![](/screenshots/f24a2466-51e6-4281-b4c9-765e1cbdf3e0.png)
obras.expansion.mx
Open in
urlscan Pro
18.245.31.44
Public Scan
Effective URL: https://obras.expansion.mx/?j=116987&sfmc_sub=68240697&l=1369_HTML&u=1505466&mid=546000771&jb=4010
Submission: On June 19 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on April 3rd 2024. Valid for: a year.
This is the only time obras.expansion.mx was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14340 (SALESFORCE, US)
PTR: ajn79.mta.exacttarget.com
click.email.expansion.mx |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-44.fra56.r.cloudfront.net
obras.expansion.mx |
ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-122.fra60.r.cloudfront.net
cdn-3.expansion.mx |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.gstatic.com | |
fonts.gstatic.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net
sb.scorecardresearch.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
fundingchoicesmessages.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
expansion.mx
1 redirects
click.email.expansion.mx obras.expansion.mx cdn-3.expansion.mx — Cisco Umbrella Rank: 74204 |
407 KB |
7 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744 region1.analytics.google.com — Cisco Umbrella Rank: 3125 |
127 KB |
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
338 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204 |
160 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
383 KB |
4 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 |
178 KB |
3 |
newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7141 |
2 KB |
3 |
scorecardresearch.com
1 redirects
sb.scorecardresearch.com — Cisco Umbrella Rank: 188 |
3 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268 |
11 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 114 |
4 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 8088 |
126 B |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
7 KB |
1 |
mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9543 |
47 KB |
1 |
retargetly.com
api.retargetly.com — Cisco Umbrella Rank: 5862 |
588 B |
76 | 14 |
Domain | Requested by | |
---|---|---|
31 | cdn-3.expansion.mx |
obras.expansion.mx
cdn-3.expansion.mx |
4 | fundingchoicesmessages.google.com |
securepubads.g.doubleclick.net
|
4 | fonts.gstatic.com |
fonts.googleapis.com
obras.expansion.mx |
4 | connect.facebook.net |
obras.expansion.mx
connect.facebook.net |
4 | www.googletagmanager.com |
obras.expansion.mx
www.googletagmanager.com |
4 | obras.expansion.mx |
obras.expansion.mx
|
3 | events.newsroom.bi |
sdk.mrf.io
|
3 | region1.analytics.google.com |
www.googletagmanager.com
|
3 | sb.scorecardresearch.com |
1 redirects
obras.expansion.mx
|
3 | cdnjs.cloudflare.com |
obras.expansion.mx
|
2 | www.facebook.com |
obras.expansion.mx
|
2 | www.google.de |
obras.expansion.mx
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
|
2 | fonts.googleapis.com |
cdn-3.expansion.mx
|
2 | www.gstatic.com |
obras.expansion.mx
|
2 | securepubads.g.doubleclick.net |
obras.expansion.mx
securepubads.g.doubleclick.net |
1 | sdk.mrf.io |
obras.expansion.mx
|
1 | api.retargetly.com |
obras.expansion.mx
|
1 | click.email.expansion.mx | 1 redirects |
76 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
expansion.mx |
twitter.com |
www.facebook.com |
politica.expansion.mx |
www.wavin.com |
tienda.grupoexpansion.com |
grupoexpansion.com |
www.quien.com |
lifeandstyle.mx |
www.manufactura.mx |
elle.mx |
Subject Issuer | Validity | Valid | |
---|---|---|---|
expansion.mx Amazon RSA 2048 M02 |
2024-04-03 - 2025-05-03 |
a year | crt.sh |
*.expansion.mx Amazon RSA 2048 M03 |
2023-10-24 - 2024-11-19 |
a year | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-03-28 - 2024-06-26 |
3 months | crt.sh |
retargetly.com E5 |
2024-06-10 - 2024-09-08 |
3 months | crt.sh |
sdk.mrf.io E1 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA |
2023-12-11 - 2024-12-10 |
a year | crt.sh |
*.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google.de WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
ssl03.cert.cl11.k8s.mrf.io R3 |
2024-06-03 - 2024-09-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://obras.expansion.mx/?j=116987&sfmc_sub=68240697&l=1369_HTML&u=1505466&mid=546000771&jb=4010
Frame ID: DCDAE9CD240A77A9A797DD3F0CFEDA0B
Requests: 76 HTTP requests in this frame
Screenshot
![](/screenshots/f24a2466-51e6-4281-b4c9-765e1cbdf3e0.png)
Page Title
Obras | Construcción, Interiorismo, Arquitectura y másPage URL History Show full URLs
-
https://click.email.expansion.mx/?qs=33e366b96caa6ef16c2faa0642b01fb11daf614a7bef46c15e7a41a859e4c6f685d062e4...
