urlscan.io logo urlscan.io
SecurityTrails logo

busy.org Open in urlscan Pro
2606:4700:3035::681f:483c  Public Scan

Go To Rescan Add Verdict Report
URL: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Submission: On February 02 via manual from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3035::681f:483c, located in United States and belongs to CLOUDFLARENET, US. The main domain is busy.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 30th 2020. Valid for: 8 months.
This is the only time busy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 47.246.43.252 24429 (TAOBAO Zh...)
1 99.86.0.85 16509 (AMAZON-02)
4 40.115.22.134 8075 (MICROSOFT...)
3 51.79.99.14 16276 (OVH)
1 52.25.152.156 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 9
8    2606:4700:3035::681f:483c (United States)

ASN13335 (CLOUDFLARENET, US)
busy.org
1    47.246.43.252 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
1    99.86.0.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-85.fra6.r.cloudfront.net
cdn.segment.com
4    40.115.22.134 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
min-api.cryptocompare.com
3    51.79.99.14 (Canada)

ASN16276 (OVH, FR)
PTR: ns567848.ip-51-79-99.net
anyx.io
1    52.25.152.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-152-156.us-west-2.compute.amazonaws.com
api.segment.io
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
8 busy.org busy.org
4 min-api.cryptocompare.com busy.org
3 anyx.io busy.org
2 www.google-analytics.com 1 redirects cdn.segment.com
1 stats.g.doubleclick.net
1 api.segment.io cdn.segment.com
1 cdn.segment.com busy.org
1 at.alicdn.com busy.org
20 8

This site contains links to these domains. Also see Links.

Domain
signup.steemit.com
steemconnect.com
bit.ly
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-09-03 -
2020-09-03		 a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2019-06-24 -
2020-07-01		 a year crt.sh
*.cryptocompare.com
Go Daddy Secure Certificate Authority - G2		 2018-05-31 -
2020-06-09		 2 years crt.sh
www.anyx.io
Let's Encrypt Authority X3		 2019-12-23 -
2020-03-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Frame ID: 9983D6EAE171D85B2ECE7AD53862820D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

20
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

9
IPs

5
Countries

1285 kB
Transfer

4136 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.google-analytics.com/r/collect?v=1&_v=j80&a=2117479994&t=pageview&_s=1&dl=%2Fexit&dp=%2Fexit&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEAB~&jid=60176014&gjid=1439094608&cid=1464385322.1580653737&tid=UA-87507611-1&_gid=885379256.1580653737&_r=1&z=1535875816 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87507611-1&cid=1464385322.1580653737&jid=60176014&_gid=885379256.1580653737&gjid=1439094608&_v=j80&z=1535875816

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request exit
busy.org/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
97d8b0c30744eecc425f422dd0c70679ba8aee71d753586ff1ffd68e8496881a

Request headers

:method
GET
:authority
busy.org
:scheme
https
:path
/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Sun, 02 Feb 2020 14:28:55 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=da08bb1550a8fd168ce8bce5db45cb4aa1580653734; expires=Tue, 03-Mar-20 14:28:54 GMT; path=/; domain=.busy.org; HttpOnly; SameSite=Lax
x-powered-by
Express
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55ecdab2f9bad721-FRA
content-encoding
br
vendor.540d059163879312f92a.css
busy.org/ 		255 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://busy.org/vendor.540d059163879312f92a.css
Requested by
Host: busy.org
URL: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d89009ca219f8bd192236075a80221fde4228aab16c73e84da7408ab13e8e671

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 02 Feb 2020 14:28:55 GMT
via
1.1 vegur
cf-cache-status
HIT
age
263736
x-powered-by
Express
status
200
content-encoding
br
last-modified
Thu, 05 Sep 2019 05:26:00 GMT
server
cloudflare
etag
W/"3fc5b-16cffe2f640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
cf-polished
origSize=261211
cf-ray
55ecdab87cd3d721-FRA
cf-bgj
minify
main.5bc4946a37b3454e0cbe.css
busy.org/ 		1020 KB
314 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://busy.org/main.5bc4946a37b3454e0cbe.css
Requested by
Host: busy.org
URL: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bca63d7f731d87137ff474c18606f54e739f2e4c8df516fde8b7ab3c0d994d45

