glossy.espreso.co.rs
Open in
urlscan Pro
185.80.68.6
Public Scan
Effective URL: https://glossy.espreso.co.rs/
Submission Tags: falconsandbox
Submission: On September 16 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 7th 2022. Valid for: 3 months.
This is the only time glossy.espreso.co.rs was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-8.vie50.r.cloudfront.net
pym.nprapps.org |
ASN16509 (AMAZON-02, US)
static.chartbeat.com |
ASN16509 (AMAZON-02, US)
secure.quantserve.com |
ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-73-40.compute-1.amazonaws.com
ping.chartbeat.net |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-221-202.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
espreso.co.rs
glossy.espreso.co.rs — Cisco Umbrella Rank: 195506 www.espreso.co.rs — Cisco Umbrella Rank: 109743 |
556 KB |
8 |
gstatic.com
fonts.gstatic.com |
246 KB |
7 |
kurir.rs
www.kurir.rs — Cisco Umbrella Rank: 61080 |
171 KB |
5 |
quantcast.com
test.cmp.quantcast.com — Cisco Umbrella Rank: 11258 cmp.quantcast.com — Cisco Umbrella Rank: 3100 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12486 |
142 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989 |
21 KB |
5 |
gemius.pl
1 redirects
gars.hit.gemius.pl — Cisco Umbrella Rank: 46108 ls.hit.gemius.pl — Cisco Umbrella Rank: 13358 |
20 KB |
4 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 |
157 KB |
3 |
adriamediacontent.com
www.adriamediacontent.com — Cisco Umbrella Rank: 70223 |
17 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
172 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 113 |
501 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152 |
111 KB |
2 |
consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2302 |
45 KB |
2 |
espreso.rs
2 redirects
glossy.espreso.rs |
139 B |
1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846 |
681 B |
1 |
chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1220 |
201 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6352 |
501 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
501 B |
1 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905 |
10 KB |
1 |
chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1317 |
15 KB |
1 |
nprapps.org
pym.nprapps.org — Cisco Umbrella Rank: 42862 |
3 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40 |
1 KB |
70 | 21 |
Domain | Requested by | |
---|---|---|
16 | glossy.espreso.co.rs |
glossy.espreso.co.rs
|
8 | fonts.gstatic.com |
fonts.googleapis.com
|
7 | www.kurir.rs |
pym.nprapps.org
www.kurir.rs |
4 | gars.hit.gemius.pl |
1 redirects
glossy.espreso.co.rs
gars.hit.gemius.pl |
3 | cmp.quantcast.com |
quantcast.mgr.consensu.org
|
3 | www.adriamediacontent.com |
glossy.espreso.co.rs
www.adriamediacontent.com |
3 | www.googletagmanager.com |
glossy.espreso.co.rs
www.googletagmanager.com |
3 | www.google-analytics.com |
glossy.espreso.co.rs
www.google-analytics.com |
3 | securepubads.g.doubleclick.net |
glossy.espreso.co.rs
securepubads.g.doubleclick.net |
2 | www.facebook.com |
glossy.espreso.co.rs
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | connect.facebook.net |
glossy.espreso.co.rs
connect.facebook.net |
2 | quantcast.mgr.consensu.org |
glossy.espreso.co.rs
quantcast.mgr.consensu.org |
2 | glossy.espreso.rs | 2 redirects |
1 | www.espreso.co.rs |
glossy.espreso.co.rs
|
1 | audit-tcfv2.cmp.quantcast.com |
cmp.quantcast.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | ping.chartbeat.net |
glossy.espreso.co.rs
|
1 | test.cmp.quantcast.com |
quantcast.mgr.consensu.org
|
1 | www.google.de |
glossy.espreso.co.rs
|
1 | www.google.com |
glossy.espreso.co.rs
|
1 | ls.hit.gemius.pl |
gars.hit.gemius.pl
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | secure.quantserve.com |
quantcast.mgr.consensu.org
|
1 | static.chartbeat.com |
glossy.espreso.co.rs
|
1 | pym.nprapps.org |
glossy.espreso.co.rs
|
1 | fonts.googleapis.com |
glossy.espreso.co.rs
|
70 | 27 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
espreso.rs R3 |
2022-09-07 - 2022-12-06 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.cmp.quantcast.com R3 |
2022-08-22 - 2022-11-20 |
3 months | crt.sh |
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA |
