m.gordonua.com
Open in
urlscan Pro
2606:4700:10::6816:5f7
Public Scan
Effective URL: https://m.gordonua.com/news/war/chislo-pogibshih-v-rezultate-rasstrela-okkupantami-avtobusa-s-bezhencami-v-hersonskoy-o...
Submission: On August 02 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by E1 on July 11th 2022. Valid for: 3 months.
This is the only time m.gordonua.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN32934 (FACEBOOK, US)
www.instagram.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.gravitec.net | |
cdn.gravitec.media |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com
api.gravitec.media |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
gordonua.com
m.gordonua.com — Cisco Umbrella Rank: 454585 |
502 KB |
7 |
adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5545 ghb.adtelligent.com — Cisco Umbrella Rank: 5594 sync.adtelligent.com Failed |
150 KB |
6 |
twitter.com
platform.twitter.com — Cisco Umbrella Rank: 726 syndication.twitter.com — Cisco Umbrella Rank: 992 |
52 KB |
5 |
gravitec.net
cdn.gravitec.net — Cisco Umbrella Rank: 24326 id.gravitec.net — Cisco Umbrella Rank: 130263 |
32 KB |
5 |
gemius.pl
1 redirects
gaua.hit.gemius.pl — Cisco Umbrella Rank: 48445 ls.hit.gemius.pl — Cisco Umbrella Rank: 10693 |
19 KB |
5 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 160 |
200 KB |
4 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 131 |
159 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
403 B |
3 |
clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 588 e.clarity.ms — Cisco Umbrella Rank: 5680 |
25 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 61 region1.google-analytics.com — Cisco Umbrella Rank: 2533 |
20 KB |
2 |
pubwise.io
1 redirects
sync.pubwise.io — Cisco Umbrella Rank: 8344 |
342 B |
2 |
gravitec.media
cdn.gravitec.media — Cisco Umbrella Rank: 57882 api.gravitec.media — Cisco Umbrella Rank: 42835 |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 100 |
121 KB |
2 |
instagram.com
1 redirects
www.instagram.com — Cisco Umbrella Rank: 1049 |
5 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73 |
1 KB |
1 |
lnkd.in
1 redirects
lnkd.in — Cisco Umbrella Rank: 53919 |
371 B |
66 | 16 |
Domain | Requested by | |
---|---|---|
18 | m.gordonua.com |
m.gordonua.com
|
5 | connect.facebook.net |
m.gordonua.com
connect.facebook.net |
4 | cdn.gravitec.net |
www.googletagmanager.com
cdn.gravitec.net |
4 | gaua.hit.gemius.pl |
1 redirects
m.gordonua.com
gaua.hit.gemius.pl |
4 | platform.twitter.com |
m.gordonua.com
|
4 | player.adtelligent.com |
m.gordonua.com
player.adtelligent.com |
3 | ghb.adtelligent.com |
player.adtelligent.com
|
3 | www.facebook.com |
m.gordonua.com
|
3 | securepubads.g.doubleclick.net |
m.gordonua.com
securepubads.g.doubleclick.net |
2 | sync.pubwise.io |
1 redirects
m.gordonua.com
|
2 | www.clarity.ms |
m.gordonua.com
www.clarity.ms |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | syndication.twitter.com |
platform.twitter.com
m.gordonua.com |
2 | www.googletagmanager.com |
m.gordonua.com
www.googletagmanager.com |
2 | www.instagram.com |
1 redirects
m.gordonua.com
|
1 | api.gravitec.media |
cdn.gravitec.media
|
1 | e.clarity.ms |
www.clarity.ms
|
1 | cdn.gravitec.media |
cdn.gravitec.net
|
1 | id.gravitec.net |
cdn.gravitec.net
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | ls.hit.gemius.pl |
gaua.hit.gemius.pl
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
m.gordonua.com
|
1 | lnkd.in | 1 redirects |
0 | sync.adtelligent.com Failed |
m.gordonua.com
|
66 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
gordonua.com |
play.google.com |
itunes.apple.com |
t.me |
palaemo.com |
interfax.com.ua |
ua.depositphotos.com |
english.gordonua.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gordonua.com E1 |
2022-07-11 - 2022-10-09 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-05-12 - 2022-08-10 |