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 02 Feb 2020 14:28:55 GMT
via
1.1 vegur
cf-cache-status
HIT
age
263736
x-powered-by
Express
status
200
content-encoding
br
last-modified
Thu, 05 Sep 2019 05:26:00 GMT
server
cloudflare
etag
W/"ff2c0-16cffe2f640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
cf-polished
origSize=1045184
cf-ray
55ecdab87cd6d721-FRA
cf-bgj
minify
bundle-manifest.7200a0804355a369b7ca.js
busy.org/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://busy.org/bundle-manifest.7200a0804355a369b7ca.js
Requested by
Host: busy.org
URL: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
80a021c06181bd70f35c1ab66dddcb7811ea63ba1882413f82a7894cfb6391c5

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 02 Feb 2020 14:28:55 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Thu, 05 Sep 2019 05:26:00 GMT
server
cloudflare
age
361472
x-powered-by
Express
etag
W/"25d8-16cffe2f640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
content-encoding
br
cache-control
public, max-age=604800
cf-ray
55ecdab87cd8d721-FRA
bundle-vendor.8f863607d3d8188248ee.js
busy.org/ 		1 MB
418 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://busy.org/bundle-vendor.8f863607d3d8188248ee.js
Requested by
Host: busy.org
URL: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7e29c5d820d3d9a3385d3cf5e85157c43eb6fa5e2b4ba95dba0d0db8c2ad6dd8

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 02 Feb 2020 14:28:55 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Thu, 05 Sep 2019 05:26:00 GMT
server
cloudflare
age
361472
x-powered-by
Express
etag
W/"17f2f8-16cffe2f640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
content-encoding
br
cache-control
public, max-age=604800
cf-ray
55ecdab87cd9d721-FRA
bundle-main.4bf7a55c80b95b73ac62.js
busy.org/ 		459 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://busy.org/bundle-main.4bf7a55c80b95b73ac62.js
Requested by
Host: busy.org
URL: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
23ea0bf0a28cdc57393f5b7af7134ddfa9594651794cc14463ae6e6a7747ab0d

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 02 Feb 2020 14:28:55 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Thu, 05 Sep 2019 05:26:00 GMT
server
cloudflare
age
263736
x-powered-by
Express
etag
W/"72a89-16cffe2f640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
content-encoding
br
cache-control
public, max-age=604800
cf-ray
55ecdab8bda2d721-FRA
font_317125_wqz6u4c8idi8jjor.css
at.alicdn.com/t/ 		39 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_317125_wqz6u4c8idi8jjor.css
Requested by
Host: busy.org
URL: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3def75e63ca9221c8b480ce5c72736ac219d54bb6a1b1cad62ac3d8010e3dcfd

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 21:56:36 GMT
content-encoding
gzip
x-oss-request-id
5E0A7294BB83833730175A80
content-md5
tydgv8JPYf7HWiG5F4plZw==
age
2910739
x-cache
HIT TCP_MEM_HIT dirn:9:48093601
status
200
x-swift-cachetime
62441395
x-swift-savetime
Tue, 07 Jan 2020 05:06:41 GMT
content-length
24840
via
cache63.l2de1[0,200-0,H], cache49.l2de1[20,0], cache14.de2[0,200-0,H], cache3.de2[1,0]
x-oss-object-type
Normal
last-modified
Mon, 07 May 2018 11:44:35 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1577742996
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
4954429068217155917
eagleid
2ff62b9715806537359404181e
x-oss-server-time
17
analytics.min.js
cdn.segment.com/analytics.js/v1/Ay9Wb79gdm4FZLeDtSdebm35wZ9KkFZQ/ 		473 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/Ay9Wb79gdm4FZLeDtSdebm35wZ9KkFZQ/analytics.min.js
Requested by
Host: busy.org
URL: https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.0.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-0-85.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6568bb753b9d5be46a52acd926fc4c2a7e8f7a1d8b93e25792191396df970c7

