![](/screenshots/f77323dd-533e-4d40-a50f-16e830005302.png)
zegtrends.com
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://zegtrends.com/hacking-begins-with-a-text-message-how-does-the-pegasus-spyware-work/
Submission: On June 14 via manual from BR — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 3rd 2022. Valid for: a year.
This is the only time zegtrends.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net
s4.histats.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16276 (OVH, FR)
PTR: ns534106.ip-149-56-240.net
sstatic1.histats.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
static.adsafeprotected.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org |
ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com |
ASN16509 (AMAZON-02, US)
config.playwire.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com
z.moatads.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-128-163.eu-west-2.compute.amazonaws.com
mb.moatads.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-65-69.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com |
ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
zegtrends.com
1 redirects
zegtrends.com |
512 KB |
11 |
netpub.media
6 redirects
fstatic.netpub.media — Cisco Umbrella Rank: 266965 |
506 KB |
8 |
intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 8197 |
246 KB |
6 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 ad.doubleclick.net — Cisco Umbrella Rank: 184 |
156 KB |
6 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832 |
41 KB |
5 |
quantcast.com
test.cmp.quantcast.com — Cisco Umbrella Rank: 10584 cmp.quantcast.com — Cisco Umbrella Rank: 3300 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12380 |
142 KB |
5 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82 |
266 KB |
3 |
btloader.com
btloader.com — Cisco Umbrella Rank: 1086 api.btloader.com — Cisco Umbrella Rank: 1196 |
13 KB |
3 |
billowybelief.com
billowybelief.com |
23 KB |
3 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 12395 s4.histats.com — Cisco Umbrella Rank: 11738 sstatic1.histats.com — Cisco Umbrella Rank: 62996 |
5 KB |
3 |
icutlink.com
icutlink.com — Cisco Umbrella Rank: 239578 |
4 KB |
2 |
ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1167 |
1 KB |
2 |
moatads.com
z.moatads.com — Cisco Umbrella Rank: 620 mb.moatads.com — Cisco Umbrella Rank: 831 |
44 KB |
2 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1940 |
157 KB |
2 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 |
95 KB |
1 |
playwire.com
config.playwire.com — Cisco Umbrella Rank: 8410 |
2 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379 |
1 KB |
1 |
consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 4744 |
47 KB |
1 |
adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 628 |
482 B |
1 |
intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 8972 |
147 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422 |
88 KB |
72 | 21 |
Domain | Requested by | |
---|---|---|
12 | zegtrends.com |
1 redirects
zegtrends.com
|
11 | fstatic.netpub.media |
6 redirects
zegtrends.com
fstatic.netpub.media |
8 | cdn.intergient.com |
zegtrends.com
cdn.intergient.com |
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
5 | www.googletagmanager.com |
icutlink.com
zegtrends.com www.googletagmanager.com fstatic.netpub.media |
3 | cmp.quantcast.com |
quantcast.mgr.consensu.org
|
3 | billowybelief.com |
cdn.intergient.com
billowybelief.com |
3 | securepubads.g.doubleclick.net |
zegtrends.com
securepubads.g.doubleclick.net |
3 | icutlink.com |
icutlink.com
|
2 | api.btloader.com |
btloader.com
|
2 | ad-delivery.net |
zegtrends.com
|
2 | fundingchoicesmessages.google.com |
securepubads.g.doubleclick.net
|
2 | pagead2.googlesyndication.com |
icutlink.com
|
1 | audit-tcfv2.cmp.quantcast.com |
cmp.quantcast.com
|
1 | mb.moatads.com |
z.moatads.com
|
1 | ad.doubleclick.net |
zegtrends.com
|
1 | z.moatads.com |
cdn.intergient.com
|
1 | btloader.com |
cdn.intergient.com
|
1 | config.playwire.com |
cdn.intergient.com
|
1 | test.cmp.quantcast.com |
quantcast.mgr.consensu.org
|
1 | cdn.jsdelivr.net |
fstatic.netpub.media
|
1 | quantcast.mgr.consensu.org |
fstatic.netpub.media
|
1 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | static.adsafeprotected.com |
zegtrends.com
|
1 | cdn.intergi.com |
cdn.intergient.com
|
1 | sstatic1.histats.com |
zegtrends.com
|
1 | ajax.googleapis.com |
zegtrends.com
|
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
icutlink.com
|
72 | 31 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
icutlink.com E1 |