2022-09-13 - 2023-09-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
www.adriamediacontent.com R3 |
2022-09-07 - 2022-12-06 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-25 - 2022-09-23 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
pym.nprapps.org Amazon |
2022-04-06 - 2023-05-04 |
a year | crt.sh |
*.chartbeat.com Thawte RSA CA 2018 |
2022-05-06 - 2023-06-03 |
a year | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-09-09 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2021-12-01 - 2022-12-30 |
a year | crt.sh |
*.kurir.rs Sectigo RSA Domain Validation Secure Server CA |
2021-10-05 - 2022-10-05 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://glossy.espreso.co.rs/
Frame ID: FA4B3A8AA9622E25E1E287CA2A33DD29
Requests: 62 HTTP requests in this frame
Frame:
https://ls.hit.gemius.pl/lsget.html
Frame ID: 1AF2BB6230476328493B960224F9B958
Requests: 1 HTTP requests in this frame
Frame:
https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Frame ID: 0351D4CA75EF802C455078B8AA4A8326
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Glossyicon-arrowicon-closeicon-commentsicon-galleryicon-nexticon-previcon-searchicon-totopglossy_logosoc-commentsoc-fbsoc-gplussoc-inssoc-mailsoc-rsssoc-twittersoc-vibersoc-wupsoc-ytPage URL History Show full URLs
-
http://glossy.espreso.rs/
HTTP 301
https://glossy.espreso.rs/ HTTP 301
https://glossy.espreso.co.rs/ Page URL
Detected technologies
Chartbeat (Analytics) ExpandDetected patterns
- chartbeat\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Gemius (Analytics) Expand
Detected patterns
- hit\.gemius\.pl/xgemius\.js
- hit\.gemius\.pl
- xgemius\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Quantcast Choice (Cookie compliance) Expand
Detected patterns
- quantcast\.mgr\.consensu\.org
Quantcast Measure (Analytics) Expand
Detected patterns
- \.quantserve\.com/quant\.js
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://glossy.espreso.rs/
HTTP 301
https://glossy.espreso.rs/ HTTP 301
https://glossy.espreso.co.rs/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 58- https://gars.hit.gemius.pl/_1663290935997/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.iQXWcUXBc0fz.Hi8sdGZAMKvOJe3s3MKg67zo0o0Iz.B7lS9x9EhUuUCgHyyxfadpYfmpPxIXfU4ABIWwL.dcGIWve0/JvkqdbENSPMRF/<ime=318&fpdata=oTu8RbjfaAIzGcqo3G3AEznI1G8ucoJGS.bIqyubbGX.37&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
- https://gars.hit.gemius.pl/__/_1663290935997/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.iQXWcUXBc0fz.Hi8sdGZAMKvOJe3s3MKg67zo0o0Iz.B7lS9x9EhUuUCgHyyxfadpYfmpPxIXfU4ABIWwL.dcGIWve0/JvkqdbENSPMRF/<ime=318&fpdata=oTu8RbjfaAIzGcqo3G3AEznI1G8ucoJGS.bIqyubbGX.37&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
glossy.espreso.co.rs/ Redirect Chain
|
117 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-v-1652096995386.js
glossy.espreso.co.rs/resources/js/ |
214 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-v-1652096995386.css
glossy.espreso.co.rs/resources/css/ |
86 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
81 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
glossy.espreso.co.rs/resources/images/svg/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
338901_kardibmetgala202204_po-s.jpg
glossy.espreso.co.rs/data/images/2022/05/04/13/ |
72 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
338919_blejklajvliprofimedia0688359379_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/05/04/15/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
309671_huawei-03112020-0060_sq-s.jpg
glossy.espreso.co.rs/data/images/2020/11/04/10/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazy.png
glossy.espreso.co.rs/resources/images/ |
936 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
choice.js
quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xgemius.js
gars.hit.gemius.pl/ |
59 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
95 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubjelly.js
www.adriamediacontent.com/js/pubjelly/main/ |
42 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
101 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ |
46 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v17/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2
