urlscan.io logo urlscan.io
SecurityTrails logo

cs.readermonthly.com Open in urlscan Pro
2606:4700:3033::6812:2bc3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://marbouha.club/r.php?t=c&d=224387&l=797&c=420992
Effective URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&e...
Submission: On April 16 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 13 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3033::6812:2bc3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cs.readermonthly.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 4th 2020. Valid for: 8 months.
This is the only time cs.readermonthly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 80.211.2.147 31034 (ARUBA-ASN)
1 1 52.210.174.128 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.111.9.35 33438 (HIGHWINDS2)
9 52.239.137.68 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
26 10
1    80.211.2.147 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host147-2-211-80.serverdedicati.aruba.it
marbouha.club
1    52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
tracking.tagzonernk.com
1    2606:4700:3030::6818:728b (United States)

ASN13335 (CLOUDFLARENET, US)
clickuro.com
2    2606:4700:3033::6812:2bc3 (United States)

ASN13335 (CLOUDFLARENET, US)
cs.readermonthly.com
7    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
9    52.239.137.68 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
campaignsys.blob.core.windows.net
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    2606:4700:3035::681b:b37f (United States)

ASN13335 (CLOUDFLARENET, US)
api.mdsyzz.com
1    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:3032::681f:582e (United States)

ASN13335 (CLOUDFLARENET, US)
api.mdsyzz.info
1    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
9 campaignsys.blob.core.windows.net cs.readermonthly.com
7 cdnjs.cloudflare.com cs.readermonthly.com
2 use.fontawesome.com cs.readermonthly.com
2 cs.readermonthly.com cs.readermonthly.com
1 www.facebook.com cs.readermonthly.com
1 connect.facebook.net cs.readermonthly.com
1 api.mdsyzz.info api.mdsyzz.com
1 www.youtube.com cs.readermonthly.com
1 api.mdsyzz.com cs.readermonthly.com
1 cdn.onesignal.com cs.readermonthly.com
1 clickuro.com 1 redirects
1 tracking.tagzonernk.com 1 redirects
1 marbouha.club 1 redirects
26 13

This site contains links to these domains. Also see Links.

Domain
readermonthly.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-04 -
2020-10-09		 8 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 2		 2020-01-26 -
2022-01-26		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Frame ID: AE5C31CF6DBD86A563DD93CF8F07FF2C
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xj_-esCVbm8?controls=0
Frame ID: 4F682983660A0974B528D2DDDA23D0F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://marbouha.club/r.php?t=c&d=224387&l=797&c=420992 HTTP 302
    http://tracking.tagzonernk.com/aff_c?offer_id=8929&aff_id=4848&aff_sub1=29&aff_sub2=224387&aff_sub3=40&aff_... HTTP 302
    https://clickuro.com/r/lb/704/ca2ebdf5/60/8?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&fir... HTTP 302
    https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Page Statistics

26
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

13
Subdomains

10
IPs

4
Countries

1085 kB
Transfer

1970 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://marbouha.club/r.php?t=c&d=224387&l=797&c=420992 HTTP 302
    http://tracking.tagzonernk.com/aff_c?offer_id=8929&aff_id=4848&aff_sub1=29&aff_sub2=224387&aff_sub3=40&aff_sub4=797&aff_sub5=420992 HTTP 302
    https://clickuro.com/r/lb/704/ca2ebdf5/60/8?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29 HTTP 302
    https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 704
cs.readermonthly.com/99833/60/8/
Redirect Chain
  • http://marbouha.club/r.php?t=c&d=224387&l=797&c=420992
  • http://tracking.tagzonernk.com/aff_c?offer_id=8929&aff_id=4848&aff_sub1=29&aff_sub2=224387&aff_sub3=40&aff_sub4=797&aff_sub5=420992
  • https://clickuro.com/r/lb/704/ca2ebdf5/60/8?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
  • https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
145 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6812:2bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
92a0b3565ee4bccb10323705cd2fcb9f1bb63d112665594399956f8fa07eda68

