![](/screenshots/fb8c49b4-433f-4c01-adf4-5d088d36a414.png)
ko.strephonsays.com
Open in
urlscan Pro
2606:4700:3030::6815:66b
Public Scan
Effective URL: https://ko.strephonsays.com/
Submission: On April 24 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.
This is the only time ko.strephonsays.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
ko.strephonsays.com | |
strephonsays.com | |
a.strephonsays.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru | |
mc.yandex.com |
ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua
www.bigmp3db.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-70.dus51.r.cloudfront.net
optad360.mgr.consensu.org |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com | |
c.mgid.com | |
cdn.mgid.com | |
servicer.mgid.com | |
cm.mgid.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-145-221.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7204 c.mgid.com — Cisco Umbrella Rank: 5726 cdn.mgid.com — Cisco Umbrella Rank: 9974 servicer.mgid.com — Cisco Umbrella Rank: 7199 s-img.mgid.com — Cisco Umbrella Rank: 5805 cm.mgid.com — Cisco Umbrella Rank: 2073 |
136 KB |
14 |
strephonsays.com
1 redirects
ko.strephonsays.com strephonsays.com — Cisco Umbrella Rank: 590782 a.strephonsays.com |
478 KB |
7 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 7652 |
3 KB |
6 |
bigmp3db.com
www.bigmp3db.com — Cisco Umbrella Rank: 717004 |
20 KB |
4 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 |
154 KB |
4 |
consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 57884 |
249 KB |
3 |
yandex.ru
2 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2437 |
74 KB |
3 |
optad360.io
get.optad360.io — Cisco Umbrella Rank: 33098 cmp.optad360.io — Cisco Umbrella Rank: 52418 |
286 KB |
2 |
criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442 |
378 B |
2 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 |
165 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474 |
3 KB |
1 |
crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2256 |
320 B |
1 |
pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725 |
59 KB |
1 |
id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319 |
17 KB |
1 |
imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 9496 |
326 KB |
1 |
zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 359482 |
10 KB |
66 | 16 |
Domain | Requested by | |
---|---|---|
8 | a.strephonsays.com |
ko.strephonsays.com
|
7 | mc.yandex.com | 3 redirects |
6 | www.bigmp3db.com |
ko.strephonsays.com
www.bigmp3db.com |
4 | s-img.mgid.com | |
4 | cdn.mgid.com | |
4 | c.mgid.com |
jsc.mgid.com
|
4 | optad360.mgr.consensu.org |
cmp.optad360.io
optad360.mgr.consensu.org |
3 | securepubads.g.doubleclick.net |
get.optad360.io
securepubads.g.doubleclick.net |
3 | mc.yandex.ru |
2 redirects
ko.strephonsays.com
|
3 | strephonsays.com |
ko.strephonsays.com
|
3 | ko.strephonsays.com |
1 redirects
ko.strephonsays.com
|
2 | gum.criteo.com |
ads.pubmatic.com
|
2 | cm.mgid.com |
jsc.mgid.com
|
2 | jsc.mgid.com |
www.bigmp3db.com
jsc.mgid.com |
2 | get.optad360.io |
ko.strephonsays.com
get.optad360.io |
2 | pagead2.googlesyndication.com |
ko.strephonsays.com
pagead2.googlesyndication.com |
2 | cdn.jsdelivr.net |
ko.strephonsays.com
get.optad360.io |
1 | id.crwdcntrl.net |
ads.pubmatic.com
|
1 | ads.pubmatic.com |
jsc.mgid.com
|
1 | cdn.id5-sync.com |
jsc.mgid.com
|
1 | cl.imghosts.com | |
1 | servicer.mgid.com |
jsc.mgid.com
|
1 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
1 | cdn.zx-adnet.com |
ko.strephonsays.com
|
1 | cmp.optad360.io |
ko.strephonsays.com
|
66 | 25 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-07-12 - 2023-07-12 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.optad360.io Amazon RSA 2048 M02 |
2023-03-01 - 2023-11-15 |
9 months | crt.sh |
username.digitalreceipt.co.ke GTS CA 1D4 |
2023-03-10 - 2023-06-08 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-03-17 - 2023-08-27 |
5 months | crt.sh |
www.bigmp3db.com R3 |
2023-02-27 - 2023-05-28 |
3 months | crt.sh |
optad360.mgr.consensu.org Amazon RSA 2048 M02 |
2023-04-23 - 2024-05-21 |
a year | crt.sh |