HTTP 302
https://obras.expansion.mx/?j=116987&sfmc_sub=68240697&l=1369_HTML&u=1505466&mid=546000771&jb=4010 Page URL
Detected technologies
![](/vendor/wappa/icons/Firebase.png)
Detected patterns
- /(?:([\d.]+)/)?firebase(?:\.min)?\.js
- /firebasejs/([\d.]+)/firebase
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
Title: Expansión
Search URL Search Domain Scan URL
Title: revistaobras
Search URL Search Domain Scan URL
Title: Obrasweb.mx
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Presentado por: Amanco Wavin
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Infonavit para todas las personas
Search URL Search Domain Scan URL
Title: Accidente en Viaducto Tlalpan, CDMX, deja dos muertos
Search URL Search Domain Scan URL
Title: Uso de cascos certificados para motociclistas reduce probabilidad de accidentes
Search URL Search Domain Scan URL
Title: Hoy no circula 19 de junio de 2024: ¿qué autos no salen este miércoles?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Publicidad
Search URL Search Domain Scan URL
Title: Compliance
Search URL Search Domain Scan URL
Title: Quién
Search URL Search Domain Scan URL
Title: Life and Style
Search URL Search Domain Scan URL
Title: Expansión PolÃtica
Search URL Search Domain Scan URL
Title: Manufactura
Search URL Search Domain Scan URL
Title: Elle
Search URL Search Domain Scan URL
Title: Grupo Expansión
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.email.expansion.mx/?qs=33e366b96caa6ef16c2faa0642b01fb11daf614a7bef46c15e7a41a859e4c6f685d062e4dfa6c5920f1b90391e9fa95fff635b001e4921bd9f39e29bea15a787
HTTP 302
https://obras.expansion.mx/?j=116987&sfmc_sub=68240697&l=1369_HTML&u=1505466&mid=546000771&jb=4010 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 66- https://sb.scorecardresearch.com/c2/6906551/cs.js HTTP 302
- https://sb.scorecardresearch.com/internal-c2/6906551/cs.js
76 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
obras.expansion.mx/ Redirect Chain
|
95 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
All.min.8e884d890b93f578193efe5d9086ce23.gz.css
cdn-3.expansion.mx/resource/0000016e-d155-dcec-a17e-dfddd98e0000/styleguide/skins/obras/ |
750 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.5/ |
39 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
videojs.ads.css
cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.6.5/ |
975 B 569 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
videojs.ima.min.css
cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.6.2/ |
2 KB 944 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
All.min.1230d2f75a8d113edbe69dd4d415215b.gz.js
cdn-3.expansion.mx/resource/0000016e-d155-dcec-a17e-dfddd98e0000/styleguide/ |
338 KB 106 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
101 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
expansion-obras.svg
cdn-3.expansion.mx/25/7e/681a05844532b4f0acaf574ba632/ |
7 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fallback-image.png
obras.expansion.mx/styleguide/assets/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comscore-logo-new-white.gif
cdn-3.expansion.mx/16/67/192d358846b2bef67e880927ed50/ |
746 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase.js
www.gstatic.com/firebasejs/4.9.1/ |
389 KB 114 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/4.9.1/ |
18 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
282 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter.png
cdn-3.expansion.mx/b3/f0/a1081eb14078914240c18da75e91/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
x-white.png
