urlscan.io logo urlscan.io
SecurityTrails logo

widgets.adskeeper.com Open in urlscan Pro
2606:4700::6812:82e  Public Scan

Go To Rescan Add Verdict Report
URL: http://widgets.adskeeper.com/monetize/
Submission: On August 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6812:82e, located in United States and belongs to CLOUDFLARENET, US. The main domain is widgets.adskeeper.com. The Cisco Umbrella rank of the primary domain is 585704.
This is the only time widgets.adskeeper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 195.201.57.90 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
21 6
9    2606:4700::6812:82e (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.adskeeper.com
4    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    195.201.57.90 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.57.201.195.clients.your-server.de
ipwhois.app
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 adskeeper.com
widgets.adskeeper.com — Cisco Umbrella Rank: 585704
300 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
607 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
33 KB
1 ipwhois.app
ipwhois.app — Cisco Umbrella Rank: 132458
955 B
21 4
Domain Requested by
9 widgets.adskeeper.com widgets.adskeeper.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com widgets.adskeeper.com
www.gstatic.com
www.google.com
1 fonts.gstatic.com www.google.com
1 ipwhois.app widgets.adskeeper.com
21 5

This site contains links to these domains. Also see Links.

Domain
adskeeper.com
www.megastock.com
passport.webmoney.ru
www.adskeeper.co.uk
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
ipwhois.app
GoGetSSL ECC DV CA		 2023-04-05 -
2024-04-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://widgets.adskeeper.com/monetize/
Frame ID: C3323967FD222AE24E88EA5AAC6ADAA1
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E&co=aHR0cDovL3dpZGdldHMuYWRza2VlcGVyLmNvbTo4MA..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&theme=light&size=normal&cb=djq127cmuert
Frame ID: 72711CC3D4AC6CB5DC1A6BB2C04A2DFB
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QybaJej5brGL8d7EvWmfKMZU&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E
Frame ID: 2E58DD87F1936405640CDDC9392C52CE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ad recommendation platform for publishers | AdsKeeper

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

21
Requests

57 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

941 kB
Transfer

1983 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
widgets.adskeeper.com/monetize/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4332af258b1410fb477f9fc5fdc2bb083bc512c1f60cbb3139e97d668d301f43

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7f856b6f8ba53a49-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 17 Aug 2023 22:40:35 GMT
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
Server
cloudflare
Transfer-Encoding
chunked
X-Mg-Request-UUID
49a35d6a-6f45-43c0-86d4-3576c2b97ca7
alt-svc
h3=":443"; ma=86400
styles.css
widgets.adskeeper.com/css/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://widgets.adskeeper.com/css/styles.css
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990291b59bcf091a6f999fe39b4d14edf60927c51433a29aadf9da3bf4cffa7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/monetize/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Mg-Request-UUID
ae5a206f-1028-48c1-8725-76ad34d185fe
Age
5983
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
Server
cloudflare
ETag
W/"62cd32b0-e4f0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
CF-RAY
7f856b706c343a49-FRA
Expires
Fri, 18 Aug 2023 02:40:35 GMT
api.js
www.google.com/recaptcha/ 		910 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit&hl=en
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
883cbd488e8784c9ab35981e0aead1b7806fd77fd67da5d79dbfa9b8838fe135
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
1; mode=block
expires
Thu, 17 Aug 2023 22:40:35 GMT
ic_logo.svg
widgets.adskeeper.com/monetize/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.adskeeper.com/monetize/img/ic_logo.svg
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ca03d7a71aa808e86b21bbcda6539394b670c1b5d10e9fce17c4c79c440cad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/monetize/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:36 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
X-Mg-Request-UUID
f547cb9c-6c9e-40a4-9f7f-c305f345d24c
Server
cloudflare
ETag
W/"62cd32b0-17e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=14400
Connection
keep-alive
CF-RAY
7f856b70a8143832-FRA
alt-svc
h3=":443"; ma=86400
Expires
Fri, 18 Aug 2023 02:40:36 GMT
88x31_wm_black_blue.png
widgets.adskeeper.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.adskeeper.com/img/88x31_wm_black_blue.png
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80f86ec7c0a417068e30c4bc6dbeee6bfc99eb30b17ff3a7bf21202a918fe40