Request headers

:method
GET
:authority
cs.readermonthly.com
:scheme
https
:path
/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 16 Apr 2020 02:58:10 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d2d88f923d3d5b846b6fee69875d479851587005889; expires=Sat, 16-May-20 02:58:09 GMT; path=/; domain=.readermonthly.com; HttpOnly; SameSite=Lax ASP.NET_SessionId=ok13kniw4pvsw5gn0x0grpzs; path=/; HttpOnly; SameSite=Lax ARRAffinity=e149a91a8fa8c090cdafb611f2e601e1b44387bfa6da3af0cd5e60720843a152;Path=/;HttpOnly;Domain=cs.readermonthly.com
cache-control
private
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:9021b532-f8da-446f-ac7a-4666b6a52f41
access-control-expose-headers
Request-Context
x-powered-by
ASP.NET
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
584aa4984df8145a-FRA
content-encoding
br
cf-request-id
022285332e0000145a211c0200000001

Redirect headers

status
302
date
Thu, 16 Apr 2020 02:58:09 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=df2d2910851e994f8fa6e6315f9d9ac8f1587005889; expires=Sat, 16-May-20 02:58:09 GMT; path=/; domain=.clickuro.com; HttpOnly; SameSite=Lax click=704; expires=Fri, 17-Apr-2020 02:58:09 GMT; path=/ ARRAffinity=e149a91a8fa8c090cdafb611f2e601e1b44387bfa6da3af0cd5e60720843a152;Path=/;HttpOnly;Domain=clickuro.com
cache-control
private
location
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:9021b532-f8da-446f-ac7a-4666b6a52f41
access-control-expose-headers
Request-Context
x-powered-by
ASP.NET
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
584aa496fb2ad6c1-FRA
cf-request-id
02228532570000d6c1eb8c6200000001
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
14587237
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02228537740000dffb97340200000001
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:26:03 GMT
server
cloudflare
etag
W/"5afd4aab-1d970"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
584aa49f2a39dffb-FRA
expires
Tue, 06 Apr 2021 02:58:10 GMT
all.js
use.fontawesome.com/releases/v5.3.1/js/ 		963 KB
401 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/js/all.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
gzip
last-modified
Tue, 28 Aug 2018 18:00:39 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"d0482db440697a659af4980d2e841891"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
v4-shims.js
use.fontawesome.com/releases/v5.3.1/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/js/v4-shims.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
b6aff3c3243270b1640acb09d152266a2bcdaabcf7b13bc8fa9804415982047d

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
gzip
last-modified
Tue, 28 Aug 2018 18:00:40 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"ee849cdefc4ea73142659f04402a1a99"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
14677322
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02228537740000dffb97341200000001
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
584aa49f2a3bdffb-FRA
expires
Tue, 06 Apr 2021 02:58:10 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
967828
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02228537740000dffb97342200000001
served-in-seconds
0.019
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:26:03 GMT
server
cloudflare
etag
W/"5afd4aab-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
584aa49f2a3cdffb-FRA
expires
Tue, 06 Apr 2021 02:58:10 GMT
validator.js
cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/validator.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
522a88aa0357c11f0284531a0fc56b634b4150897fb28a9bee6b1a6ae2566557
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
29032602
content-security-policy-report-only
default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=584aa49f2a3edffb
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02228537750000dffb97343200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:10 GMT
server
cloudflare
etag
W/"5afd481e-2f7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
584aa49f2a3edffb-FRA
expires
Tue, 06 Apr 2021 02:58:10 GMT
jquery.matchHeight-min.js
cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/jquery.matchHeight-min.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
22965025
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02228537750000dffb97344200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:13 GMT
server
cloudflare
etag
W/"5afd494d-d34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
584aa49f2a3fdffb-FRA
expires
Tue, 06 Apr 2021 02:58:10 GMT
jquery.fittext.min.js
cdnjs.cloudflare.com/ajax/libs/FitText.js/1.2.0/ 		567 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/FitText.js/1.2.0/jquery.fittext.min.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df1fce4f60f0fb5cfc4ddcc9a9a465e7c6c2d952b96ed1d37f2a7e07ec30381
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
22965005
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02228537750000dffb97345200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:11 GMT
server
cloudflare
etag
W/"5afd481f-237"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
584aa49f2a40dffb-FRA
expires
Tue, 06 Apr 2021 02:58:10 GMT
main_img.png
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/main_img.png
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
82f557465f628631f69c157489a6e43fd8c7a9e96749a2bc698fbf758dbec8eb