cdn-3.expansion.mx/9a/f2/6c50da7848459d26e4623e4dd22e/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.2a0764798445cd8df7e62f6a0ed2e433.woff
cdn-3.expansion.mx/resource/0000016e-d155-dcec-a17e-dfddd98e0000/styleguide/assets/fonts/icons-obras/ |
8 KB 9 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/02fdf6d/2147483647/strip/true/crop/1084x610+3+0/resize/787x443!/format/webp/quality/80/ |
48 KB 48 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/99d4fba/2147483647/strip/true/crop/2124x1200+858+0/resize/384x217!/format/webp/quality/60/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/42dd207/2147483647/strip/true/crop/1851x1046+5+0/resize/384x217!/format/webp/quality/60/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/cc31435/2147483647/strip/true/crop/1361x768+2+0/resize/390x220!/format/webp/quality/60/ |
8 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/27c586e/2147483647/strip/true/crop/1954x1102+0+217/resize/172x97!/format/webp/quality/60/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/da0ce63/2147483647/strip/true/crop/2303x1299+3+0/resize/172x97!/format/webp/quality/60/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/e1782c4/2147483647/strip/true/crop/3865x2180+0+198/resize/172x97!/format/webp/quality/60/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/4f1b476/2147483647/strip/true/crop/2128x1200+856+0/resize/172x97!/format/webp/quality/60/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/95f8f62/2147483647/strip/true/crop/1114x628+43+0/resize/172x97!/format/webp/quality/60/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/d1bc264/2147483647/strip/true/crop/1170x660+0+181/resize/172x97!/format/webp/quality/60/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/ |
467 KB 146 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
308 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
301 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
226 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
219 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader
api.retargetly.com/ |
0 588 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
marfeel-sdk.js
sdk.mrf.io/statics/ |
173 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
sb.scorecardresearch.com/ |
0 225 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72776159
fundingchoicesmessages.google.com/i/ |
197 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/d5aaaf4/2147483647/strip/true/crop/1707x963+0+159/resize/172x97!/format/webp/quality/60/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/5f74681/2147483647/strip/true/crop/1277x720+2+0/resize/172x97!/format/webp/quality/60/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/4f798f6/2147483647/strip/true/crop/1114x628+43+0/resize/172x97!/format/webp/quality/60/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/547a8bf/2147483647/strip/true/crop/3602x2031+0+1671/resize/172x97!/format/webp/quality/60/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/7ed193b/2147483647/strip/true/crop/3990x2250+5+0/resize/172x97!/format/webp/quality/60/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/4429fc8/2147483647/strip/true/crop/729x411+0+36/resize/172x97!/format/webp/quality/60/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/dd8238a/2147483647/strip/true/crop/5453x3075+0+83/resize/172x97!/format/webp/quality/60/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/d5b5bc6/2147483647/strip/true/crop/1280x722+0+66/resize/172x97!/format/webp/quality/60/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