3 months | crt.sh |
player.adtelligent.com R3 |
2022-07-19 - 2022-10-17 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-20 - 2022-10-19 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA |
2021-09-08 - 2022-09-25 |
a year | crt.sh |
*.gravitec.net AlphaSSL CA - SHA256 - G2 |
2022-03-22 - 2023-04-23 |
a year | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-27 - 2023-02-27 |
a year | crt.sh |
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA |
2022-06-06 - 2022-09-04 |
3 months | crt.sh |
cdn.gravitec.media R3 |
2022-07-22 - 2022-10-20 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 02 |
2022-06-07 - 2023-06-02 |
a year | crt.sh |
api.gravitec.media R3 |
2022-06-15 - 2022-09-13 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://m.gordonua.com/news/war/chislo-pogibshih-v-rezultate-rasstrela-okkupantami-avtobusa-s-bezhencami-v-hersonskoy-oblasti-vyroslo-do-treh-komandovanie-yug-1619742.html
Frame ID: A3D9B041AF3E27CC219428D3608BEEE4
Requests: 62 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fm.gordonua.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 24284679136018452FD34BDD193ECF63
Requests: 2 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Frame ID: F02917FA865F0DDC294AF7273908007E
Requests: 2 HTTP requests in this frame
Frame:
https://ls.hit.gemius.pl/lsget.html
Frame ID: 240AF005BBC56424692994F5BBF878B0
Requests: 1 HTTP requests in this frame
Frame:
https://id.gravitec.net/
Frame ID: 3A8BD7DDA0EC73FA76DA867F088152B6
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 4D932DD1046AF6BBE1CDB14776A7DF82
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Число погибших в результате расстрела оккупантами автобуса с беженцами в Херсонской области выросло до трех – командование "Юг" / ГОРДОНPage URL History Show full URLs
-
https://lnkd.in/e4HbhTFP
HTTP 301
https://m.gordonua.com/news/war/chislo-pogibshih-v-rezultate-rasstrela-okkupantami-avtobusa-s-bezhe... Page URL
Detected technologies
AMP (JavaScript frameworks) ExpandDetected patterns
- <link rel="amphtml"
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Gemius (Analytics) Expand
Detected patterns
- hit\.gemius\.pl/xgemius\.js
- hit\.gemius\.pl
- xgemius\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Twitter (Widgets) Expand
Detected patterns
- //platform\.twitter\.com/widgets\.js
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: проинформировало
Search URL Search Domain Scan URL
Title: двух погибших
Search URL Search Domain Scan URL
Title: Война России против Украины. Главное
Search URL Search Domain Scan URL
Title: Рекомендую
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Политика конфиденциальности и защиты персональных данных
Search URL Search Domain Scan URL
Title: Договор присоединения об использовании сайта интернет-издания "ГОРДОН"
Search URL Search Domain Scan URL
Title: PALAEMO
Search URL Search Domain Scan URL
Title: "Интерфакс-Украина"
Search URL Search Domain Scan URL
Title: Depositphotos
Search URL Search Domain Scan URL
Title: Теги
Search URL Search Domain Scan URL
Title: Карта сайта
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Новости Харькова
Search URL Search Domain Scan URL
Title: Новости Киева
Search URL Search Domain Scan URL
Title: Новости Одессы
Search URL Search Domain Scan URL
Title: Новости Донецка
Search URL Search Domain Scan URL
Title: RSS
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://lnkd.in/e4HbhTFP
HTTP 301
https://m.gordonua.com/news/war/chislo-pogibshih-v-rezultate-rasstrela-okkupantami-avtobusa-s-bezhencami-v-hersonskoy-oblasti-vyroslo-do-treh-komandovanie-yug-1619742.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://www.instagram.com/embed.js HTTP 302
- https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
- https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