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:10 GMT
Content-Encoding
image/png
x-ms-meta-layoutid
10206
Last-Modified
Thu, 06 Dec 2018 08:26:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
GsTLpbkaqJB1xX6yTTHkVA==
ETag
0x8D65B5475C20433
Access-Control-Allow-Origin
*
x-ms-request-id
431f29ab-301e-010d-499a-139f8f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
112460
price_be.png
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/price_be.png
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
55d0692036a0eae152122c15a1139e9a1c55be0440ce3602277ec2a50e4f27ab

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:10 GMT
Content-Encoding
image/png
x-ms-meta-layoutid
10206
Last-Modified
Thu, 06 Dec 2018 11:00:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
G1H6ZStmB/QjsBNX+vZS0A==
ETag
0x8D65B6A1AF8C674
Access-Control-Allow-Origin
*
x-ms-request-id
88c08582-901e-0122-6c9a-131eb5000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
7862
sec2_img_be.png
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/sec2_img_be.png
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1c6747a42720d31bca52967c1dfed9ca9d2a97a930be2f2819a554b7e24c6f8a

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:10 GMT
Content-Encoding
image/png
x-ms-meta-layoutid
10206
Last-Modified
Thu, 06 Dec 2018 08:26:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QGvLxkEfohXTXolCQihRqA==
ETag
0x8D65B5475E6A36D
Access-Control-Allow-Origin
*
x-ms-request-id
6934ad00-601e-00f4-259a-13133a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
29998
email-decode.min.js
cs.readermonthly.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs.readermonthly.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6812:2bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 06 Apr 2020 16:30:08 GMT
server
cloudflare
etag
W/"5e8b5910-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
584aa49f4e8a145a-FRA
cf-request-id
022285378c0000145a211f5200000001
expires
Sat, 18 Apr 2020 02:58:10 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1d2bcb61802ca852d198062aa3d4e0294555fe3fdb9aeedd68c072bcc12cde8

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:10 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2104
etag
W/"9189e8a4b6e2d2bd8b624325af5b4d52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
584aa49f6988d6c5-FRA
cf-request-id
022285379c0000d6c5dc819200000001
expires
Thu, 16 Apr 2020 14:58:10 GMT
auto-push.min.js
api.mdsyzz.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.mdsyzz.com/auto-push.min.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b37f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6f33ce26a4bdaece7c1c98289ad21dbe60b540046f588711d3d8f3d89eff5401

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:11 GMT
content-encoding
br
status
200
cf-cache-status
DYNAMIC
last-modified
Tue, 03 Mar 2020 19:01:31 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"eaf5f1268ef1d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cf-ray
584aa49fbbd4c29f-FRA
cf-request-id
02228537d10000c29fb6274200000001
xj_-esCVbm8
www.youtube.com/embed/ Frame 4F68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/xj_-esCVbm8?controls=0
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/xj_-esCVbm8?controls=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29

Response headers

status
200
cache-control
no-cache
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
date
Thu, 16 Apr 2020 02:58:10 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=KyISmmi9AMk; path=/; domain=.youtube.com; secure; expires=Tue, 13-Oct-2020 02:58:10 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 16-Apr-2020 03:28:10 GMT YSC=DLh3PMKaJoo; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=KyISmmi9AMk; path=/; domain=.youtube.com; secure; expires=Tue, 13-Oct-2020 02:58:10 GMT; httponly; samesite=None
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
sec1_bg.jpg
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/sec1_bg.jpg
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7c56e6d22dcf0386a2bb01ca9f56256bb80c8557667416a89efd88d739b08997

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:09 GMT
Content-Encoding
image/jpeg
x-ms-meta-layoutid
10206
Last-Modified
Thu, 06 Dec 2018 08:26:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
jTj/PHpD5TQs8tDWWT0yAg==
ETag
0x8D65B5475F57099
Access-Control-Allow-Origin
*
x-ms-request-id
d7cb579b-101e-009d-389a-134c96000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
118162
gillsansmt.woff
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/gillsansmt.woff
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ddc1b0506ce042f4ad2c83b13fef7bdcd7eb8ad010f5770224b1f628b1073e92