291117631507716
connect.facebook.net/signals/config/ |
60 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 247 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/ecce77f/2147483647/strip/true/crop/1546x872+2+0/resize/172x97!/format/webp/quality/60/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ingest.php
events.newsroom.bi/ |
50 B 850 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxXcvbHxYOzYJ5zWVpCHY-VfcbElktLYYwQrUgGEG7VKiuXeymtXYCiveJewvOdsJQI3OD5LBKUGlfBMTOL328aYIUypz3f8LvByecQIUxJZidTiQUrXIeKMWb0MDvoZD_z00KSHyw==
fundingchoicesmessages.google.com/f/ |
403 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rfv.php
events.newsroom.bi/data/ |
27 B 473 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
109 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ |
125 KB 126 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUnNlbgJNZ4Noia8qCk2LI7T12b21aUpdkc2pvhxOi8ZmCRLJJ6l-PbA6JbnlqCMG8PsaI5l2nHLRwihm544hbaV0ZWKTLJml3uEhvDLTDDtc_O1XUsGfBHHB0mZaC2unEm2ve9PQ==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUnNlbgJNZ4Noia8qCk2LI7T12b21aUpdkc2pvhxOi8ZmCRLJJ6l-PbA6JbnlqCMG8PsaI5l2nHLRwihm544hbaV0ZWKTLJml3uEhvDLTDDtc_O1XUsGfBHHB0mZaC2unEm2ve9PQ==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ingest.php
events.newsroom.bi/ |
2 B 778 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs.js
sb.scorecardresearch.com/internal-c2/6906551/ Redirect Chain
|
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/8996d2a/2147483647/strip/true/crop/675x675+263+0/resize/400x400!/format/webp/quality/60/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/ceef115/2147483647/strip/true/crop/675x675+263+0/resize/400x400!/format/webp/quality/60/ |
9 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/32726e9/2147483647/strip/true/crop/600x600+70+0/resize/400x400!/format/webp/quality/60/ |
11 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/a12f249/2147483647/strip/true/crop/675x675+263+0/resize/400x400!/format/webp/quality/60/ |
7 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon-16x16.png
obras.expansion.mx/ |
353 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
cdn-3.expansion.mx/dims4/default/88b7974/2147483647/strip/true/crop/600x600+100+0/resize/400x400!/format/webp/quality/60/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon-32x32.png
obras.expansion.mx/ |
652 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
141 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage object| googletag object| dataLayer function| fbAsyncInit object| m object| metas object| data string| s object| meta string| contentId string| section string| especial string| keywords string| REFRESH_KEY string| REFRESH_VALUE function| _rl_gen_sg object| top_inf_all object| banner_intext_all object| picturefillCFG function| picturefill function| $ function| jQuery undefined| define function| setImmediate function| clearImmediate function| polyfill function| isMicrosoftBrowser object| w object| d function| objectFitImages object| lazySizes object| FB object| ggeac object| google_tag_data object| google_js_reporting_queue object| firebase function| webpackJsonpFirebase object| google_tag_manager function| postscribe object| google_tag_manager_external function| fbq function| _fbq number| _rl_cn string| _rl_ptc object| _rl_ids object| _rely function| e function| t object| marfeel object| zz object| __buffer undefined| google_measure_js_timing object| google_reactive_ads_global_state function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunk_marfeel_marfeel_sdk object| tp