urlscan.io logo urlscan.io
SecurityTrails logo

mb-farm.com Open in urlscan Pro
210.252.64.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.google.com/aclk?sa=l&ai=DChcSEwjs6eCjv6bkAhWadmAKHVIJCRQYABAAGgJ0bQ&sig=AOD64_2BLkkgHwYQelqrPGiPrbkfScXCpA&...
Effective URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Submission: On August 28 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 24 HTTP transactions. The main IP is 210.252.64.59, located in Japan and belongs to YAHOO-2 Yahoo Japan Corporation, JP. The main domain is mb-farm.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on June 20th 2019. Valid for: 6 months.
This is the only time mb-farm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.23.162 15169 (GOOGLE)
4 210.252.64.59 24296 (YAHOO-2 Y...)
2 23.111.9.35 33438 (HIGHWINDS2)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.35.253.50 16509 (AMAZON-02)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
24 13
2    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    172.217.23.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net
www.googleadservices.com
4    210.252.64.59 (Japan)

ASN24296 (YAHOO-2 Yahoo Japan Corporation, JP)
PTR: bear-blue-0b9db274c996a224.znlc.jp
mb-farm.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
2    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    13.35.253.50 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-50.fra6.r.cloudfront.net
sdk.form.run
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
5 connect.facebook.net mb-farm.com
connect.facebook.net
4 mb-farm.com mb-farm.com
2 www.facebook.com mb-farm.com
2 maxcdn.bootstrapcdn.com mb-farm.com
2 use.fontawesome.com mb-farm.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 www.google.com 1 redirects mb-farm.com
1 www.google.de mb-farm.com
1 staticxx.facebook.com connect.facebook.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googletagmanager.com mb-farm.com
1 sdk.form.run mb-farm.com
1 cdnjs.cloudflare.com mb-farm.com
1 fonts.googleapis.com mb-farm.com
24 14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
pdaa-mongol.com
Subject Issuer Validity Valid
mb-farm.com
Encryption Everywhere DV TLS CA - G2		 2019-06-20 -
2019-12-17		 6 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2018-09-17 -
2019-11-21		 a year crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
sdk.form.run
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Frame ID: 485C583E058451EBC05AB933ED743C49
Requests: 23 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 3A45D2D17D600BCB7C7284CD0A9C9780
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.google.com/aclk?sa=l&ai=DChcSEwjs6eCjv6bkAhWadmAKHVIJCRQYABAAGgJ0bQ&sig=AOD64_2BLkkgHwY... HTTP 302
    https://www.googleadservices.com/pagead/aclk?sa=L&ai=CyUFJDvBmXeyqGprtgQPSkqSgAZ21tOhXp52v3v4Jpr2JidAKCAMQASg... HTTP 302
    https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

14
Subdomains

13
IPs

5
Countries

589 kB
Transfer

1475 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.google.com/aclk?sa=l&ai=DChcSEwjs6eCjv6bkAhWadmAKHVIJCRQYABAAGgJ0bQ&sig=AOD64_2BLkkgHwYQelqrPGiPrbkfScXCpA&q=&ved=2ahUKEwjOvtujv6bkAhWPx4sBHQYFCNIQ0Qx6BAgNEAE&adurl= HTTP 302
    https://www.googleadservices.com/pagead/aclk?sa=L&ai=CyUFJDvBmXeyqGprtgQPSkqSgAZ21tOhXp52v3v4Jpr2JidAKCAMQASgCYImzxoT0E6ABxeaH1wLIAQGpAhCQKF6ZQ0Q-yAPYIKoEPU_QyHQWX9mNVdw-E2DFYE8oEmvpGN-xH6hoi6o4kxxI8p2BZSK770fvtcDmeC3BAwbERpuy1sg-rZfUl7HABKyVieukAqAGUYAHo5n4qAGQBwOoB6a-G6gH2csbqAfPzBuoB_PRG9gHAbAIAdIIBBABIASaCRtodHRwczovL21iLWZhcm0uY29tL2NhbXAwMy-xCb1eOTJSow5zuQm9XjkyUqMOc_gJAZgLAQ&ved=2ahUKEwjOvtujv6bkAhWPx4sBHQYFCNIQ0Qx6BAgNEAE&dblrd=1&val=GghpIOE_dTGhfyABKAAw0d2fns2Al7tXOOTgm-sFQOTgm-sF&sig=AOD64_0GiyN2Nbe40ksRBVVvsXYnszHd_w&adurl=https://mb-farm.com/camp03/ HTTP 302
    https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mb-farm.com/camp03/
Redirect Chain
  • https://www.google.com/aclk?sa=l&ai=DChcSEwjs6eCjv6bkAhWadmAKHVIJCRQYABAAGgJ0bQ&sig=AOD64_2BLkkgHwYQelqrPGiPrbkfScXCpA&q=&ved=2ahUKEwjOvtujv6bkAhWPx4sBHQYFCNIQ0Qx6BAgNEAE&adurl=
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CyUFJDvBmXeyqGprtgQPSkqSgAZ21tOhXp52v3v4Jpr2JidAKCAMQASgCYImzxoT0E6ABxeaH1wLIAQGpAhCQKF6ZQ0Q-yAPYIKoEPU_QyHQWX9mNVdw-E2DFYE8oEmvpGN-xH6hoi6o4kxx...
  • https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.252.64.59 , Japan, ASN24296 (YAHOO-2 Yahoo Japan Corporation, JP),
Reverse DNS
bear-blue-0b9db274c996a224.znlc.jp
Software
Apache /
Resource Hash
99e779b554e2ba057820cd5a9a0e56f73e2aed0c7a1a9aea9a441d59067eaa1d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
mb-farm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Wed, 28 Aug 2019 21:21:41 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Last-Modified
Thu, 22 Aug 2019 01:55:03 GMT
ETag
"8814f451-7a64-590aafa6a2a4c"
Accept-Ranges
bytes
Content-Length
31332
Keep-Alive
timeout=2, max=300
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