- https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ceff6ee2-d7ee-4d39-9140-5c023d8906b2
- https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D HTTP 302
- https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1
- https://gaua.hit.gemius.pl/_1659454329483/rexdot.js?l=100&id=B9CV7SrIJX2nvNGotyPT6oaT7zcpOCbAOJjDjlEwkLT.57&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.gordonua.com%2Fnews%2Fwar%2Fchislo-pogibshih-v-rezultate-rasstrela-okkupantami-avtobusa-s-bezhencami-v-hersonskoy-oblasti-vyroslo-do-treh-komandovanie-yug-1619742.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=i12FJzpKCFbTpNwFADN6OLqcktiS2oJPkiLsHsAMD7v.Y7CjZ_RRbFr_MVnJM6FIASe3HYuXFES9wLNtUMpmXdrNWVQo/K.__wD41t0tud/<ime=195&fpdata=W1sq38qo572OvnZY00ZytFD7at0.WiVAnFoNnkiXsx7.C7&fpcap= HTTP 301
- https://gaua.hit.gemius.pl/__/_1659454329483/rexdot.js?l=100&id=B9CV7SrIJX2nvNGotyPT6oaT7zcpOCbAOJjDjlEwkLT.57&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fm.gordonua.com%2Fnews%2Fwar%2Fchislo-pogibshih-v-rezultate-rasstrela-okkupantami-avtobusa-s-bezhencami-v-hersonskoy-oblasti-vyroslo-do-treh-komandovanie-yug-1619742.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=i12FJzpKCFbTpNwFADN6OLqcktiS2oJPkiLsHsAMD7v.Y7CjZ_RRbFr_MVnJM6FIASe3HYuXFES9wLNtUMpmXdrNWVQo/K.__wD41t0tud/<ime=195&fpdata=W1sq38qo572OvnZY00ZytFD7at0.WiVAnFoNnkiXsx7.C7&fpcap=
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
chislo-pogibshih-v-rezultate-rasstrela-okkupantami-avtobusa-s-bezhencami-v-hersonskoy-oblasti-vyroslo-do-treh-komandovanie-yug-1619742.html
m.gordonua.com/news/war/ Redirect Chain
|
57 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff
m.gordonua.com/theme/fonts/ |
16 KB 16 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular-webfont.woff
m.gordonua.com/theme/fonts/ |
40 KB 40 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Italic-webfont.woff
m.gordonua.com/theme/fonts/ |
49 KB 49 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Medium-webfont.woff
m.gordonua.com/theme/fonts/ |
41 KB 41 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Bold-webfont.woff
m.gordonua.com/theme/fonts/ |
40 KB 40 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-BoldItalic-webfont.woff
m.gordonua.com/theme/fonts/ |
49 KB 50 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bd062d42c1287058a99e25a0dea956a3.css
m.gordonua.com/pub/ |
232 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/ Redirect Chain
|
15 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
42_tn.jpg
m.gordonua.com/img/article/16197/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/ru_RU/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blank.png
m.gordonua.com/theme/img/ |
985 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4fe2bd809852c899a2dde59f0385f427.js
m.gordonua.com/pub/ |
442 KB 125 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hb_307359_6809.js
player.adtelligent.com/prebidlink/460959/ |
364 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
83 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wrapper_hb_307359_6809.js
player.adtelligent.com/prebidlink/460959/ |
787 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/ru_RU/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
m.gordonua.com/theme/img/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_med.png
m.gordonua.com/theme/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
787 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
752 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
views_all.php
m.gordonua.com/exec/ |
7 B 162 B |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprites.png
m.gordonua.com/theme/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bylet.png
m.gordonua.com/theme/img/ |
183 B 291 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sep4.png
m.gordonua.com/theme/img/ |
125 B 204 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Viber0.png