function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __mrfCompass object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZGY1YWEyYTEyOGVjZWM0NmxvYWRlcl9qcw== string| ZGY1YWEyYTEyOGVjZWM0NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| cert_CustomCounters object| cert_CustomAttributes function| cert_qVal function| cert_getCookie function| cert_setCookie function| cert_getReferrer function| cert_getProtocol function| cert_setOrigin function| cert_getFlashVersion function| cert_getURL function| cert_addCustomAttribute function| cert_addCustomCounter function| cert_getCustomTags function| cert_getURL_eCommerce function| cert_registerHit function| cert_registerHitAndRedirect function| cert_registerHitAndOpenWindow function| cert_registerHitAndReplaceOtherFrame function| cert_registerHitAndReplaceThisFrame function| cert_registerHitAndDownloadFile function| cert_getAnchor function| tagCertifica_migrated function| tagCertifica function| tagCertifica_eCommerce function| cert_registerPeriodicHit function| cert_getReferrer14 string| DEFAULT_PIVOT_NAME number| DEFAULT_REDIRECT_TIME number| DEFAULT_PERIODIC_REDIRECT_TIME string| DEFAULT_ORIGIN_COOKIE_NAME object| ns_9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.expansion.mx/ | Name: _gcl_au Value: 1.1.1535289791.1718802443 |
|
.expansion.mx/ | Name: _ga_QK8EY2TQJF Value: GS1.1.1718802444.1.0.1718802444.60.0.0 |
|
.expansion.mx/ | Name: _ga Value: GA1.1.742272340.1718802444 |
|
.expansion.mx/ | Name: ___nrbic Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1718802444%2C%22currentVisitStarted%22%3A1718802444%2C%22sessionId%22%3A%224b5db2c7-f1fe-4f13-99ad-e5ae4039b703%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//obras.expansion.mx/%3Fj%3D116987%26sfmc_sub%3D68240697%26l%3D1369_HTML%26u%3D1505466%26mid%3D546000771%26jb%3D4010%22%2C%22referrer%22%3A%22%22%7D |
|
.expansion.mx/ | Name: ___nrbi Value: %7B%22firstVisit%22%3A1718802444%2C%22userId%22%3A%229d3591e3-2f25-49c3-b2dc-360983a38236%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1718802444%2C%22timesVisited%22%3A1%7D |
|
.expansion.mx/ | Name: compass_uid Value: 9d3591e3-2f25-49c3-b2dc-360983a38236 |
|
.expansion.mx/ | Name: _fbp Value: fb.1.1718802444667.942713798277381370 |
|
.expansion.mx/ | Name: _ga_94SC6NG1GX Value: GS1.1.1718802444.1.0.1718802446.58.0.0 |
|
obras.expansion.mx/ | Name: cert_Origin Value: directo |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.retargetly.com
cdn-3.expansion.mx
cdnjs.cloudflare.com
click.email.expansion.mx
connect.facebook.net
events.newsroom.bi
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
obras.expansion.mx
region1.analytics.google.com
sb.scorecardresearch.com
sdk.mrf.io
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
www.gstatic.com
128.245.209.79
142.250.184.194
142.250.185.110
142.250.185.67
157.240.252.13
172.67.159.162
172.67.8.244
18.172.112.122
18.244.18.38
18.245.31.44
2001:4860:4802:34::36
2606:4700::6811:180e
2a00:1450:4001:801::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c1f::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
57.128.96.94
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
047c4d845ac0361c257d4f2497fb1aab5d0c48be14521565b96a54ab9418c381
06d62bd92399fb8022a80d5f2d94006353376d85b14e0a2acf069df58f051354
078db45a2e4fe30f043ca223c81a34113ac038aea2fc94ae7dd6e9742f79d43f
07bd95813879d281aed8b997de622ca7d58b9aa7e4d6f31654bff5db91c3704d
08c458d8b3513d7d8cb40123880f53a3ca87cb3bae9e0e8fff7cf07af631c3c2
1061488c183e5237026e938064e5abc8bfc30a79be5cd9a7ee2b13beb86557cb
174c2bf88c9926b9e610cc56cccec158a22a91f23e624ead701cf91ea3d06741
1bcf6b3cfc3f9e09e45cb56ad5b0cb21b2a32f30c2f32e5e2fbfa8926ddc9cbc
201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988
254fea8f99ee9aee54119f30e650795fe8100bbaf35a46214fa54b2993b867d8
291faf2a5333349757b6b06b3c744249abfcd417fe4f73befac7b69d21acb243
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2fb9d0a062f3f0f927b7df8255df418814c6ebfe37bb18f3d8d5138fffc795b5
319b18df3e81a05a2e43eeb3f09d807f16d3a34867810543d70e3e5554cf2063
369da20b2aa035a43eed4851a353da93f1902c991eb5bd80c20b8c83f2d51752
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d133d8ae5689ae0758d06ae4b878c41776d4bdf321c1ecd052c7ac7583f051f
55f408b17b00caba210fc40a985b0dadbd4f2b5d3323e59f728047f6060c02ce
592831518f51bc2ee94ab5604cb842c6a3a1b77f76ab0b9e90d452ff6c174d2b
5e35f13b482702d40e0e759c86cbfc60532e04c6e3e48baff96993cc88dd0512
60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696
643b89b96928f50c40516d637e7ac6b5c516f5b512d199b694ed5e3ddd010af7
678a4d6581f505cb75a4427f65abfbbf73ab4e17e07fbdce97fe50069562b97a
67bd86a47830e0269c059c973aebe4406df2ff49d57ba3ec7e8d00e5f972308b
6a084dcc2e7cc9dbe0df40b1cdf4910c226ffa134cbb76368fe2890a15411bd8
6a22a8044c0516fe77d1588bfabd834caf360b43d209ef222c9165b602c37acf
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
73f3a53df325caebd64a88784f95ea7829b54d8a45216cdad7eb6114dc842b9b
744dcb4c69d4c9359dda9148e41b4181262d7bedff00fc74d774e899a5c95409
78c3e53076afc9fd49bba892cf1909f48a67d2913d554099630684f677092fbb
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7c3c2c670cdfe06cd97770491d822f4a893e71db132eec2a43a0ce25f196182f
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83791186b5750ee6830ad1d02862dbc0a806d91ac125c937606be109ee283bda
8d3ea7a8365c1b54428993d63797a3863a32693999e387ddae64625ac700a3f1
919886fd8554add08e874a4a3bb59086bd62f1c2d19ebb589a295b3e52305ebe
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
94e55c38e6d9f397f525617b800ca8b11a4ce461231c991cee4bfffd7639308f
9899364b57986493bb8e81240f0d40ce96d8c14f8b8916366c331167e98db0c0
98f22f01b38a37bfe27adb55f50bcd5d832aee96c6203987dde2e719807fc95f
9b9cc844ccfb0452a3a9dd57bcf1310ea33f147f1c54bdb2c679014b9eab3cc5
9cc4b95e288551446ebc04638ae78c33880c8ae204a5d5859a08365fe7656fc5
a175ef40b12d7e5dce0c131d62b4456e049799a2bf4c7d201da5456eb4661ef8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abcdcd837e6d67db7bc375d96bedd1990178c2b2b7aa9be4763fab7e76f43559
aeb34637940c6b7b56c08624a8a369bfa379064df6958b749aef52050f19580d
b494e9f9074f0aaf57abed9df8423468d50dba7a9147c129695f12184b6137dd
b96722622e43d1e30047f0d75e1f1d2eb155085a76da1a5522090cd837b1fed2
b9994d080c03e958e575b0182b016f1c4525f4edea3c43c7d266e66178905d56
babf371021b3e3ab45db0316129b166d05f1cde7c6434ee79cbd2d366ca8b2f1
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1d08920433c16a5c1445bd6138273f479fd27fd2b857c7c75f2699c5ae8e4e7
cedb85f19313bc6a8cc18d77e841eaa077e41f56c257325ea4a0128513732689
d20979c0e3497ee33d79ed9774d7b98ea23016d43d6e7098e5bd557cb02b28d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e772c0c4ba01f963a582d0d4c4d661b15da2d41acb64836737e22143dec39f61
ebb4d30ca938b3af0b52d286a241313a2446b9fe8a82088084c279286a9d6924
ed87eabee8556762a708276661977d3fbe7e1f05370ed06babddd4e60bddc88b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7886fd9ff3b86e62b16b564bf28b8e7753d8509b37d6611c56a2cfd49e7fb7d
fb6892c131b9e747ff16ea8e241bbdbbd0656dca4cab6c508501d91a5d243b10
fc804514e90e495ff632257f48878c4338c925016cb8c7c72af34042a88b9c07
ff1fb0aeadc4fdde1e7920a8e5670c07c9fa53888585eda6818e8bcd6d23b556