2023-06-09 - 2023-09-07 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-13 - 2024-05-11 |
a year | crt.sh |
histats.com R3 |
2023-06-06 - 2023-09-04 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
cdn.intergient.com Amazon RSA 2048 M02 |
2023-02-17 - 2024-01-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
billowybelief.com R3 |
2023-04-17 - 2023-07-16 |
3 months | crt.sh |
cdn.intergi.com Amazon RSA 2048 M01 |
2023-02-17 - 2024-01-02 |
a year | crt.sh |
static.adsafeprotected.com Amazon RSA 2048 M01 |
2023-02-24 - 2023-09-04 |
6 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
cmp.quantcast.com R3 |
2023-06-13 - 2023-09-11 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.playwire.com Amazon RSA 2048 M02 |
2023-02-11 - 2024-03-11 |
a year | crt.sh |
moatads.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-16 - 2023-11-18 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-13 - 2023-07-05 |
a year | crt.sh |
api.btloader.com GTS CA 1D4 |
2023-06-13 - 2023-09-11 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://zegtrends.com/hacking-begins-with-a-text-message-how-does-the-pegasus-spyware-work/
Frame ID: F2AE1D61939AF7210CCBC94339594212
Requests: 69 HTTP requests in this frame
Frame:
https://icutlink.com/empty.html
Frame ID: 354FCEB732923DE9ED47857060701D59
Requests: 1 HTTP requests in this frame
Frame:
https://zegtrends.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: 084411C38898E95631255D3C6FB3170B
Requests: 2 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html
Frame ID: E85C00F6CEF682BA6995CBE14C311667
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/f77323dd-533e-4d40-a50f-16e830005302.png)
Page Title
Hacking begins with a text message.” How does the Pegasus spyware work? – ZegTrendsPage URL History Show full URLs
- https://icutlink.com/GBdVC3EQX Page URL
- https://zegtrends.com/hacking-begins-with-a-text-message-how-does-the-pegasus-spyware-work/ Page URL
Detected technologies
Detected patterns
- googlesyndication\.com/
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- moatads\.com
![](/vendor/wappa/icons/Prebid.png)
Detected patterns
- /prebid\.js
![](/vendor/wappa/icons/Quantcast.png)
Detected patterns
- quantcast\.mgr\.consensu\.org
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://icutlink.com/GBdVC3EQX Page URL
- https://zegtrends.com/hacking-begins-with-a-text-message-how-does-the-pegasus-spyware-work/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://fstatic.netpub.media/static/af45af18a2c8e5a5f49920c6bb346b12.min.js?1686764550234 HTTP 301
- https://fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/service.js HTTP 302
- https://fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/40260545.js?npr=52af0802abc4bcc0deac8e2f02bb358c
- https://fstatic.netpub.media/static/af45af18a2c8e5a5f49920c6bb346b12.min.js?1686764550235 HTTP 301
- https://fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/service.js HTTP 302
- https://fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/40260545.js?npr=52af0802abc4bcc0deac8e2f02bb358c
- https://fstatic.netpub.media/static/af45af18a2c8e5a5f49920c6bb346b12.min.js?1686764550268 HTTP 301
- https://fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/service.js HTTP 302
- https://fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/40260545.js?npr=52af0802abc4bcc0deac8e2f02bb358c
- https://zegtrends.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://zegtrends.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
GBdVC3EQX
icutlink.com/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
124 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad.min.js
icutlink.com/ |
138 B 454 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
empty.html
icutlink.com/ Frame 354F |
48 B 355 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
/
zegtrends.com/hacking-begins-with-a-text-message-how-does-the-pegasus-spyware-work/ |
92 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
51 B 185 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 204 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
zegtrends.com/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
76 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramp_config.js
cdn.intergient.com/1024578/73399/ |
40 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
zegtrends.com/main/css/dist/block-library/ |
93 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
classic-themes.min.css
zegtrends.com/main/css/ |
217 B 470 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-main-new.min.css
