URL: https://moneymatteronline.com/
Submission: On October 17 via api from IN — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3032::ac43:d9e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is moneymatteronline.com.
TLS certificate: Issued by WE1 on October 7th 2024. Valid for: 3 months.
This is the only time moneymatteronline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
8 moneymatteronline.com
moneymatteronline.com
37 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
267ffa154c45cdb49b2597d28b829f59.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
315 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
181 KB
20 5
Domain Requested by
8 moneymatteronline.com 1 redirects moneymatteronline.com
3 www.googletagmanager.com moneymatteronline.com
www.googletagmanager.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 securepubads.g.doubleclick.net moneymatteronline.com
securepubads.g.doubleclick.net
1 267ffa154c45cdb49b2597d28b829f59.safeframe.googlesyndication.com securepubads.g.doubleclick.net
20 7

This site contains links to these domains. Also see Links.

Domain
generatepress.com
Subject Issuer Validity Valid
moneymatteronline.com
WE1
2024-10-07 -
2025-01-05
3 months crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 3 frames:

Primary Page: https://moneymatteronline.com/
Frame ID: 76A84B35CE018A5A59195520D4339088
Requests: 18 HTTP requests in this frame

Frame: https://267ffa154c45cdb49b2597d28b829f59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B9402A754E6F1E74065846E6FE49EFB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: EC10EA21A7A40EFD1A4511CDEB001B8C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

moneymatteronlie

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

90 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

552 kB
Transfer

1713 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://moneymatteronline.com/favicon.ico HTTP 302
  • https://moneymatteronline.com/wp-includes/images/w-logo-blue-white-bg.png