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id
SRnqR4WpJjLY8LndauLRsvzLCQd3DpOG
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
RefreshHit from cloudfront
status
200
x-amz-replication-status
COMPLETED
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
last-modified
Sat, 15 Sep 2018 19:30:13 GMT
server
AmazonS3
date
Sun, 02 Feb 2020 14:28:57 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
x-amz-cf-id
eogPUyQ0sBym1QaXZvmv3Pt-9f2YdSsziKFEmiNA7txN01AJ0ziTRg==
bundle-193.bf5c2639eec44ba6dd02.js
busy.org/ 		7 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://busy.org/bundle-193.bf5c2639eec44ba6dd02.js
Requested by
Host: busy.org
URL: https://busy.org/bundle-manifest.7200a0804355a369b7ca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a08ea220a83526b3c9188ee71ba3c8803fa958e569c17728d812aa51da28cac9

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 02 Feb 2020 14:28:56 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Thu, 05 Sep 2019 05:26:00 GMT
server
cloudflare
age
270454
x-powered-by
Express
etag
W/"1bfe-16cffe2f640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
content-encoding
br
cache-control
public, max-age=604800
cf-ray
55ecdaba7c11d721-FRA
bundle-280.486ea6ca5a6f630032ae.js
busy.org/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://busy.org/bundle-280.486ea6ca5a6f630032ae.js
Requested by
Host: busy.org
URL: https://busy.org/bundle-manifest.7200a0804355a369b7ca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:483c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d395001ecef23d1097b0bdead97c1f87003749c2336f85c57903647fa2288634

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 02 Feb 2020 14:28:56 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Thu, 05 Sep 2019 05:26:00 GMT
server
cloudflare
age
178304
x-powered-by
Express
etag
W/"3b7c-16cffe2f640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
content-encoding
br
cache-control
public, max-age=604800
cf-ray
55ecdaba8c14d721-FRA
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f0b4d15a7daf54c8f4362e72d4ee131107dbcb754c76b65252006f712845f03

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://busy.org

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://busy.org

Response headers

Content-Type
application/font-woff
truncated
/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://busy.org

Response headers

Content-Type
application/font-woff
truncated
/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://busy.org

Response headers

Content-Type
application/font-woff
histoday
min-api.cryptocompare.com/data/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://min-api.cryptocompare.com/data/histoday?fsym=STEEM&tsym=USD&limit=6
Requested by
Host: busy.org
URL: https://busy.org/bundle-main.4bf7a55c80b95b73ac62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.115.22.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
dab7f7ea354455a4a807e088f1577e76a029c9076631a4aa4f57e8c0afc3826e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Origin
https://busy.org

Response headers

Date
Sun, 02 Feb 2020 14:28:56 GMT
Content-Encoding
gzip
Server
nginx
CryptoCompare-Cache-HIT
true
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://busy.org
Cache-Control
public, max-age=610
Transfer-Encoding
chunked
CryptoCompare-Server-Id
ccc-api06
Content-Security-Policy
frame-ancestors 'none'
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Cookie, Set-Cookie, Authorization
histoday
min-api.cryptocompare.com/data/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://min-api.cryptocompare.com/data/histoday?fsym=STEEM&tsym=BTC&limit=6
Requested by
Host: busy.org
URL: https://busy.org/bundle-main.4bf7a55c80b95b73ac62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.115.22.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b4e7e2e14d1b5373d107360a4df64237c5a4a43110f98c164d83059781a61292
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Origin
https://busy.org