zegtrends.com/core/ |
38 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
devtools-detect.js
zegtrends.com/app/wp-hide-security-enhancer/assets/js/ |
1 KB 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pegasus-spyware.png
zegtrends.com/images/2021/07/ |
437 KB 438 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon.png
zegtrends.com/app/chp-ads-block-detector/assets/img/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.gif
sstatic1.histats.com/ |
43 B 163 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
127 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
frontend.js
zegtrends.com/core/assets/js/build/modern/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ramp_core.js
cdn.intergient.com/ |
587 KB 166 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c72a5ddacfbf9359304f27a20b5d1e2f481aaf.index.js
billowybelief.com/bundles/ |
63 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid.js.br
cdn.intergi.com/prebid/ |
575 KB 147 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
40260545.js
fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/ Redirect Chain
|
404 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
40260545.js
fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/ Redirect Chain
|
404 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
40260545.js
fstatic.netpub.media/r/af45af18a2c8e5a5f49920c6bb346b12/ Redirect Chain
|
404 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/ |
404 KB 125 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
2 KB 632 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
140 KB 48 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
137 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
invisible.js
zegtrends.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame 0844 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
194 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ |
51 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skeleton.gif
static.adsafeprotected.com/ |
43 B 482 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7d745ec15ce81c22
zegtrends.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0844 |
0 572 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 344 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
154013155
fundingchoicesmessages.google.com/i/ |
142 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/ Frame E85C |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-gdpr.js
fstatic.netpub.media//extra/cmp/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid_221021.js
fstatic.netpub.media/renderer/ |
1 MB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
124 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
124 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ |
178 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
726e0fffb8bc31fa96d784519d8d774de64ce59c281004c3
billowybelief.com/e4893e/ |
206 B 233 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ |
10 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
videoCard.01fa78e7064a386f48fc.js
cdn.intergient.com/pageos/1.9.26/ |
554 B 904 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
batchHandler.77ab1dc43eac56199813.js
cdn.intergient.com/pageos/1.9.26/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
88.da4099999895d5101ca6.js
cdn.intergient.com/pageos/1.9.26/ |
49 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdpr.c2de08c890a9ff1b948f.js
cdn.intergient.com/pageos/1.9.26/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
price_floor.js
config.playwire.com/websites/73399/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag
btloader.com/ |
45 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nielsen.b850d86715bcafaea630.js
cdn.intergient.com/pageos/1.9.26/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moatheader.js
z.moatads.com/playwireprebidheader597261727146/ |
114 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
1deb7f2194c421334c1eac70a7c607d3521ebfc38fe793cfb6d4a2
billowybelief.com/ |
3 B 27 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aws-sdk-kinesis.min.js.br
cdn.intergient.com/pageos/js/libs/ |
227 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2ui-en.js
cmp.quantcast.com/tcfv2/47/ |
248 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list-trimmed-v1-tmp.json
cmp.quantcast.com/GVL-v2/ |
353 KB 43 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-atp-list.json
cmp.quantcast.com/tcfv2/ |
151 KB 36 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
ad-delivery.net/ |
43 B 864 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