m.gordonua.com/theme/img/ |
476 B 590 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
135 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 2428 |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.dd024c345fc26f7c7a8d9938b67e5d3d.js
platform.twitter.com/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/ru_RU/ |
298 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame 2428 |
513 B 522 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2022072702.js
securepubads.g.doubleclick.net/gpt/ |
379 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
161 B 137 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
198 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xgemius.js
gaua.hit.gemius.pl/ |
57 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
cdn.gravitec.net/storage/3d833caa5db24df7c3688c833bdcced0/ |
64 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8izmjre08y
www.clarity.ms/tag/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
platform.twitter.com/widgets/ Frame F029 |
32 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hbw_master_307359_6809.js
player.adtelligent.com/prebidlink/x460959/ |
142 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F029 |
822 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
player.adtelligent.com/exchange_rates/307358/ |
11 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ghb.adtelligent.com/geo/ |
139 B 409 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking
ghb.adtelligent.com/adunit/ |
43 B 431 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1323237824477639
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 346 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpdata.js
gaua.hit.gemius.pl/ |
281 B 394 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lsget.html
ls.hit.gemius.pl/ Frame 240A |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
configs
cdn.gravitec.net/sdk/web/ |
9 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/eus2-b/s/0.6.36/ |
52 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jot
syndication.twitter.com/i/ |
43 B 356 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 438 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
csyncs
ghb.adtelligent.com/ |
285 B 556 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
id.gravitec.net/ Frame 3A8B |
621 B 699 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.min.js
cdn.gravitec.media/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
csync
sync.adtelligent.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%7Buid%7D
sync.pubwise.io/usersync/adtellsspban/ Redirect Chain
|
43 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rexdot.js
gaua.hit.gemius.pl/__/_1659454329483/ Redirect Chain
|
169 B 422 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
e.clarity.ms/ |
0 174 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.bundle.js
cdn.gravitec.net/modules/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.bundle.js
cdn.gravitec.net/modules/ |
32 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
api.gravitec.media/api/stats/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 4D93 |
0 15 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sync.adtelligent.com
- URL
- https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ceff6ee2-d7ee-4d39-9140-5c023d8906b2
Verdicts & Comments Add Verdict or Comment