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Origin
https://cs.readermonthly.com

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:09 GMT
Content-Encoding
application/octet-stream
x-ms-meta-layoutid
10206
Last-Modified
Thu, 06 Dec 2018 10:55:00 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
mGnkGIzM4zMR1ECSAEliYQ==
ETag
0x8D65B6944A2BB91
Access-Control-Allow-Origin
*
x-ms-request-id
facb6bd9-c01e-00f9-719a-13fc36000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
32840
sec2_bg.png
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/sec2_bg.png
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee490401ba2622c8488bf4ad023d668ef83cdea24861219b3b3ee15efe184c7c

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:09 GMT
Content-Encoding
image/png
x-ms-meta-layoutid
10206
Last-Modified
Thu, 06 Dec 2018 08:26:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
wKqopWk6O0L0P0FFmlAcZg==
ETag
0x8D65B5475F2FF92
Access-Control-Allow-Origin
*
x-ms-request-id
1c13259a-001e-0186-699a-132451000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
91535
montezregular.woff
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/montezregular.woff
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4fb080bfabafd50ad2bb0a4e2cf943affd063c37411f1cea21acc434ae03f0da

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Origin
https://cs.readermonthly.com

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:09 GMT
Content-Encoding
application/octet-stream
x-ms-meta-layoutid
10206
Last-Modified
Thu, 06 Dec 2018 08:26:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
JLlTQ7gfR45GVmDHQS+2qw==
ETag
0x8D65B547611F980
Access-Control-Allow-Origin
*
x-ms-request-id
93b33739-b01e-0075-169a-13b16d000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
33488
futuramedium.woff
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/10206/futuramedium.woff
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b35a95082226c266729cf5903ba7c4877ae5786aaf7275e2b72127a2998743a2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Origin
https://cs.readermonthly.com

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:10 GMT
Content-Encoding
application/octet-stream
x-ms-meta-layoutid
10206
Last-Modified
Thu, 06 Dec 2018 08:26:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
HgDc4ZhWrtefal02mU4XvQ==
ETag
0x8D65B54762CD49E
Access-Control-Allow-Origin
*
x-ms-request-id
15b78878-701e-00e0-549a-13d05e000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
28444
so-site-brand-icon-pack.ttf
campaignsys.blob.core.windows.net/newcampaignsystem/content/fonts/ 		114 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/content/fonts/so-site-brand-icon-pack.ttf?238hy1
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.137.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
97f4c77f3de8b3e4dccea693cdbfbd4bee9d7465a4107317be6fe1a520d9241e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Origin
https://cs.readermonthly.com

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 16 Apr 2020 02:58:10 GMT
Last-Modified
Tue, 27 Nov 2018 10:10:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
6sqW8GrR/gKScOcdMnwyBA==
ETag
0x8D6545091415485
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
*
x-ms-request-id
2230208f-a01e-0165-199a-13c1de000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
117160
096ebb87-3273-458e-8a3d-37c0a4528283
api.mdsyzz.info/rest/v1/p-apps/get-id/ 		117 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mdsyzz.info/rest/v1/p-apps/get-id/096ebb87-3273-458e-8a3d-37c0a4528283?url=https://cs.readermonthly.com
Requested by
Host: api.mdsyzz.com
URL: https://api.mdsyzz.com/auto-push.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:582e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d1c4ce8bbcd14cb37d03321fbfb013d7733d03d5bf9d91b6795d5a3a25987e8c

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
cf-request-id
0222853c920000d6f5d48c5200000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
584aa4a7582fd6f5-FRA
expires
-1
fbds.js
connect.facebook.net/en_US/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
266ad09014359210e4cb8ba0b9b1e1f1641798f8b89beaf5a0e748437f615233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
e0Jra1ygEC0TGBZsLPlhWA==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
2118
etag
"3e2899222193d83de28b53eefbced8b2"
x-fb-debug
sE3YC/bRrZq/qhIBLQjBq/njyB7xBl8iGKLT2erks04JO371O+wyjNP6En69nOAh2xZ63Xi0u33fV9+S5pq9Fg==
x-fb-trip-id
1850256238
x-fb-content-md5
9b480fdd8ff58887068dc68d1cd0308d
x-frame-options
DENY
date
Thu, 16 Apr 2020 02:58:11 GMT, Thu, 16 Apr 2020 02:58:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 16 Apr 2020 03:01:12 GMT
glyphicons-halflings-regular.woff2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
Origin
https://cs.readermonthly.com