ad.doubleclick.net/ |
1 KB 571 B |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
ad-delivery.net/ |
43 B 337 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2
mb.moatads.com/yi/ |
590 B 764 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audit-tcfv2.cmp.quantcast.com/ |
2 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
country
api.btloader.com/ |
16 B 194 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pv
api.btloader.com/ |
0 66 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxUdLPSeapQR09v7TpNfKnQt7un6EoEUe-U_URk0NHd6Y6GgEPHlk8JgjZJBaqMMC97MO5YRYt0eDFn4ZemCkD4=
fundingchoicesmessages.google.com/f/ |
971 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
137 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless object| onbeforetoggle object| onscrollend object| CloudflareApps object| paceOptions object| Pace object| devtools function| $ function| jQuery object| ramp function| admiral object| googletag string| _pwUserContentEncoding boolean| rampMinimal object| PageOS string| _pwGA4PageviewId object| dataLayer function| gtag object| _0xc48e function| _0xe68c function| ejfnnwvqawcztjpwctnmwxbghamlevvnaheefrlbjjweuzelwywvamrhdndtavlwazjbvtzsjnolwdvwnsdvwns function| hasClass function| addClass function| removeClass function| uytpquthmqujyemivalldmulstwvunlrcztvxtxnavkjzrllxmgdpnxhsqziaryskfuzxrlnmuitqmgdvwnsdvwns function| uhvvdhqztxawsdvdwwzqrctredfazvtwfnyeemruuqwnvimowewnhndnydwtsrwtqtkqxoelazvyzswdvwnsdvwns function| chp_ads_blocker_detector function| fairAdblock function| adsBlocked function| checkMultiple function| init object| Properties object| html string| theme object| variants function| setCurrentTheme object| observer function| initNoLinkDD object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| 4dm1r11545242527 boolean| google_measure_js_timing number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| __pwpbjs__ object| mnet string| nobidVersion object| nobid object| ADAGIO object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime object| __oa360ScriptsState boolean| __isGoogleAllowed object| pbjsnetpub221021 function| __tcfapi function| __uspapi object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| pbjsnetpub221021Chunk function| __tcfapiui object| pageos object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR boolean| _pageViewSampling object| _pwLogger boolean| excludeMoat string| _pwKassandraVer boolean| _pwUserInCA number| _pwFpSampling string| _pwUserCC object| pwEdgeFlags object| webpackChunkpageos object| __core-js_shared__ object| core object| tyche function| _xamzrequire object| AWS object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_52747521 boolean| Moat#EVA object| moatPrebidApi boolean| __bt_already_invoked object| HFG24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
icutlink.com/ | Name: AdLinkFly Value: 803e0e2e198eb2a744452cbb1815ef11 |
|
icutlink.com/ | Name: isdr Value: false |
|
icutlink.com/ | Name: rfsrc Value: blank |
|
icutlink.com/ | Name: csrfToken Value: b41a3fc8450d9de8e4a5bbb55a6dbaf827e972ece26ba36b420df69047cdde6ffb5cd72e1987069bb9c05de545b9e3888e7483851b82ab26a5e6f9f87a4d65b7 |
|
icutlink.com/ | Name: visitor Value: Q2FrZQ%3D%3D.ZTFmYWJkNDAxMjk4M2E1ZmQ1MGViNWQ3YTBkNzkyNGI4ZmYwZTRmYTE3M2VhYmJlNjQxMTUxYjJlZmZlN2E4OB1seJrGtNk5s8%2F8EumknDq7%2FILAw4sDRs0HskStmROBeyNxAHEe7racFzm5%2BTeMqD%2Bvtx%2BzEwh66l33eoyeK%2BXOwdAR3ikUSi6PHj6vOAWs |
|
icutlink.com/ | Name: HstCfa4141654 Value: 1686764549344 |
|
icutlink.com/ | Name: HstCla4141654 Value: 1686764549344 |
|
icutlink.com/ | Name: HstCmu4141654 Value: 1686764549344 |
|
icutlink.com/ | Name: HstPn4141654 Value: 1 |
|
icutlink.com/ | Name: HstPt4141654 Value: 1 |
|
icutlink.com/ | Name: HstCnv4141654 Value: 1 |
|
icutlink.com/ | Name: HstCns4141654 Value: 1 |
|
.icutlink.com/ | Name: _ga Value: GA1.2.2135713407.1686764549 |
|
.icutlink.com/ | Name: _gid Value: GA1.2.1383212885.1686764549 |
|
.icutlink.com/ | Name: _gat_gtag_UA_125598004_1 Value: 1 |
|
.zegtrends.com/ | Name: _gid Value: GA1.2.680265454.1686764550 |
|
.zegtrends.com/ | Name: _gat_gtag_UA_120299301_4 Value: 1 |
|
.zegtrends.com/ | Name: __cf_bm Value: LGIHe4tjsKHBPo3jzOkKwTf7txD84CnBgPqXJgOf2U8-1686764550-0-AcS3m6UBauyKMtYJTCacwE5dP4AkSpx7XXcCRC0aEU5t9d/FXwOAx1PifzpzKsr/kg== |
|
.zegtrends.com/ | Name: _ga_5GTLGFH6PV Value: GS1.1.1686764550.1.0.1686764550.0.0.0 |
|
.zegtrends.com/ | Name: _ga Value: GA1.2.927830104.1686764550 |
|
.zegtrends.com/ | Name: _gat_gtag_UA_228391614_1 Value: 1 |
|
zegtrends.com/ | Name: _pbjs_userid_consent_data Value: 6683316680106290 |
|
zegtrends.com/ | Name: usprivacy Value: 1--- |
|
.zegtrends.com/ | Name: _awl Value: 2.1686764551.5-1f941dc60aadea2dcdace5f1339200b8-6763652d6575726f70652d7765737431-0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN, SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad-delivery.net
ad.doubleclick.net
ajax.googleapis.com
api.btloader.com
audit-tcfv2.cmp.quantcast.com
billowybelief.com
btloader.com
cdn.intergi.com
cdn.intergient.com
cdn.jsdelivr.net
cmp.quantcast.com
config.playwire.com
fstatic.netpub.media
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
icutlink.com
mb.moatads.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
region1.google-analytics.com
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
sstatic1.histats.com
static.adsafeprotected.com
stats.g.doubleclick.net
test.cmp.quantcast.com
www.google-analytics.com
www.googletagmanager.com
z.moatads.com
zegtrends.com
13.41.128.163
130.211.23.194
142.250.186.134
149.56.240.129
149.56.240.27
2001:4860:4802:34::36
23.32.185.123
2600:1901:0:636d::1
2600:9000:20c3:1600:12:4abd:d340:93a1
2600:9000:223c:ec00:1a:1459:5cc0:93a1
2600:9000:223d:6c00:14:2602:6e80:93a1
2600:9000:223f:d600:8:48e:53c0:93a1
2600:9000:2240:4400:9:46dc:4700:93a1
2600:9000:2240:4a00:9:46dc:4700:93a1
2600:9000:225e:fe00:3:a4cd:8380:93a1
2606:4700:10::6814:51d
2606:4700:20::681a:246
2606:4700:20::681a:51a
2606:4700:20::681a:78b
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a04:4e42::485
2a06:98c1:3121::3
35.158.65.69
01257578d2da5f545555eac87bf2af86316f771deecd07a636847b6c9fe0d255
0ae970c0eba45d3ec315f94d3404ea6ad258ac546746921262261d3a713f6f9a
14cd167420b962b3db2cc70fac2bfc7b49f23fdd0b93b9c73f6dc567f730643e
1dd8ab32a5542041b537e3a7a433820a69db106d263633c4b911b3f1f3c72a72
23df4b95a6b30f70b8bca0726540badba53900209fa9675897e1ba798730bf80
301ca0c5bdccd1229807608b7913b56b76e8c35c7a49be6a25a6d69ab859ef49
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4aad7d90f8da60eac91959b6c6e9c64a183ed5d0fd6f5b41b8627ab9f1fd7b1d
4af737f0d9b4d0f7ea8d3bdedef8cca3498b08c1acb62e0b7fe212a751a2f8c3
4e739c681d160d872ebc171a6bf3e8890824679cf7315e7e746b5305dc140dd7
509f69a0572a2f70b5c79a31522fa13f77685ec0ccff6589e7c8120155d74a96
5433151f2efbb5b17737233e7a9be2aca5c90f7c5f50216fea682aa56bb37b78
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202
562517f7493a811891867c03059981133d7004b90d2d711499dbdfeec345d93c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
60259766455abae22fa5205bacd050b855b56558f9aaf86743ffd80c70f143b5
64a6bf9e4223918f7179381523dfd696918149dbe901ed7101717877dce49881
655041914d43108b24bb44d410c868d7220236b43a75eac1421b3bfef13794cf
66b689fab7e989810060cb4d14838bc9614926f26b09bf2a592af44fa309e94f
67316ada892a49f9b496847f70f36a50e010719a9d31b05496834b42339fc3a2
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da099a16c53c78982d829c915083580ae057aa04c19932dbf651ff36e92993b
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
743f0138a0425418260a773e375e698d20820a4a54c816e0819ba1efc38f09aa
7a81e98f731181cf96fd18a1dd8124e3903cc002b733dd83d9bd72f039b6436b
7fc939688a8b0b30c4a4195e0e3c8b88535b239a5eb12c5b1acecd72c4e23415
854f2a38af8bc5027032ed094b9554fe02348b5d37b5aab69ebe7456db80d5b4
8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f
8cfa4bb0b75fdcd693fa4c85163cfabb1637870c5ca70a1e357461d98349792b
8ee11b4b0d9044456ba0a770e9d93bc482f5d5e5b3eab937a55747c786dccea6
90b0fe5ebdc2c1341fd45a6ac5af7102282dbbe766bdb03709af5e17a98a39b7
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3bd0b2c87f8f93b62a40515b821e8e26c457cd9d9511fc5647d29e87a79dfef
a7756535795a4e600777b5f7a81ed03d6df6f7789b61d481c0be2fbebf00c8e0
b03d5d3bbdd6148c4d3da1558eaac60bcbe13a3494fa4ebef401c200080dc0ed
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b21efbd8d0cc83a00e823a0165c9aaff48cee19c44e77329caee5a268608030a
b3c206b0171ef914a7ef1455da3ba9bbc2eface4206ae7888a7bc5bb17e5ab07
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
c1f8d62fb9091349c6a4a3d2e631b5b71fdc2d287f86bf05ee893561e2006958
c98f74ed7ef0bb572066558188fd4215e8aef5dcde1c28a7a1df395557eaa024
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea
e04ac59a21c299ed20e447225bef7e3d447438a8656c1cdcce2e4151bdce758c
e09d1a81ac852e857b533e97845690b9c892166a1e1085a3cbe1d8ba2dcc139c
e3704990b915a14f492b462da2db835c5423b11c98df8ee884a61bfdbc0cee63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fcb258ce7e628b81d67cdfc8f04493387fa74f6d05a91a10d361d9e4c0cdc0
e6dfa8b942e29b3b71e21c90d064eda9097afc6c98fab2c752f822a7a86942e6
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d