Response headers

Date
Sun, 02 Feb 2020 14:28:56 GMT
Content-Encoding
gzip
Server
nginx
CryptoCompare-Cache-HIT
true
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://busy.org
Cache-Control
public, max-age=610
Transfer-Encoding
chunked
CryptoCompare-Server-Id
ccc-api01
Content-Security-Policy
frame-ancestors 'none'
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Cookie, Set-Cookie, Authorization
histoday
min-api.cryptocompare.com/data/ 		148 B
740 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://min-api.cryptocompare.com/data/histoday?fsym=SBD*&tsym=USD&limit=6
Requested by
Host: busy.org
URL: https://busy.org/bundle-main.4bf7a55c80b95b73ac62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.115.22.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2ceec66c0a4420a904e3f93dd735cb158b1155ada3c04785bb5a648969167c43
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Origin
https://busy.org

Response headers

Date
Sun, 02 Feb 2020 14:28:56 GMT
Content-Encoding
gzip
Server
nginx
CryptoCompare-Cache-HIT
false
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://busy.org
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
CryptoCompare-Server-Id
ccc-api04
Content-Security-Policy
frame-ancestors 'none'
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Cookie, Set-Cookie, Authorization
histoday
min-api.cryptocompare.com/data/ 		148 B
740 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://min-api.cryptocompare.com/data/histoday?fsym=SBD*&tsym=BTC&limit=6
Requested by
Host: busy.org
URL: https://busy.org/bundle-main.4bf7a55c80b95b73ac62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.115.22.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2ceec66c0a4420a904e3f93dd735cb158b1155ada3c04785bb5a648969167c43
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Origin
https://busy.org

Response headers

Date
Sun, 02 Feb 2020 14:28:56 GMT
Content-Encoding
gzip
Server
nginx
CryptoCompare-Cache-HIT
false
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://busy.org
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
CryptoCompare-Server-Id
ccc-api09
Content-Security-Policy
frame-ancestors 'none'
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Cookie, Set-Cookie, Authorization
/
anyx.io/ 		356 B
693 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://anyx.io/
Requested by
Host: busy.org
URL: https://busy.org/bundle-vendor.8f863607d3d8188248ee.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.79.99.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns567848.ip-51-79-99.net
Software
nginx /
Resource Hash
e7a36a09b29811e2e68904d245bb3e83486d10a9456fd7743d33b5ca1b57dfe7

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Origin
https://busy.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 02 Feb 2020 14:28:56 GMT
Server
nginx
Host
anyx.io
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Accept,Content-Type,Origin,user-agent
Content-Length
356
X-Cached
HIT
/
anyx.io/ 		92 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://anyx.io/
Requested by
Host: busy.org
URL: https://busy.org/bundle-vendor.8f863607d3d8188248ee.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.79.99.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns567848.ip-51-79-99.net
Software
nginx /
Resource Hash
f6b91710b05d4d3e8d7a3c3e4c450f745d59ef4f949e55382e7ee20da50f6ddc

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Origin
https://busy.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 02 Feb 2020 14:28:56 GMT
Server
nginx
Host
anyx.io
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Accept,Content-Type,Origin,user-agent
Content-Length
92
X-Cached
HIT
/
anyx.io/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://anyx.io/
Requested by
Host: busy.org
URL: https://busy.org/bundle-vendor.8f863607d3d8188248ee.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.79.99.14 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns567848.ip-51-79-99.net
Software
nginx /
Resource Hash
529a18e73b89fbfa6f3842455200b05108d27e1b9ad412f827c3545ba36f2359