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
moneymatteronline.com/
53 KB
10 KB
Document
General
Full URL
https://moneymatteronline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0591c0a93adddfcafafb428421ef5e748fb6036e9a1dfc208d1b6ebb4d23eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d4010930d565d70-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 17 Oct 2024 11:49:20 GMT
link
<https://moneymatteronline.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQyg%2BiQyeITZFRcAbzd8ZdmMXQ%2BUf0ixFxaitacSzzGTFDqldyjowM9z8ckSFezLe9XDSAeb1Vp27b8SzqnemCO397m4XY%2F1bkF8pbMTa%2B1Kq8XyBz0s076%2Bla8ZK%2Fhkzl%2BA2WZ1fs%2F0GO1G2Uz2zDFt4Fs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
x-ua-compatible
IE=edge
js
www.googletagmanager.com/gtag/
317 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1V14WN7SF1
Requested by
Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7825ef7c8e484a36444a109e0ea4ae1c5be9e52e40ea370af2e6ea6cef6d4581
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 17 Oct 2024 11:49:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107568
x-xss-protection
0
server
Google Tag Manager
gpt.js
securepubads.g.doubleclick.net/tag/js/
105 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95aff5ed0063e98d4f94d533dd950cc69043963decb837c3ccdab8cd28f47720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
br
etag
784 / 20013 / 31088175 / config-hash: 1308642133070960318
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 11:49:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33378
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
311 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MT31EZG649
Requested by
Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e1337b918a21dd104c322c3f2b058f168b0067adb3027f2965ef445eb45b214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 17 Oct 2024 11:49:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106116
x-xss-protection
0
server
Google Tag Manager
style.min.css
moneymatteronline.com/wp-includes/css/dist/block-library/
52 KB
8 KB
Stylesheet
General
Full URL
https://moneymatteronline.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.16
Requested by
Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d159-6202cf36ecafe-gzip"
age
5574
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KvzvNn25CFx9khx4APN5P9GY7YWdFT1zhGS23QnU%2Bl9PuxiRx1QVQxrwToiOBcDJofYQhYxT1%2F5bbmVvTooRXd7U3iol5lbE3KqJrGinmodBfEv%2B%2F0irz1yfvO7pGxIohp0QjQHaD%2BfbdjTkB8TzvLShlRY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
text/css
last-modified
Wed, 21 Aug 2024 08:01:35 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d401093de425d70-FRA
accept-ranges
bytes
content-length
7642
server
cloudflare
main.min.css
moneymatteronline.com/wp-content/themes/generatepress/assets/css/
19 KB
5 KB
Stylesheet
General
Full URL
https://moneymatteronline.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0
Requested by
Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"4c6c-61b74979bf280-gzip"
age
912
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbypQgjgqn3jgyPKfpD%2BYV0CNbx2xn3n1VlZcEiPQi5AjvPXtkYVokxHBQoodJNKBOxHKG8UY7pRLcELn9ARHvZqWLZr7cdaDeVqONdBJxC057AzE0dgSg%2BseJqdD101hAWZvuh86vIVPypp3Q5THLIGtC0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
text/css
last-modified
Sat, 22 Jun 2024 06:23:54 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d401093de445d70-FRA
accept-ranges
bytes
content-length
4683
server
cloudflare
menu.min.js
moneymatteronline.com/wp-content/themes/generatepress/assets/js/
7 KB
2 KB
Script
General
Full URL
https://moneymatteronline.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0
Requested by
Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1b2d-61b74979bf280-gzip"
age
5110
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sh9kywHXIPOGcvcpHS0gxg6rjIoW4zAUgI3qhrYznVY5r%2BAhClgyTymIhouoBVWMad2kpi83QNfDjQhymKdzq8RZVWJpPnABuRM3xNFGAQysLGo6VVvcbJxta9eg5mHid6MvpUC9Q31hdrpR9FOL%2FH7EPXI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
text/javascript
last-modified
Sat, 22 Jun 2024 06:23:54 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d401093de485d70-FRA
accept-ranges
bytes
content-length
1693
server
cloudflare
wp-embed.min.js
moneymatteronline.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://moneymatteronline.com/wp-includes/js/wp-embed.min.js?ver=5.4.16
Requested by
Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"5c6-6202cf37022c4-gzip"
age
5352
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uc%2BGc3%2BejjghLMYhsrZ%2BrN%2By%2FMs96vlphstSXeL1%2F%2BkyQyaMRUvv%2FprDJPzkbjbRXcGwhEz48fxfFmVdYlE0OEde2V76djZQrSb0epEyhvrCLDTSgV%2FJYNjcEG7y%2BKgUYD0dL1cddI6TSUKMsR20QlX4Yw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
text/javascript
last-modified
Wed, 21 Aug 2024 08:01:35 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d401093de4f5d70-FRA
accept-ranges
bytes
content-length
804
server
cloudflare
wp-emoji-release.min.js
moneymatteronline.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://moneymatteronline.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.16
Requested by
Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"363c-6202cf3701324-gzip"
age
6990
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KH1huArk035MRQCVFXWdLGUFyvI6DW540%2BwE6mZNSozCGa9f35amYLB3fBAir%2FMXmuGvaOQ%2F17uSSG%2BWRrPOq9KhrPk1WLIwsWlhdhNTkSP1PJYyL0NfEvZNQOPUpb%2BlyhTkAWB7cVQBTVs4tgRbrcWEGt0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
text/javascript
last-modified
Wed, 21 Aug 2024 08:01:35 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d401093fe835d70-FRA
accept-ranges
bytes
content-length
4646
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/
478 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088175
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592e81b6cea7d6e226497bfa57722b8ae306281cf092d243bc96f4688c1147c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
br
etag
8653127067744972146
age
6487
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 10:01:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 17 Oct 2024 10:01:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
151948
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
317 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1V14WN7SF1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MT31EZG649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60701e35af97dd77d2ea8f0ba0511b8afd2de4162a7786a40cb2b97b647a3600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 17 Oct 2024 11:49:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107694
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MT31EZG649&gtm=45je4ag0v9108270830za200&_p=1729165760622&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101686685&cid=1644036516.1729165761&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729165760&sct=1&seg=0&dl=https%3A%2F%2Fmoneymatteronline.com%2F&dt=moneymatteronlie&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=271
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MT31EZG649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://moneymatteronline.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1V14WN7SF1&gtm=45je4ag0v9188550792za200zb9108270830&_p=1729165760622&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665~101686685~101836706&cid=1644036516.1729165761&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729165760&sct=1&seg=0&dl=https%3A%2F%2Fmoneymatteronline.com%2F&dt=moneymatteronlie&en=page_view&_fv=1&_ss=1&_ee=1&tfd=298
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1V14WN7SF1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://moneymatteronline.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 11:49:20 GMT
content-type
text/plain
server
Golfe2
ads
pagead2.googlesyndication.com/gampad/
614 B
331 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=362050847193748&correlator=4203240148171216&eid=31088175%2C95344562%2C31061690%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202410150101&ptt=17&impl=fifs&iu_parts=22976063266%2Cheader%2Cad1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1729165760783&lmt=1729165760&adxs=650&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmoneymatteronline.com%2F&vis=1&psz=1600x250&msz=1600x250&fws=0&ohw=0&td=1&egid=60929&tan=64d5f9ce-6657-440e-80b9-3d8730daf615&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729165760603&idt=151&adks=2819592357&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61aaa4ef979afb2193f4e9a025f2705c3e065c2a75089c537ffd6fadb610205c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 17 Oct 2024 11:49:21 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://moneymatteronline.com
content-length
302
x-xss-protection
0
server
cafe
container.html
267ffa154c45cdb49b2597d28b829f59.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B940
0
0
Document
General
Full URL
https://267ffa154c45cdb49b2597d28b829f59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://moneymatteronline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 11:49:20 GMT
expires
Thu, 17 Oct 2024 11:49:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e1430d6f30af4959a4e46394faf612afb157ec3574a603f7cc724e44df59a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13062
date
Thu, 17 Oct 2024 11:49:21 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
w-logo-blue-white-bg.png
moneymatteronline.com/wp-includes/images/
Redirect Chain
  • https://moneymatteronline.com/favicon.ico
  • https://moneymatteronline.com/wp-includes/images/w-logo-blue-white-bg.png
4 KB
5 KB
Other
General
Full URL
https://moneymatteronline.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
2606:4700:3032::ac43:d9e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