127 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| googletag object| vmpbjs object| vpb string| ua object| dataLayer boolean| login_api object| coreolaBaseSettings object| coreolaBaseFunctions object| twttr object| coreolaPhrases string| pp_gemius_identifier function| corecomments function| coreola function| corevotes function| do_branding function| do_branding_other object| swfobject object| Gravitec function| isVisible function| showVisible function| loginPage_show_error function| loginPage_hide_error function| setCookie function| getCookie function| alax_preload function| fixTopNewsHeight function| cookie_lang function| set_tablet function| full_mobile function| send_to_friend boolean| qday_switcher_int number| current_slide boolean| need_stop boolean| pause_slider function| activate_avatar function| init_qday_switcher function| do_msg_ready function| getRightHe function| compare_right_colums function| compare_main_colums function| set_cubes function| set_project function| set_infograph function| set_fun function| rand function| resize_galleries function| show_letters_blocks function| set_ticker function| set_ticker2 function| hero_letter function| hero_tab function| rowNormalization function| carouselNormalization function| writeFlash function| writeEmbed function| getParameterByName function| set_lightbox function| set_twitter function| change_fb_widget_width function| replace_youtube function| social_subs function| social_view function| change_images_for_retina function| $ function| jQuery object| __document_write_ajax_callbacks__ undefined| writeCapture object| __twttrll object| __twttr object| jQuery18104048920156665683 function| Hammer object| FB object| ggeac object| google_tag_data object| google_js_reporting_queue function| postscribe object| google_tag_manager_external object| google_tag_manager string| GoogleAnalyticsObject function| ga function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| fbq function| _fbq function| clarity object| vmpbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| __buffer object| __s object| instgrm undefined| google_measure_js_timing object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt object| gravitecWebpackJsonp number| _subscriptionStrategy object| GravitecConfig object| WLPush string| grvTatooineHost object| GravitecNetNewsConfig object| litHtmlVersions object| GravitecNews17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
m.gordonua.com/ | Name: _pbjs_userid_consent_data Value: 3524755945110770 |
|
.gordonua.com/ | Name: _pubcid Value: 45304c21-7cfc-471e-a22e-200d1c07f410 |
|
.m.gordonua.com/ | Name: _ga Value: GA1.3.250823254.1659454329 |
|
.m.gordonua.com/ | Name: _gid Value: GA1.3.1784212647.1659454329 |
|
.m.gordonua.com/ | Name: _gat_UA-45540577-1 Value: 1 |
|
.gordonua.com/ | Name: _ga_LLKXF6867N Value: GS1.1.1659454329.1.0.1659454329.0 |
|
.gordonua.com/ | Name: _ga Value: GA1.1.250823254.1659454329 |
|
www.clarity.ms/ | Name: CLID Value: b79652cb8f444df0ad76b5d19ecbddb6.20220802.20230802 |
|
.gordonua.com/ | Name: _fbp Value: fb.1.1659454329338.312129095 |
|
.gordonua.com/ | Name: __gfp_64b Value: W1sq38qo572OvnZY00ZytFD7at0.WiVAnFoNnkiXsx7.C7|1659454329 |
|
.gordonua.com/ | Name: _clck Value: 1g25y52|1|f3o|0 |
|
.hit.gemius.pl/ | Name: Gtest Value: KlGrDMMGQMGGSAg5ZX9wHHfissGMXP8c25nSG4CQk-HtXBG. |
|
m.gordonua.com/ | Name: GN_USER_ID_KEY Value: 97f386f2-f984-4877-92ba-e29a1c94ffe2 |
|
m.gordonua.com/ | Name: GN_SESSION_ID_KEY Value: e7ffaef7-2b9e-4a0e-b6b9-89b46f35e86d |
|
a4p.adpartner.pro/ | Name: apuid Value: ceff6ee2-d7ee-4d39-9140-5c023d8906b2 |
|
.hit.gemius.pl/ | Name: Gdyn Value: KlQS1MXGQMGGSAg5ZX9wHHfissGMXP8c25nSG4CQk-HtFRxSG7RrGS6Gw9GBFlM1YH8PlexaG0F6Sssa |
|
.gordonua.com/ | Name: _clsk Value: 163zxi3|1659454329938|1|0|e.clarity.ms/collect |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.gravitec.media
cdn.gravitec.media
cdn.gravitec.net
connect.facebook.net
e.clarity.ms
fonts.googleapis.com
gaua.hit.gemius.pl
ghb.adtelligent.com
id.gravitec.net
lnkd.in
ls.hit.gemius.pl
m.gordonua.com
platform.twitter.com
player.adtelligent.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.adtelligent.com
sync.pubwise.io
syndication.twitter.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.instagram.com
sync.adtelligent.com
104.244.42.200
13.107.42.14
142.250.185.66
146.59.10.80