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/monetize/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:35 GMT
CF-Cache-Status
HIT
X-Mg-Request-UUID
b8cc5f31-01b9-4b81-b151-f8d6ccf5a1f9
Age
5983
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
3017
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
Server
cloudflare
ETag
"62cd32b0-bc9"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
7f856b70ad1e194d-FRA
Expires
Fri, 18 Aug 2023 02:40:35 GMT
v_blue_on_transp_en.png
widgets.adskeeper.com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.adskeeper.com/img/v_blue_on_transp_en.png
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66e625c06e94ce25048ece7b77bf49f2d2d2d34ad55c6e374c5bfbaf08b3fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/monetize/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:36 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
X-Mg-Request-UUID
cce7da8a-a448-45e4-88a2-d2bee911e27b
Server
cloudflare
ETag
"62cd32b0-548"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f856b70aa999ba4-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
1352
Expires
Fri, 18 Aug 2023 02:40:36 GMT
ic_logo.svg
widgets.adskeeper.com/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.adskeeper.com/img/ic_logo.svg
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ca03d7a71aa808e86b21bbcda6539394b670c1b5d10e9fce17c4c79c440cad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/monetize/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Mg-Request-UUID
b5161c57-a2bc-4153-ab88-0141beaa1f04
Age
5974
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
Server
cloudflare
ETag
W/"62cd32b0-17e0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=14400
CF-RAY
7f856b70ad619010-FRA
Expires
Fri, 18 Aug 2023 02:40:35 GMT
jquery.min.js
widgets.adskeeper.com/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.adskeeper.com/js/jquery.min.js
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/monetize/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Mg-Request-UUID
8baa2554-072b-4d56-ac1d-03aecf1515b6
Age
5983
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
Server
cloudflare
ETag
W/"62cd32b0-1787f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
CF-RAY
7f856b708c3e3a49-FRA
Expires
Fri, 18 Aug 2023 02:40:35 GMT
main.js
widgets.adskeeper.com/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.adskeeper.com/js/main.js
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e1be0b6666dc029f57406509584a3cce3b8c1b978066f98d62c69cb0ee3b9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/monetize/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Mg-Request-UUID
4821b6f2-f937-40e6-acda-e056f31a7f2f
Age
5983
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
Server
cloudflare
ETag
W/"62cd32b0-2a40"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
CF-RAY
7f856b70ac553a49-FRA
Expires
Fri, 18 Aug 2023 02:40:35 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ 		450 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://widgets.adskeeper.com/
Origin
http://widgets.adskeeper.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184483
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 17:59:35 GMT
/
ipwhois.app/json/ 		683 B
955 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipwhois.app/json/
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
195.201.57.90 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.57.201.195.clients.your-server.de
Software
ipwhois /
Resource Hash
4a5258418e6365b2c445f30f6a12a6a9a2356b88229852848bebdb46598cde6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:36 GMT
Server
ipwhois
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex
Access-Control-Allow-Headers
*
anchor
www.google.com/recaptcha/api2/ Frame 7271 		55 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E&co=aHR0cDovL3dpZGdldHMuYWRza2VlcGVyLmNvbTo4MA..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&theme=light&size=normal&cb=djq127cmuert
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2bdf29a7d7b1ace5501078cd4a28784cd1ee32bf8f0378fe95cff9d00db2378d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--d9k9y06ZcpKrhXzVJScYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://widgets.adskeeper.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
31293
content-security-policy
script-src 'report-sample' 'nonce--d9k9y06ZcpKrhXzVJScYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 22:40:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
land-bg-1-1.png
widgets.adskeeper.com/img/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.adskeeper.com/img/land-bg-1-1.png
Requested by
Host: widgets.adskeeper.com
URL: http://widgets.adskeeper.com/monetize/
Protocol
HTTP/1.1
Server
2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17680988deb278fcccdb10de91e95dce2999035b4d88d146f216a57a9e7d180a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://widgets.adskeeper.com/monetize/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 22:40:36 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Tue, 12 Jul 2022 08:37:04 GMT
X-Mg-Request-UUID
1a7c2e78-e0e7-4928-8eaf-5f9643ec8220
Server
cloudflare
ETag
"62cd32b0-3c6dd"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f856b715dac194d-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
247517
Expires
Fri, 18 Aug 2023 02:40:36 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ Frame 7271 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E&co=aHR0cDovL3dpZGdldHMuYWRza2VlcGVyLmNvbTo4MA..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&theme=light&size=normal&cb=djq127cmuert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 17:59:35 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ Frame 7271 		450 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E&co=aHR0cDovL3dpZGdldHMuYWRza2VlcGVyLmNvbTo4MA..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&theme=light&size=normal&cb=djq127cmuert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184483
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 17:59:35 GMT
truncated
/ Frame 7271 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7271 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7271 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 01:27:29 GMT
x-content-type-options
nosniff
age
162787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 23 Aug 2023 01:27:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7271 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E&co=aHR0cDovL3dpZGdldHMuYWRza2VlcGVyLmNvbTo4MA..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&theme=light&size=normal&cb=djq127cmuert
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 02:58:03 GMT
x-content-type-options
nosniff
age
502953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 02:58:03 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7271 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QybaJej5brGL8d7EvWmfKMZU
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E&co=aHR0cDovL3dpZGdldHMuYWRza2VlcGVyLmNvbTo4MA..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&theme=light&size=normal&cb=djq127cmuert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f0570843a4b0e86673611f5b29d7f4555e315587c5e8e109d65c640bd870f91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E&co=aHR0cDovL3dpZGdldHMuYWRza2VlcGVyLmNvbTo4MA..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&theme=light&size=normal&cb=djq127cmuert
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 17 Aug 2023 22:40:36 GMT
bframe
www.google.com/recaptcha/api2/ Frame 2E58 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=QybaJej5brGL8d7EvWmfKMZU&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
685f30f9cb502ca023ea562f6ce406b7bf68e25fac07168b91db1257891ea69d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GQPtFnO5__Ra_KJU3Bqavw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://widgets.adskeeper.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1161
content-security-policy
script-src 'report-sample' 'nonce-GQPtFnO5__Ra_KJU3Bqavw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 22:40:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ Frame 2E58 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QybaJej5brGL8d7EvWmfKMZU&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 17:59:35 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ Frame 2E58 		450 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QybaJej5brGL8d7EvWmfKMZU&k=6Ldd0BMUAAAAACrY0a39kgp6bwcFtor8aiwKY59E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184483
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 17:59:35 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 number| feedbackRecaptcha string| reCaptchaKey function| CaptchaCallback function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| toggleMenu function| submitForm object| jQuery11100535779052253452 object| recaptcha object| closure_lm_109233

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
ipwhois.app
widgets.adskeeper.com
www.google.com
www.gstatic.com
195.201.57.90
2606:4700::6812:82e
2a00:1450:4001:801::2004
2a00:1450:4001:813::2003
2a00:1450:4001:831::2003
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
17680988deb278fcccdb10de91e95dce2999035b4d88d146f216a57a9e7d180a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2bdf29a7d7b1ace5501078cd4a28784cd1ee32bf8f0378fe95cff9d00db2378d
38e1be0b6666dc029f57406509584a3cce3b8c1b978066f98d62c69cb0ee3b9b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4332af258b1410fb477f9fc5fdc2bb083bc512c1f60cbb3139e97d668d301f43
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4a5258418e6365b2c445f30f6a12a6a9a2356b88229852848bebdb46598cde6e
685f30f9cb502ca023ea562f6ce406b7bf68e25fac07168b91db1257891ea69d
883cbd488e8784c9ab35981e0aead1b7806fd77fd67da5d79dbfa9b8838fe135
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
8f0570843a4b0e86673611f5b29d7f4555e315587c5e8e109d65c640bd870f91
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
990291b59bcf091a6f999fe39b4d14edf60927c51433a29aadf9da3bf4cffa7a
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee
b66e625c06e94ce25048ece7b77bf49f2d2d2d34ad55c6e374c5bfbaf08b3fe6
e6ca03d7a71aa808e86b21bbcda6539394b670c1b5d10e9fce17c4c79c440cad
e80f86ec7c0a417068e30c4bc6dbeee6bfc99eb30b17ff3a7bf21202a918fe40