status
302
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 28 Aug 2019 21:21:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
adclick_server
content-length
0
x-xss-protection
0
set-cookie
Conversion=EhMI1OH3zL-m5AIVi-J3Ch0TDgx5GAEgnemp5-XOqtm1AUgBkAGnna_e_gmYAQA; expires=Tue, 26-Nov-2019 21:21:40 GMT; path=/pagead/conversion/719450949/
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
all.css
use.fontawesome.com/releases/v5.6.1/css/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:41 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 17:44:03 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"b8085bf2c839791244bd95f56fb93c01"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.3/css/ 		95 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.3/css/bootstrap.min.css
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
1f1ab1e885f13eeeefbe3ae4f9fbda1859241500623073f48224969370edf1fd

Request headers

Sec-Fetch-Mode
cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Origin
https://mb-farm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:41 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:08 GMT
status
200
etag
"1544639648"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
16660
style.css
mb-farm.com/camp03/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mb-farm.com/camp03/css/style.css
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.252.64.59 , Japan, ASN24296 (YAHOO-2 Yahoo Japan Corporation, JP),
Reverse DNS
bear-blue-0b9db274c996a224.znlc.jp
Software
Apache /
Resource Hash
9d7efc2c3c4fdfc231b11cc564047b846371003e14f658e33d8e69009d039b56
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 21:21:41 GMT
Last-Modified
Thu, 01 Aug 2019 07:59:44 GMT
Server
Apache
ETag
"90073ada-ab0-58f099febd230"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=300
Content-Length
2736
css
fonts.googleapis.com/ 		107 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Sawarabi+Mincho
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7e351ba22213ae56fea51662835a7e2fc3eb4fed11059c797ee4111f183df725
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 28 Aug 2019 21:21:41 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 28 Aug 2019 21:21:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Wed, 28 Aug 2019 21:21:41 GMT
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.slim.min.js
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
711a568e848ec3929cc8839a64da388ba7d9f6d28f85861bea2e53f51495246f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Origin
https://mb-farm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
903968
status
200
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-10d58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
50d9561cd931cbd0-VIE
expires
Mon, 17 Aug 2020 21:21:41 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.3/js/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.3/js/bootstrap.min.js
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
0245cd902b95978bcfa8f9e591652644603b7c764585baad2e074594398981cc