fonts.gstatic.com/s/ptserif/v17/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pym.v1.min.js
pym.nprapps.org/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat.js
static.chartbeat.com/js/ |
37 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ |
177 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
network_sprite.svg
glossy.espreso.co.rs/resources/images/footer/ |
61 KB 27 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 445 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 148 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
330591_31888420-1875058619181539-4362733534809423872-n_sq-s.jpg
glossy.espreso.co.rs/data/images/2021/11/05/19/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
345232_3169757-screenshot9-ls_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/09/13/20/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
334366_potaz-shutterstock-1901610007_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/01/20/17/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
338901_kardibmetgala202204_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/05/04/13/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
345334_olovkapocetna-1_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/09/15/20/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
52592287725-profimedia0706669399-share_sq-s.jpg
glossy.espreso.co.rs/data/images/external/2022/09/15/20/ |
51 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
check_if_user_is_logged_in
glossy.espreso.co.rs/profil/ |
115 B 399 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
186 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
186 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpdata.js
gars.hit.gemius.pl/ |
282 B 396 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lsget.html
ls.hit.gemius.pl/ Frame 1AF2 |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
322513038446696
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.js
www.adriamediacontent.com/js/pubjelly/main/noc/ |
593 B 787 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glossyespresocors.js
www.adriamediacontent.com/js/pubjelly/main/cfg/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ |
10 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ |
376 KB 128 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
78 B 103 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-pLW1P-3X_Ppr5.js
rules.quantcount.com/ |
209 B 681 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2ui-en.js
cmp.quantcast.com/tcfv2/44/ |
248 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ |
347 KB 42 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-atp-list.json
cmp.quantcast.com/tcfv2/ |
152 KB 36 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 350 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rexdot.js
gars.hit.gemius.pl/__/_1663290935997/ Redirect Chain
|
169 B 426 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.kurir.rs/news_widget_amc/ Frame 0351 |
20 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audit-tcfv2.cmp.quantcast.com/ |
2 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.espreso.co.rs/resources/images/header/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pym.v1.min.js
www.kurir.rs/resources/js/ Frame 0351 |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2825203_belivuk-miljkovic_ls-s.jpg
www.kurir.rs/data/images/2021/12/09/18/ Frame 0351 |
40 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3174311_giska_ls-s.jpg
www.kurir.rs/data/images/2022/09/15/12/ Frame 0351 |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1646435_profimedia0375134740_ls-s.jpg
www.kurir.rs/data/images/2018/10/15/13/ Frame 0351 |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3174931_nevreme_ls-s.jpg
www.kurir.rs/data/images/2022/09/15/20/ Frame 0351 |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3174509_untitled3_ls-s.jpg
www.kurir.rs/data/images/2022/09/15/15/ Frame 0351 |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