146.59.30.96
147.75.198.217
20.62.48.180
2001:4860:4802:32::36
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:5f7
2620:1ec:27::cafe:1485
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9c
2a02:6ea0:c700::19
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f21c:80e5:face:b00c:0:4420
2a0c:5c81:5142::2
35.214.184.209
45.133.44.3
45.133.44.4
031d6039b54128232e01eed01c2c89b7658ad7ffff7a3b8f60d0f50727b98ae5
0532f59575bd5c8d6b12c4aa772150adc01c62db958378b838023cf67f64b7e0
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0ae8f824a144e63b873e47b71b81e273d9342c81f769c12f66f7747954cc10cc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18e82198e73e210e9f9288d92fc1e1449963673c084d69884bc9f57c2d7d0377
1e7bb89686e98aa0a0e4fe2c3490f4be96ccc83b15cd552344d44690d0490e5d
22701848572c4c57b7095f01bfbacb258b3a96b7ef670dbceae0eccbb8ddd4ca
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
23c5ee766e9fe158e38ab75b9744f4f1b5dd1eda26aacdda4e31d3ef7aef0487
2506dbc742800f1ab10510050c2032e00d295642673cc9bdc7ca35984fc84207
27fc02705fe7e895aeec26f7ec3e645e4544c4561f7ce7cfbdb6502e99e942cb
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edf8554db9efd4893b94a10d544946151835133e5367aa5e5ffc0a88cbf23d0
30c1698b0eb63b5565e7520f0979f72314ad247343de32f706daa98d8496b807
44f7e5bcef86ec935780aeb13252dad7d90d7dc55c5956539ab50e471f920a56
464590a4da9d186b32647d5a7d566e954debfc54633ba8efa1fe0751e8255618
54216a45f0774e24b6f9062d78af6d4ed32b421f3098373416093734f80955ba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8dc714c919a388379cca16958e37c6f273d995dde8df8623217e8b31e40f0a
6bf62e41baa09ccabc365e115f4bc96a4d87a8104dc20dfb12af77bc1d1fd03d
6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd
70d687a320109b724d86c33479db68700a86ae5b65898dcc2eb3826c4fd9862f
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
83452f339e965554655cbdbdf1bcc743c27504d67ed7abc2337a56507352623d
839565d2abc924ebda02d01f89007099ea2a2e794ac92a902fa61e5034feae1b
88db065436f00378cd77cd65102c2f02cc16de3714c646c609d38ea3f504fa37
8cb00e63cb966ea0388fda3357402ba93e460dbfe82019f9695d895f04d3d40b
8da893afea535c4be95d8bf89fabe4afb8ff213883bd3c5fd07180b719e7c786
8de1c01ba5a8690823afad69397be8fc9611268f4224ec01b0360eb3747bde45
933d98109504be89ad5f7ba0b1871152920741ec3de346f9381825933845744c
96383b51bcbda70efb0250efe0bc9f4b45b29bc7145a87d481ce70e763b2836b
97e7c56def52ff496452c11238ca45f795857c0611d8eacc33de6e792592d149
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9e66dc0896d04812316070a82b83cc296876ef32457dee8340598291e6dff9fc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a959db8321ab7068ffa6a5215bb998b95eba8510664066491e08a8d3571c8320
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca191859901f0e518496695a814494d588754e3bd146cc910876e963f650034
b9b3de9e4a97c17b33d49394cdd6eb5dc8478603873817b33d31848cd4c6ffbc
bca49ab1759bbe305d5e0e01021bf08d4d5f88207d64ae035bb3e7dbd17a21d6
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c4c483623e1913743041e04f84f5f3a9b21fa89e5bc224b264781460caf85b69
ca1b2c67389bc419689537ec0a503735171d3eb00a7ef84c80638bd1095c2735
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526
cd92a760e0b4aa7f079eeea0a5ff07aa667fa0fd29ed4a07420724ab6668de43
cfd574a0aaec1af8a27b369e77434d07746e1d0bc3ef1ef54913f9691c403ed2
d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb
d9e2e31dbddff97415e2e0d7e6cb3e7022ee6a5b8031a26ef41106a0104ac90f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a2d2ba1ca07e954274907246fdb700ca78d1c8cd64a109d1baf62ba90b4d57
e1694ab61e5c9bcf02e5897ef2f11830b50106246d812e377ae38b910b7ceeb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e706252aa5083d3c4ad8dc44f742e944aa77162ee7789d5c828c537749c2e7ee
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d
eec9c9f4b089530bce833f013150225320c35d2530254b8816b21e236a76e424
ef8f28056f41a80a82448cdf1a72b781b0242fbf8288fc6825b938c11aba1356