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-25 - 2024-01-24 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-09 - 2023-06-03 |
3 months | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2022-05-01 - 2023-06-02 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://ko.strephonsays.com/
Frame ID: 97B04C93E84553AAD7A1E29EF78B2315
Requests: 62 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Frame ID: 6FEC853DAF78A8807C34D70080AE65FC
Requests: 1 HTTP requests in this frame
Frame:
https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: E2BD146355A914F7239282A782C6BAB8
Requests: 2 HTTP requests in this frame
Frame:
https://cm.mgid.com/i-noref.js?cbuster=1682356554383746597820
Frame ID: 6F5C5498B4934C3ADF9E1161B72602EB
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/fb8c49b4-433f-4c01-adf4-5d088d36a414.png)
Page Title
ì•Œê³ ìžˆë‹¤ 2023Page URL History Show full URLs
-
http://ko.strephonsays.com/
HTTP 301
https://ko.strephonsays.com/ Page URL
Detected technologies
Detected patterns
- googlesyndication\.com/
![](/vendor/wappa/icons/PubMatic.png)
Detected patterns
- https?://[^/]*\.pubmatic\.com
![](/vendor/wappa/icons/Yandex.Metrika.png)
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
39 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ko.strephonsays.com/
HTTP 301
https://ko.strephonsays.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9983.WmcY_iIQsyCPmRURFSVT85okjJHGelTikQ9XM1QTajk4c50W3woVib8uetUqEMES.exM27bt7ziigfL_bJ76EMmwfqs0%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9983.ngTKfuubHNci1cGtRwPQaZ2InXAQPWvz4Q2Z56eyuOqS7Z29QN2EBPgaom1usxccbPKGRF8420ajZgBJ5dmfp4G_RpS4S5f5fRbataqQ4Ro%2C.1tid3I-UanGarunJbNai_k3p-s4%2C
- https://mc.yandex.com/watch/53480917?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A515%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A603604153257%3Ahid%3A1059947679%3Az%3A0%3Ai%3A20230424171552%3Aet%3A1682356553%3Ac%3A1%3Arn%3A146442546%3Arqn%3A1%3Au%3A1682356553540941913%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C92%2C11%2C109%2C0%2C%2C11%2C0%2C489%2C489%2C3%2C431%3Aco%3A0%3Acpf%3A1%3Ans%3A1682356551739%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682356553%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/53480917/1?wmode=7&page-url=https%3A%2F%2Fko.strephonsays.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A515%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A603604153257%3Ahid%3A1059947679%3Az%3A0%3Ai%3A20230424171552%3Aet%3A1682356553%3Ac%3A1%3Arn%3A146442546%3Arqn%3A1%3Au%3A1682356553540941913%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C92%2C11%2C109%2C0%2C%2C11%2C0%2C489%2C489%2C3%2C431%3Aco%3A0%3Acpf%3A1%3Ans%3A1682356551739%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682356553%3At%3A%EC%95%8C%EA%B3%A0%EC%9E%88%EB%8B%A4%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
- https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9983.K-1imAFHnG4zFjCwp4kh3dSSzSpxODwrNs2RYlEmyaMLTgMB0CKS0kbTFGapxoj6.duMez_ihwZNlYKL5lNmrVhsSP6k%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9983.NPIWMSAri2ENzAR-ntLl69rcDLtr0-eqsDP6z-xnk7K4Y7ev2SbgsMYY1mkXSTVqzCqu4er8eyJ3k9fMeLZ_71T8BS3dMOGvSZHxhg8hr3E%2C.ApKrFW1b4Tus9aqm4Q5MDjF5wkc%2C
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ko.strephonsays.com/ Redirect Chain
|
45 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
strephonsays.com/template/artemiz/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yt.css
strephonsays.com/template/artemiz/css/ |
69 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ko.strephonsays.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts.js
strephonsays.com/template/artemiz/js/ |
177 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
136 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin.min.js
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ |
286 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
45b65dd9-e0fa-4d05-aa26-a39c3cef09e4.min.js
cmp.optad360.io/items/ |
253 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
41 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Metaphor-and-Personification-1.webp
a.strephonsays.com/language/ |