156 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| __tcfapi function| __uspapi string| addr string| server_request_uri string| server_href boolean| comment_report_reqire_login string| login_system string| login_server string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event string| cdSiteContentCategory string| cdSiteContentSubcategory string| cdSiteContentPageType string| cdArticleDatePublish string| cdArticleDatePublishNewFormat string| cdArticleTimePublish string| cdArticleAuthor string| cdArticleId string| GoogleAnalyticsObject function| ga object| dataLayer object| googletag object| pubjelly function| fbq function| _fbq function| getCookie string| userFirstLastName string| userAvatar object| userProfileLink undefined| sharewindow function| processGoogleABTestToken function| searchHeaderBtn function| searchHeader function| searchForm function| sideBoxTabs number| get_tpl_i function| get_tpl function| removeElement function| nl2br object| $mediaSlider object| $mediaThumb object| $window function| socFollow function| stickyHead function| equalHeight function| trim function| isEmail function| loadAntibot function| poll_init function| poll_check_votes function| poll_vote function| poll_show_results function| poll_show_answers function| getImagesFromLive function| slideToSlide function| setMediaDescription function| _slice function| _slicedToArray function| _extends function| _toConsumableArray function| checkIfUserIsLoggedIn function| checkUserPreviousScrollPosition function| checkStrength function| addendLoader function| removeLoader function| setCookie function| checkCookie function| openLoginModal function| logOut function| resetAllValidationFields function| userProfile function| openRegisterModal function| showErrorMessage function| hideErrorMessage function| uploadAvatar function| getUrlVars function| removeHash boolean| com_loading function| com_load_more function| com_list number| antibot_id object| antibot_timeout function| com_form_init function| com_preview_init function| com_close_reply function| com_reset_antibot function| dataSet function| dataPush function| dataGet function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| loader boolean| finishLoding object| toastr object| container object| script object| _sf_async_config object| _qevents object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt object| $jscomp function| $jscomp$lookupPolyfilledValue object| __pubJellyRuntime object| pbjs object| regeneratorRuntime function| __tcfapiui object| ggeac object| google_js_reporting_queue object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| cmd string| pjSlotID undefined| google_measure_js_timing object| pym16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.espreso.co.rs/ | Name: _gid Value: GA1.3.37668775.1663290936 |
|
.espreso.co.rs/ | Name: _gat Value: 1 |
|
.espreso.co.rs/ | Name: _gat_tstTracker Value: 1 |
|
.espreso.co.rs/ | Name: _cb Value: DRNFXYCBUXJkCSCYYR |
|
.espreso.co.rs/ | Name: _chartbeat2 Value: .1663290935744.1663290935744.1.jeMZhD1PWNcCSWQoUBzJfiRC-bNpd.1 |
|
.espreso.co.rs/ | Name: _cb_svref Value: null |
|
.espreso.co.rs/ | Name: __gfp_64b Value: oTu8RbjfaAIzGcqo3G3AEznI1G8ucoJGS.bIqyubbGX.37|1663290935 |
|
.espreso.co.rs/ | Name: _ga_1KF5K7BKBZ Value: GS1.1.1663290935.1.0.1663290935.0.0.0 |
|
.espreso.co.rs/ | Name: _ga Value: GA1.1.2005834889.1663290936 |
|
.espreso.co.rs/ | Name: _ga_M15919DSXJ Value: GS1.1.1663290935.1.0.1663290935.0.0.0 |
|
.espreso.co.rs/ | Name: _fbp Value: fb.2.1663290935912.447562401 |
|
glossy.espreso.co.rs/ | Name: X-Proxy-To Value: glossy-web1 |
|
.facebook.com/ | Name: fr Value: 0G74QCbcwxKn0cQhB..BjI843...1.0.BjI843. |
|
glossy.espreso.co.rs/ | Name: qcSxc Value: 1663290935981 |
|
.hit.gemius.pl/ | Name: Gtest Value: KlxDwMMGQMQGQeTGlXrLkX8issGMXP8c25nSGol6VEnwoO1isG.. |
|
.hit.gemius.pl/ | Name: Gdyn Value: KlGL0RXGQMQGQeTGlXrLkX8issGMXP8c25nSGol6VEnwoOMiGsRPIQlGvGQp1R48SsL8RDcGFsCBI8l8MG.. |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
audit-tcfv2.cmp.quantcast.com
cmp.quantcast.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gars.hit.gemius.pl
glossy.espreso.co.rs
glossy.espreso.rs
ls.hit.gemius.pl
ping.chartbeat.net
pym.nprapps.org
quantcast.mgr.consensu.org
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
test.cmp.quantcast.com
www.adriamediacontent.com
www.espreso.co.rs
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.kurir.rs