Request headers

Sec-Fetch-Mode
cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Origin
https://mb-farm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:41 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
11571
formrun.js
sdk.form.run/js/v2/ 		168 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.form.run/js/v2/formrun.js
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbaa365705fdc67aca3157916a69b9c575e7e069d8a45c33055cdad3d3d0f1e5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 21:17:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Jun 2019 07:38:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript
Via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
Cache-Control
max-age=100
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
N5iEkPNXmihPSjrbhb2GwrnZkVjVRP1mB-fDSxSl2yrs5BUoSIAiEw==
sdk.js
connect.facebook.net/ja_JP/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2e33354c8ca6ef219bf4688c88a6ef53178df87ecfcd6d5d39d37ab4f563901c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Origin
https://mb-farm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+3wwKNjEFyca92iEqNgeiw==
status
200
content-length
1780
etag
"f9a9cb44971d5f8a1074d4a06445c753"
x-fb-debug
c3IAPvqA0yAb5TpLepcdOJZ2cK1XW1XeX8Kx+qicVdGrzkr37z/tU86Xs+HmO6Y/ed8mQmQuIit0EZGHXUDcKw==
x-fb-trip-id
365799557
x-fb-content-md5
8449d2cc7ac3d744f5777aa3ebbd9b24
x-frame-options
DENY
date
Wed, 28 Aug 2019 21:21:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Aug 2019 21:29:05 GMT
js
www.googletagmanager.com/gtag/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-719450949
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54262aca40438b94aba3e14f3131b4a3909240c43297f23240d060b98734cfb1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26577
x-xss-protection
0
expires
Wed, 28 Aug 2019 21:21:41 GMT
topimg.jpg
mb-farm.com/camp03/images/ 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb-farm.com/camp03/images/topimg.jpg
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.252.64.59 , Japan, ASN24296 (YAHOO-2 Yahoo Japan Corporation, JP),
Reverse DNS
bear-blue-0b9db274c996a224.znlc.jp
Software
Apache /
Resource Hash
67af2d3938adb4dbaf59b83c83250ea90be58a23c29adc6bf716b8937375f9d0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 21:21:42 GMT
Last-Modified
Wed, 31 Jul 2019 02:03:16 GMT
Server
Apache
ETag
"980304e8-1e90f-58ef087412d5c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=299
Content-Length
125199
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
23404
x-xss-protection
0
pragma
public
x-fb-debug
x4lwHeZGFqtzpvCKa8f1Upb5LSqYhjKbiAKzOUda0aRQmQDjgK2xwp+PY9RVTn5+B9kVnJj4TVOUvVdIRHn/wA==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Wed, 28 Aug 2019 21:21:43 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
background.jpg
mb-farm.com/camp03/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb-farm.com/camp03/images/background.jpg
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.252.64.59 , Japan, ASN24296 (YAHOO-2 Yahoo Japan Corporation, JP),
Reverse DNS
bear-blue-0b9db274c996a224.znlc.jp
Software
Apache /
Resource Hash
60af2c26d259d2144bc39045a8466644a170dd19e2dca8683578db490159608e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 21:21:43 GMT
Last-Modified
Thu, 01 Aug 2019 07:26:56 GMT
Server
Apache
ETag
"980304ea-52a6-58f092aabfdf5"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=299
Content-Length
21158
fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-brands-400.woff2
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c885e9f2017a2ed7075db9e876d40a04aa3208114443803bdb120a34afd3b1d6

Request headers

Sec-Fetch-Mode
cors
Referer
https://use.fontawesome.com/releases/v5.6.1/css/all.css
Origin
https://mb-farm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:43 GMT
last-modified
Wed, 12 Dec 2018 17:44:19 GMT
server
NetDNA-cache/2.2
status
200
etag
"f80b8a05dd76fdb40e630f1e90b1303d"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
73936
sdk.js
connect.facebook.net/ja_JP/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js?hash=6d21f72eebd3822553efb823f3249ee5&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9fd4328f7bd77c61061ed3530e1c51fd6638e2837ace228ede96d19fe2d166dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Origin
https://mb-farm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/7cDKcgLKS1IrujD9zkHFQ==
status
200
content-length
60808
etag
"a896f9d9d2757352f75383cb0c2ee0bd"
x-fb-debug
MjPBmo/lccbgIy4/J0udSyTuuYoDi6LsITpntUyuw9jzIlzsBKzJMPlfym2p9df1fbjQVo8swHy3XSVpqN95XA==
x-fb-trip-id
365799557
x-fb-content-md5
05774320433490299ddffd2e5f59db27
x-frame-options
DENY
date
Wed, 28 Aug 2019 21:21:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 27 Aug 2020 20:09:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-719450949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
9166
x-xss-protection
0
server
cafe
etag
9427867564825067918
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Aug 2019 21:21:43 GMT
359948074708458
connect.facebook.net/signals/config/ 		307 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/359948074708458?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3d73b02d26eb1e8b14123e6e269cfdd1590befe8244c3dacbc65dc3b7400872
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-xss-protection
0
pragma
public
x-fb-debug
xFWlNHHgcLg/6fBirKe0jW3v/DOt04Je0xFlU8SzS7ibVKw5bbvFsHpEvHCZYySjRU4aCLONnJDPKBKq2ZZQLw==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Wed, 28 Aug 2019 21:21:43 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/719450949/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/719450949/?random=1567027303229&cv=9&fst=1567027303229&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8e1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmb-farm.com%2Fcamp03%2F%3Fgclid%3DEAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE&tiba=%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%E3%82%A2%E3%83%B3%E3%82%B1%E3%83%BC%E3%83%88%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
22d88a06bd113d62c5eada8150ef0938a43777df9d50395f45e2c986d32d0089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2019 21:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
1070
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 3A45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=6d21f72eebd3822553efb823f3249ee5&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Wed, 26 Aug 2020 21:13:55 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
SIq9ekWxtXqpkvi6mh/B/jpUuKBNS9DkUOGlASKkStAVztJxF8ouqxCRn3DgU1LHOObXah4UKy/DLc0xzPUwfQ==
content-length
11642
x-fb-trip-id
365799557
date
Wed, 28 Aug 2019 21:21:43 GMT
/
www.google.com/pagead/1p-user-list/719450949/ 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/719450949/?random=1567027303229&cv=9&fst=1567026000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmb-farm.com%2Fcamp03%2F%3Fgclid%3DEAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE&tiba=%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%E3%82%A2%E3%83%B3%E3%82%B1%E3%83%BC%E3%83%88%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3&async=1&fmt=3&is_vtc=1&random=3985690477&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2019 21:21:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/719450949/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/719450949/?random=1567027303229&cv=9&fst=1567026000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmb-farm.com%2Fcamp03%2F%3Fgclid%3DEAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE&tiba=%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%E3%82%A2%E3%83%B3%E3%82%B1%E3%83%BC%E3%83%88%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3&async=1&fmt=3&is_vtc=1&random=3985690477&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2019 21:21:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
q0u+XybdqdLg4Sgm91Rq75AVWGwfcB0xRZexJQid0lgy3Sba1nw1iAzaYqkBGECjbZmPa//bLZ5zTmIJvp9/jA==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Wed, 28 Aug 2019 21:21:43 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=359948074708458&ev=PageView&dl=https%3A%2F%2Fmb-farm.com%2Fcamp03%2F%3Fgclid%3DEAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE&rl=&if=false&ts=1567027303434&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1567027303434.1562360701&it=1567027303214&coo=false&rqm=GET
Requested by
Host: mb-farm.com
URL: https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 28 Aug 2019 21:21:43 GMT
/
www.facebook.com/tr/ 		44 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=359948074708458&ev=Microdata&dl=https%3A%2F%2Fmb-farm.com%2Fcamp03%2F%3Fgclid%3DEAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE&rl=&if=false&ts=1567027304937&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%E3%82%A2%E3%83%B3%E3%82%B1%E3%83%BC%E3%83%88%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1567027303434.1562360701&it=1567027303214&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://mb-farm.com/camp03/?gclid=EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 21:21:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 28 Aug 2019 21:21:44 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Formrun object| __core-js_shared__ function| fbq function| _fbq function| gtag object| dataLayer object| FB object| google_tag_manager function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