cf-cache-status
HIT
etag
"1017-5d0dca9a37e40"
age
1247
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=heanYaVdLeUYkI4CpDrGfQj50jDNSVEunMKT18snaVESAGFFswqBCHabgoBqdxn7i6xYbWIp7PlTpkh27HU8a3%2F%2F8bvlI236MSGTeaEGkzNPbD3%2BlfZ9stdb7LvKDk9KXAUFuuoYavdg23NOTZfaHnEjE5g%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 17 Oct 2024 11:49:21 GMT
content-type
image/png
last-modified
Tue, 16 Nov 2021 00:04:01 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d401096c9865d70-FRA
accept-ranges
bytes
content-length
4119
server
cloudflare

Redirect headers

x-redirect-by
WordPress
link
<https://moneymatteronline.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://moneymatteronline.com/wp-includes/images/w-logo-blue-white-bg.png
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLHKjPAwxIdijaz%2B%2BQrYIQFlt2A%2BON7JJwgfBqg7SIiDh3W08Q8ye5W7dtvnAcoK1gqEeiaBR9LNph7fH26vW1MSEggiBa%2BBmWqAsTN6uFleHsSkdqw4XQW%2BtzNRvbqOgv6YAlmimQNLOaTqFQ5LCmc8s20%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d40109659105d70-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-ua-compatible
IE=edge
date
Thu, 17 Oct 2024 11:49:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moneymatteronline.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 11:49:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 11:49:21 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame EC10
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://moneymatteronline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2669
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 11:04:52 GMT
expires
Thu, 17 Oct 2024 11:54:52 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410150101&jk=362050847193748&bg=!U1ClUB_NAAaUWUsktFk7ADQBe5WfOCf7ushnw8hCtYYDZcN-NOyT_QcaaH5eolFX3mLgmHU4wMvZGLDNq3zFDDX4FNxFAgAAADdSAAAAAWgBB34ANgStKsYUsGm9c2E-WDsCLA8FyKpwVfgn6RgfLrtwBBh3jJHgl14ndOBOMgnK5VyEANC4F24_DpkCquwgfqlG8WIt2KBWUN6LoHahvj_847Ct3b0ddgk_PKClKIisjmF4Ap3pdwCXe277EQTLotnGoTgWvwH5nsHlo9fvrqVHi8JkX1ixs5qm9K727kNP1VEl0ORWusan_Cvtse3BkHHPkzUpA5zP_ZyQjOoGp37FPA_MsBYmy0_z2zSXNeP4Lz95ihc5sDYJaL1SRUN3rgvzvfW2C-Kg_-i-ecXooCEPq7qTaR0wBKu_AUFXDBjwxqXimr0YtqJ_BYQAo9JGDZ7ZpySsIHKdBYKeddtoJanpH7NwmIMaBuhbZmjWe9jQTJBzo0Rnyh9r2EX7r2v-J-f1U1a8LC1phgVk0_2PVyTVJwLrCU5NFCHrIPHylhu62dNA2qvcTwikytr56iotk_3EhdntP3nrGSUm1FHrOnGGWXsNws7IKxXvCh2UNRbZIGDPxtu7Ptdxl51twAMnHInFT3BDg4Y7CKq7VUN8TArv_2OtynCMa36KOjRTEzRlavYnPP0eW6dNnclBkzOeIosgpmgKSBCitecu-92yPc03kMxrkq1MOirUtKMsQhAuKOT_OZoZbzdoYFzxq1QNjB1GuAPHmnxDsYcMcjP0liZSVAnVSHjvoiXjG2FP2SJrGdCm8eLRebEUmEn4QDb9xsZVYcNiDjc8WinCKbrPHWk8NiVBpXxDJOMVbfgeqQeyK0Hl1htCSaOvuny6poYuzPd-yaad-k6cgM0ZJk9JkCzvt8CPe9juAyFk9-cvnzs7zJpucvDIcrgQwE50Vk_mF1rlihUatzDEADTXg_47dYLdPULrfUxV9qLMFlpytGrxWPSR1OazZZKVZpzrL-u5PxU9F1igQe15MjsQLeR1QkMmW3ImqemxcdjClGjTFG1X83pL7IXysBV1Qnp0WsHPL3jNdVu10iQ

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| googletag function| scrollWin object| _wpemojiSettings object| generatepressMenu object| wp object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue object| twemoji object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| google_reactive_ads_global_state number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.moneymatteronline.com/ Name: _ga_MT31EZG649
Value: GS1.1.1729165760.1.0.1729165760.0.0.0
.moneymatteronline.com/ Name: _ga
Value: GA1.1.1644036516.1729165761
.moneymatteronline.com/ Name: _ga_1V14WN7SF1
Value: GS1.1.1729165760.1.0.1729165760.0.0.0
.moneymatteronline.com/ Name: __eoi
Value: ID=0a7db3c6fab3b8a3:T=1729165760:RT=1729165760:S=AA-Afjbpny_YfIf64ucX_qBpiZzQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

267ffa154c45cdb49b2597d28b829f59.safeframe.googlesyndication.com
moneymatteronline.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
2001:4860:4802:32::36
2606:4700:3032::ac43:d9e9
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
592e81b6cea7d6e226497bfa57722b8ae306281cf092d243bc96f4688c1147c2
60701e35af97dd77d2ea8f0ba0511b8afd2de4162a7786a40cb2b97b647a3600
61aaa4ef979afb2193f4e9a025f2705c3e065c2a75089c537ffd6fadb610205c
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
6e1430d6f30af4959a4e46394faf612afb157ec3574a603f7cc724e44df59a83
7825ef7c8e484a36444a109e0ea4ae1c5be9e52e40ea370af2e6ea6cef6d4581
7e0591c0a93adddfcafafb428421ef5e748fb6036e9a1dfc208d1b6ebb4d23eb
8e1337b918a21dd104c322c3f2b058f168b0067adb3027f2965ef445eb45b214
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
95aff5ed0063e98d4f94d533dd950cc69043963decb837c3ccdab8cd28f47720
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99