76 KB 77 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Atomic-Mass-and-Molecular-Weight.webp
a.strephonsays.com/science-nature/ |
52 KB 53 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Feudalism-and-Democracy-1.webp
a.strephonsays.com/public/ |
40 KB 40 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-pKa-and-pKb.webp
a.strephonsays.com/science-nature/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Companies-Limited-by-Shares-and-Companies-Limited-by-Guarantee.webp
a.strephonsays.com/business/ |
47 KB 47 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Difference-Between-Overriding-and-Overloading-in-C-1.webp
a.strephonsays.com/technology/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Difference-Between-Food-Chain-and-Food-Web-1.webp
a.strephonsays.com/science-nature/ |
41 KB 41 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Difference-Between-Fennel-and-Anise-1.webp
a.strephonsays.com/life-style-2/ |
53 KB 54 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookies_gdpr.js
cdn.zx-adnet.com/consent/ |
34 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
213 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1duwt.min.js
www.bigmp3db.com/ |
67 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v4/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/ |
350 KB 118 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/ Frame 6FEC |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 269 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
616 B 570 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
74 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid7.17.1.js
get.optad360.io/sf/ |
495 KB 156 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
branding-ads.svg
optad360.mgr.consensu.org/icons/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 67 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 268 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fondoperlaterra.org.1228643.js
jsc.mgid.com/f/o/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/ |
398 KB 124 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
784 B 391 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 268 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-3.0.0.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame E2BD |
691 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fondoperlaterra.org.1228643.es6.js
jsc.mgid.com/f/o/ |
252 KB 71 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1duwt.json
www.bigmp3db.com/ |
59 B 268 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/53480917/ Redirect Chain
|
447 B 825 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
480cc9a4-b381-4a37-946d-ab19f504b2e8
https://ko.strephonsays.com/ |
0 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
7c0511ba-970a-4a7c-9fcb-f21bf0feac1e
https://ko.strephonsays.com/ |
250 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
c.mgid.com/pv/ |
0 66 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
ead96ef2-ed1d-4226-af43-314b41ec126f
https://ko.strephonsays.com/ |
1 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mgid_ua.svg
cdn.mgid.com/images/mgid/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Adchoices.svg
cdn.mgid.com/images/logos/ |
836 B 812 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide_secondary
mc.yandex.com/ Redirect Chain
|
43 B 79 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame E2BD |
410 KB 54 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
servicer.mgid.com/1228643/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mgid_ua.svg
cdn.mgid.com/images/mgid/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Adchoices.svg
cdn.mgid.com/images/logos/ |
836 B 1010 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyLzMxNjYzMC8xYzhmY...
s-img.mgid.com/g/15923177/492x328/-/ |
13 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzY4NjEyMi82NWY4N...
s-img.mgid.com/g/15314547/492x328/-/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzUzMDQ1My9kN2QwM...
s-img.mgid.com/g/15659581/492x328/-/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyLzI0MjEzNS80YjZkN...
s-img.mgid.com/g/15229263/492x328/-/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
92ad36abc2d78784dea6ad29e3535b66.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2022-12/741329/ |
325 KB 326 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.js
cm.mgid.com/ |
0 37 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i-noref.js
cm.mgid.com/ Frame 6F5C |
0 101 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id5-api.js
cdn.id5-sync.com/api/1.0/ |
58 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ |
190 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
json
gum.criteo.com/sid/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
gum.criteo.com/sid/ |
2 B 378 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
id.crwdcntrl.net/ |
43 B 320 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c
c.mgid.com/ |
43 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c
c.mgid.com/ |
43 B 213 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c
c.mgid.com/ |
43 B 213 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| __cfQR object| zxConsentParams object| t object| e function| ym object| rbConfig string| token object| rsdfhse object| webpackChunk function| $ function| jQuery boolean| __cfRLUnblockHandlers object| AdSlotCollection number| 2f1acc6c3a606b082e5eef5e54414ffb function| __tcfapi object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| _0xe9ce object| $jscomp function| $jscomp$lookupPolyfilledValue function| ZxStartMainModule21 object| __ZXCONSENT21 number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Ya object| yaCounter53480917 function| google_sa_impl object| googleToken object| googleIMState object| _mgIntExchangeNews object| MarketGidInfC1228643 boolean| mg_loaded_761202_1228643 object| _mgUserPages object| onClickExcludes function| mgReject1228643 function| mgLoadAds1228643 function| MarketGidCReject1228643 function| MarketGidLoadGoods1228643 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint761202 string| _mgCanonicalUri object| _mgPageView761202 string| _mgPvid string| _mgUniqueHash1228643_18456 boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT object| pbjs function| setImmediate function| clearImmediate object| ID5 object| ihowpbjsChunk object| ihowpbjs object| IHPWT object| _mgwcapping object| _mgPageImp76120215 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ko.strephonsays.com/ | Name: _pbjs_userid_consent_data Value: 6683316680106290 |
|
.strephonsays.com/ | Name: _sharedID Value: 54a29831-1a91-4549-b8a4-16cc88774c3d |
|
.strephonsays.com/ | Name: _ym_uid Value: 1682356553540941913 |
|
.strephonsays.com/ | Name: _ym_d Value: 1682356553 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 1023512159fake |
|
.strephonsays.com/ | Name: _ym_isad Value: 2 |
|
.mgid.com/ | Name: __cf_bm Value: vewXP3nZC_tIGILYwbUOB6XLDMIYDeridVSnxnIDh.I-1682356552-0-ATIif1ZpRWLm9DZGh71m73ltyIEEY3/Zq8IXMqI2cc8z6Zm1MdZahbD9GJmmm/qMUReNx62RZ5IYA7vtdl0yLP4= |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3948184004fake |
|
mc.yandex.com/ | Name: yabs-sid Value: 28627371682356552 |
|
.yandex.com/ | Name: i Value: dYGJ9nGVLhDyqa2jR9cYWRCGvBcbmq3jVV3gYr31RJNzoE/O4Nh5yArdul5zPuH1Bh2CYVoSttXMYU+Il40nn9G0Qlw= |
|
.yandex.com/ | Name: yandexuid Value: 7875458781682356552 |
|
.yandex.com/ | Name: yuidss Value: 7875458781682356552 |
|
.yandex.com/ | Name: ymex Value: 1713892552.yc.1682356552#1713892552.yrts.1682356552#1713892552.yrtsi.1682356552 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
|
ko.strephonsays.com/ | Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1228643%22%3A%7B%22page%22%3A1%2C%22time%22%3A1682356554362%7D%7D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.strephonsays.com
ads.pubmatic.com
c.mgid.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cl.imghosts.com
cm.mgid.com
cmp.optad360.io