3 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0oxCrl9uc2YIVJPJQ..BdZvBn...1.0.BdZvBn.
.mb-farm.com/ Name: _fbp
Value: fb.1.1567027303434.1562360701
.mb-farm.com/ Name: _gcl_aw
Value: GCL.1567027303.EAIaIQobChMI7Ongo7-m5AIVmnZgCh1SCQkUEAMYASAAEgIk__D_BwE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
mb-farm.com
sdk.form.run
staticxx.facebook.com
use.fontawesome.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.35.253.50
172.217.23.162
2001:4de0:ac19::1:b:2a
210.252.64.59
23.111.9.35
2606:4700::6813:c697
2a00:1450:4001:81a::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2004
2a00:1450:4001:821::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
0245cd902b95978bcfa8f9e591652644603b7c764585baad2e074594398981cc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f1ab1e885f13eeeefbe3ae4f9fbda1859241500623073f48224969370edf1fd
22d88a06bd113d62c5eada8150ef0938a43777df9d50395f45e2c986d32d0089
2e33354c8ca6ef219bf4688c88a6ef53178df87ecfcd6d5d39d37ab4f563901c
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
54262aca40438b94aba3e14f3131b4a3909240c43297f23240d060b98734cfb1
60af2c26d259d2144bc39045a8466644a170dd19e2dca8683578db490159608e
67af2d3938adb4dbaf59b83c83250ea90be58a23c29adc6bf716b8937375f9d0
711a568e848ec3929cc8839a64da388ba7d9f6d28f85861bea2e53f51495246f
7e351ba22213ae56fea51662835a7e2fc3eb4fed11059c797ee4111f183df725
99e779b554e2ba057820cd5a9a0e56f73e2aed0c7a1a9aea9a441d59067eaa1d
9d7efc2c3c4fdfc231b11cc564047b846371003e14f658e33d8e69009d039b56
9fd4328f7bd77c61061ed3530e1c51fd6638e2837ace228ede96d19fe2d166dd
bbaa365705fdc67aca3157916a69b9c575e7e069d8a45c33055cdad3d3d0f1e5
c885e9f2017a2ed7075db9e876d40a04aa3208114443803bdb120a34afd3b1d6
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e
e3d73b02d26eb1e8b14123e6e269cfdd1590befe8244c3dacbc65dc3b7400872
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec