a5a1530f6c258ed75d2de5ede
6b2a9b89731f9fac6020ed97ede56a0defb23321534959417e69e40483001ebb
7422d3719e21c9b03517dd1390b1d572f64753abd990ef9e99d42efac00c029e
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
7b1e76d8ec4dccd369491186ce1ec49ac0598bf30e158fb52244174ce30b2f72
7b3cf91e76a0f2d54ded92145af01d30b70433cb34f5343f8595a6b5d69eaa4c
7e6c6176b63db6129c218919907449eeb658f727d87b92fbd9fd1cd50902a423
886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698
8ddad843136f364aeafad59addf325739364557f6ff9a93633cb141b779ec781
96c63fea9c857ec0ba048ef42a5d7bdf662ef4f9db8c625497ac7e313f364cc7
9b0430444ed374078b45fce59417e8bc02f7d28db8d27b638f2746ff69cf57d3
9ddcb4c274641ed4fa435de30b8b90218b374c86fc6a5cd48fca1d69b7c57077
a6e5e5bed1c739888fb2a0b29a5be5c2588db24191e9bfeeaf6d12aeb7973fb9
ad3da27c59a69a42055d619a623e803f59db8b1da6b5783adbdb45753f4cee3a
b3591d1faed4eadba312e92efec373eb09b5f78aeceedea529f85e2b2436cc43
b678b03c792a390389da6378eb15b6125eea380b7b170de1cf0df22e03932dd4
c158718a8b7b6f02616180be480ab7df5eb393b768f9f5274f2a66c97c980ecc
c541c7261a66f717ba3b97b0ddb390b1b1e15b98176a1a7d90ee66b39ea244b3
c59487ae6fde99c24dbf3f37f1aa487190439e6566b1aaa57e14cafb7a6c7aa2
c7216ec6960e37b3c9207c25eabbe64dff18934bb104a15df95288d104e390ea
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caaf8a83bfd117734e522ad3b326ef2b850e31f3ad717a05ada87c2244341744
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d1dcaaea56c23b9bc7ca770f92f35e6131badaae8c7563fff1085162d88c5fa6
d67ed35d7dbf10d139bf85b2632fffaaa2e338177d56f0240bce6d3a401ba9f0
deccd62f7ad884a407169c770ae64cb7984c737a5590341c60b3d04f6500bcec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e940515d5ad1d394bca766319f83bbf53794bda467b13a041411f9c201c2fcca
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
f3a75861c784297c26e8fee09b8b3ac77b8c9c48fc0cb45bfcfda2137b10d681