141.95.172.70
146.59.30.108
18.196.221.202
18.66.15.8
185.80.68.11
185.80.68.6
2001:4860:4802:32::36
2001:4860:4802:34::178
2600:9000:20eb:5200:6:44e3:f8c0:93a1
2600:9000:20eb:b600:18:1fcd:351:7bc1
2600:9000:21f3:3600:9:46dc:4700:93a1
2600:9000:21f3:6400:9:46dc:4700:93a1
2600:9000:21f3:ca00:3:a4cd:8380:93a1
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8083:face:b00c:0:25de
3.229.73.40
51.15.154.187
51.159.89.0
047ed5c1bcaea807f1edb61af9be9d808c474d7ae00dd2577067ad4adbcffd29
07972f12994eb405d291a4584d3cec9262e657f789053b67de1b1d71d6f09c62
0dbd7850bc1b3a91738aea104819a7909e940972a1c04c30e0d37ff1d39fefd8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1743622310a6527c8b495a48b8e30112b93d88c2b3061868f1b711b1cc05329a
18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
1abba0829c14225773b18f65ae4251f2820744c54fdb34774adc72476f6b0617
22882a69a2cd613b25bc774dded2d9d71c97bf0677d764e8bd270402a6802688
2cd568d4ba898ae20d0f741f2466b121cb86c03d711d3e9f3892100a8bbea56a
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
336a3a236ec241531ec60ebd7921dbb1ec7e5903b89ea8e387e05bfc598b0607
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
39e110d013cee5277b6be02ea51c5b08319dd79697aa19bd2a191f47d7ca26fb
3a4814c97b17e6a068e7a7a6f2946ff6afb12e07fe0940ec453a8de5bf81720c
3b6e1f76d5ac7e6a50586fc2524e0d0256c4e4986ed9ce37e68e47bd9476d5e1
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
4935de7697aa50b80210d5a6ad727536b081eb371c3f7f5fcabf86b606d1c2a4
4a9337bf6da81f33115899dc2e7ae5c50c313a357c46643b52c5bed7db9a88b1
52ad44cbdaf2f972f4b191524ac999658e08f708b39d26da8f958a4b5aef69f2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5748bca185df924fff062d93fb5b13bad5bb43de8a26f4a966c2094795c38af5
5910ae5e092aa5a466567675e4b5c665432b691cfc8c9bec2b38487c1e13762d
6161984dd7aa2164b15442045878ed556639e739f57f8da6a4589e444be49bb0
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
68f9ec7245f3923704b8eca75dfe216dd7f5d8e7a22bc844926c6e110f034ac2
733d26f489d3755dc78c812d20a3184aa9c7989788403633dfdce968138070db
7555c01f42a29c745c6c551a000359333ed30bfb1a55db3ba988c25d2c0a620b
765c6a713ced0be1df95a2d9f298aa537715d6f2785056ada3a3edfa1fab58cb
774cccb3a1a7bcbb8cc8733c59949a40514a4de8a777152780c1475683e5fe5c
7ebf3024d7091007d0635f6f729158fd7168e2af56748254e80a0389f98a4abf
7f5ca9f79acd440b5ebc89bd5496128cc2d42ad694a6d62ccab96af27433676b
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
879786857ec79ae37d4eb158bea957154445288c96fd1c9525d6509772f50cad
8bd5d4c222c02f04991874ce321a05428be09b19114a102516db09a28d52b89f
8c5a62c74692dd5d707767c763842fa3a199c5d50b526f2a138747af21ba6202
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
9c554e72a436416abbe394756db7f18accf072518a08e6c101458782cf5a5762
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1140d57421ae5baa9e14a690f2bac09054b2a9d355829623cbd719d845f3639
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e
ae3927aec248f434f15d5ba967fc2ce04d7b2364b3e9f713adfb572f0b33de7b
b6d0aebfb47d4753cbebc147f100030b2d3903f75be8a43d5adc749fb531866d
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
ba289fbc443bb0a3befc92c5f5d1792a8b57bb4914777301ed440b9406e22348
bb451d0ad8a289e141123d818a20a362fa02fe031f62d09e99542d185a60a254
c2aef430ad430749217bade369222529382149db64f9e70f5450638892f61359
c7c2ca46c67efb0492283d49524836c80acc2c3b367e2b2c9018a2cc3fe5b638
cd0564106c40c0d22e2b8fd12f552d0beb6bc1f44d0e9e1a744ff86a811d1ebb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d967e05002c52b775e3f42bd7a708b63079283f3a54576644042a7481c7eeb12
de16d366d41371123be44b390d4d9dcf2d45685d80c6f1bea51a6d63a536a743
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e1943215b583d734488e4b3c5071b0e496385441cf2c58c302756251de7540c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f6fbc32fcd5ad78163e569eb7a1cf538d3d254ee5eaed8891fd414dd11192
e7053e6d6b0130170605d627dcc8e68c3f94edd7141a552b68a72cdd320493a3
ea9b20bf113c01e5234c3a622db0edf2ec574e9cf734604946aae01936b15913
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45581dea4766aea93a359e45adda424af1d2ff21bcde51362c339c8ae4b35ed
fb95b63ea48ac69cc33857339d608d1022dd9cb9772fb6820f3623c0ce9bca44
ff3587135389fc0f7399474f84d6bff086059dbcb13d9b4e64b495d72ba4e4c7