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
jsc.mgid.com
ko.strephonsays.com
mc.yandex.com
mc.yandex.ru
optad360.mgr.consensu.org
pagead2.googlesyndication.com
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
strephonsays.com
www.bigmp3db.com
151.101.65.195
18.173.233.70
2.19.228.187
2600:9000:2156:3c00:6:b871:4f00:93a1
2600:9000:225e:f800:11:a4de:2580:93a1
2606:4700:10::ac43:266a
2606:4700:1::6813:854e
2606:4700:1::6813:874e
2606:4700:3030::6815:66b
2606:4700::6810:5514
2606:4700::6812:c2d
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:831::2002
2a02:2638:d::d
2a02:6b8::1:119
52.214.145.221
95.216.65.102
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
165592e7fc3516fb4f1341956c83dec676548b362ab167c3fe7736f5a1be83ac
1912d6ad3030110022978f1dc46dbb1162289a7c0e20a15c6e234240b7c707d3
2469b4bd023773fac9e5bcb6f92d41a8403d535368ba8b0a44d3e4b59b75eb02
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986
331759cc07003ed9a0efba0c6355ce686fdb7f68a24d0d72b086e7fa2aae81e6
3388569c8d7c97b42b3fe8d00cdec0a3c9600b66a82b25e9d1dffda619b71244
380eb6d4882249ffefb1f787aa6a79652b12a786aee033a267d227234fa99953
39b6bded2d577b88948ec5d3109980bbde78534e405f4ca43f3fb068df445ee4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a9e21f59b314db6016cc66ac672d2a830b6b1417e5795f7fa841cc131af3b9
47fff79d2028decdfa7a7088106f7a5bfb8df6dba8e51899c1b9f66ec6e20c95
4da9613fd56e38ec9ea59be024ed02ab49967432bcaf6205c03939ceb13ab7b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5692fdcd3cf15f5d2e98e6fb4f451dec0b2d61cae64af0b2bb18dfe46614c0ca
6018d30bbcba6d280bc301593e97d4585d25186e8e0128cdf997f3d325b24964
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
688708971d125171e4ca49c4437825acdf8778e5fa23fc10c51a5925dc494316
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9
6a9f667053394455ba7d064b526119757f84042d8078b2642093bbca2891bad0
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71a005e915b96b3ed8feb7d4f5221db75e3658fd8678e68d5b04b5dce0aef73e
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
7288c20b13b744af212d6df6ad459628687cf60a1ffe7f99d72e033b556450f0
75d05d1c16582fee16f5e8a5522de2631f33920c0a25773e16fe75688efda4a0
774b02a17e7c4833990a848acfafbc9b622e7b4ea730845f665ebcfee80c27da
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
9a39874c0909fb3a7c914ace4afcd942f0146dd677872ed32b7239ba709432f3
9d07dcb5aa030c311fa7e40bc145a189a1440e931d9778da77421416bac34007
9d5e1a4a2e9875597af4a937a542661d77480084ecf51b212ca8c12528e6909a
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b16c5152f8e3f0f334d9a4108567f1c803be4e4b15dc91bc59e92a323f25c5cb
b961a82eb585e75b1953b6381d57f96790e78ab718b5768c04f0f1866555e262
bb23189475c4f60039d1389da9ab3225c9c215c3ffa4af384ceccecc038759ab
bcbf5baf3fbe1ce55828221062341d9a30a688ce01378be721ad3123041ae6a4
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c8e9ae801bb00bedc2a3f05bd19e5006b9e6a44279f96b31dc0c510beabaee18
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cd19eafdd6ab2ad1387b0a184bbdb1bf2e217b462bea68e7b7fd72d0068cc585
ced4f5af4c7f955795178dfd048c402ef68852883513d3ebefdedfc595b3ee46
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d352df7d7b8a11b5d522d0beebb347a1923c487457aea20d0a9ca4532053718e
d6948db27aba26fc8dc71d9ad89b9040ce1a91ee2fb104042cecc21dcc0072e5
d86221ed229a2d53f9a49557eb644fec632deb3ba7b500eec577a370817081e5
d9207181c7e36bc59241d8704c4c5c4e99c716824c70a43ee81fdc13c3765ab8
df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241
e1cd9602b63db552abd2b3cd8689102702d17efae5e9fe98f94691efc77897b9
e29f972527fba502ab11e9a889538d35368a7280215e478297fb1c30d1d7e044
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f20346c3b458b7f3935a6f0ae704f272f868ab4ec4dbb68b318275d3f7f62
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
fe146aa33227a8d5760c92a451edfc616f638486cad99d469f7a1747ee43f458