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Origin
https://busy.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 02 Feb 2020 14:28:56 GMT
Content-Encoding
gzip
Server
nginx
Host
anyx.io
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Accept,Content-Type,Origin,user-agent
X-Cached
HIT
p
api.segment.io/v1/ 		21 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Ay9Wb79gdm4FZLeDtSdebm35wZ9KkFZQ/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.152.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-152-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
Origin
https://busy.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Sun, 02 Feb 2020 14:28:57 GMT
access-control-allow-origin
https://busy.org
content-length
21
vary
Origin
content-type
application/json
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Ay9Wb79gdm4FZLeDtSdebm35wZ9KkFZQ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jan 2020 01:10:36 GMT
server
Golfe2
age
6923
date
Sun, 02 Feb 2020 12:33:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17926
expires
Sun, 02 Feb 2020 14:33:33 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j80&a=2117479994&t=pageview&_s=1&dl=%2Fexit&dp=%2Fexit&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEAB~&jid=60176014&gji...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87507611-1&cid=1464385322.1580653737&jid=60176014&_gid=885379256.1580653737&gjid=1439094608&_v=j80&z=1535875816
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87507611-1&cid=1464385322.1580653737&jid=60176014&_gid=885379256.1580653737&gjid=1439094608&_v=j80&z=1535875816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://busy.org/exit?url=http%3A%2F%2Fbit.ly%2FAves-De-Presa&post=-190015253_21&cc_key=Aves-De-Presa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sun, 02 Feb 2020 14:28:56 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Feb 2020 14:28:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87507611-1&cid=1464385322.1580653737&jid=60176014&_gid=885379256.1580653737&gjid=1439094608&_v=j80&z=1535875816
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| analytics object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| GoogleAnalyticsObject function| ga function| normalize object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.busy.org/ Name: ajs_user_id
Value: null
.busy.org/ Name: ajs_anonymous_id
Value: %2287c91bca-a497-41c1-9088-7c69d3ee06cd%22
.busy.org/ Name: ajs_group_id
Value: null
.busy.org/ Name: __cfduid
Value: da08bb1550a8fd168ce8bce5db45cb4aa1580653734

1 Console Messages

Source Level URL
Text
console-api log URL: https://busy.org/bundle-main.4bf7a55c80b95b73ac62.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anyx.io
api.segment.io
at.alicdn.com
busy.org
cdn.segment.com
min-api.cryptocompare.com
stats.g.doubleclick.net
www.google-analytics.com
2606:4700:3035::681f:483c
2a00:1450:4001:806::200e
2a00:1450:400c:c00::9c
40.115.22.134
47.246.43.252
51.79.99.14
52.25.152.156
99.86.0.85
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
23ea0bf0a28cdc57393f5b7af7134ddfa9594651794cc14463ae6e6a7747ab0d
2ceec66c0a4420a904e3f93dd735cb158b1155ada3c04785bb5a648969167c43
3def75e63ca9221c8b480ce5c72736ac219d54bb6a1b1cad62ac3d8010e3dcfd
529a18e73b89fbfa6f3842455200b05108d27e1b9ad412f827c3545ba36f2359
5f0b4d15a7daf54c8f4362e72d4ee131107dbcb754c76b65252006f712845f03
7e29c5d820d3d9a3385d3cf5e85157c43eb6fa5e2b4ba95dba0d0db8c2ad6dd8
80a021c06181bd70f35c1ab66dddcb7811ea63ba1882413f82a7894cfb6391c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff
97d8b0c30744eecc425f422dd0c70679ba8aee71d753586ff1ffd68e8496881a
a08ea220a83526b3c9188ee71ba3c8803fa958e569c17728d812aa51da28cac9
b4e7e2e14d1b5373d107360a4df64237c5a4a43110f98c164d83059781a61292
ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae
bca63d7f731d87137ff474c18606f54e739f2e4c8df516fde8b7ab3c0d994d45
d395001ecef23d1097b0bdead97c1f87003749c2336f85c57903647fa2288634
d89009ca219f8bd192236075a80221fde4228aab16c73e84da7408ab13e8e671
dab7f7ea354455a4a807e088f1577e76a029c9076631a4aa4f57e8c0afc3826e
e7a36a09b29811e2e68904d245bb3e83486d10a9456fd7743d33b5ca1b57dfe7
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
f6568bb753b9d5be46a52acd926fc4c2a7e8f7a1d8b93e25792191396df970c7
f6b91710b05d4d3e8d7a3c3e4c450f745d59ef4f949e55382e7ee20da50f6ddc