Response headers

date
Thu, 16 Apr 2020 02:58:11 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
29032633
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
18028
cf-request-id
0222853c8d000064b526acd200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:27:13 GMT
server
cloudflare
etag
"5afd4af1-466c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
584aa4a749ef64b5-FRA
expires
Tue, 06 Apr 2021 02:58:11 GMT
/
www.facebook.com/tr/ 		44 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=748379285256387&ev=PixelInitialized&dl=https%3A%2F%2Fcs.readermonthly.com%2F99833%2F60%2F8%2F704%3Fref_id%3D102ff77b148dd32b400854ed60358f%26sub_id%3D4848%26firstname%3D224387%26lastname%3D797%26email%3D29&rl=&if=false&ts=1587005891723
Requested by
Host: cs.readermonthly.com
URL: https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cs.readermonthly.com/99833/60/8/704?ref_id=102ff77b148dd32b400854ed60358f&sub_id=4848&firstname=224387&lastname=797&email=29
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 02:58:11 GMT, Thu, 16 Apr 2020 02:58:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 16 Apr 2020 02:58:11 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery undefined| msViewportStyle object| BigText object| OneSignal function| InitializePush function| CheckImageAndReplace function| httpGetAsync function| getUrlVars function| getUrlParam function| createCookie function| readCookie function| eraseCookie object| _fbq function| ShowTerms object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| a object| fontawesome-free-shims

6 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: DLh3PMKaJoo
.youtube.com/ Name: GPS
Value: 1
.readermonthly.com/ Name: __cfduid
Value: d2d88f923d3d5b846b6fee69875d479851587005889
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KyISmmi9AMk
.cs.readermonthly.com/ Name: ARRAffinity
Value: e149a91a8fa8c090cdafb611f2e601e1b44387bfa6da3af0cd5e60720843a152
cs.readermonthly.com/ Name: ASP.NET_SessionId
Value: ok13kniw4pvsw5gn0x0grpzs

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mdsyzz.com
api.mdsyzz.info
campaignsys.blob.core.windows.net
cdn.onesignal.com
cdnjs.cloudflare.com
clickuro.com
connect.facebook.net
cs.readermonthly.com
marbouha.club
tracking.tagzonernk.com
use.fontawesome.com
www.facebook.com
www.youtube.com
23.111.9.35
2606:4700:3030::6818:728b
2606:4700:3032::681f:582e
2606:4700:3033::6812:2bc3
2606:4700:3035::681b:b37f
2606:4700::6810:84e5
2606:4700::6812:e234
2a00:1450:4001:81b::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.210.174.128
52.239.137.68
80.211.2.147
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c6747a42720d31bca52967c1dfed9ca9d2a97a930be2f2819a554b7e24c6f8a
1df1fce4f60f0fb5cfc4ddcc9a9a465e7c6c2d952b96ed1d37f2a7e07ec30381
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266ad09014359210e4cb8ba0b9b1e1f1641798f8b89beaf5a0e748437f615233
4fb080bfabafd50ad2bb0a4e2cf943affd063c37411f1cea21acc434ae03f0da
522a88aa0357c11f0284531a0fc56b634b4150897fb28a9bee6b1a6ae2566557
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55d0692036a0eae152122c15a1139e9a1c55be0440ce3602277ec2a50e4f27ab
6f33ce26a4bdaece7c1c98289ad21dbe60b540046f588711d3d8f3d89eff5401
7c56e6d22dcf0386a2bb01ca9f56256bb80c8557667416a89efd88d739b08997
82f557465f628631f69c157489a6e43fd8c7a9e96749a2bc698fbf758dbec8eb
8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1
92a0b3565ee4bccb10323705cd2fcb9f1bb63d112665594399956f8fa07eda68
97f4c77f3de8b3e4dccea693cdbfbd4bee9d7465a4107317be6fe1a520d9241e
a1d2bcb61802ca852d198062aa3d4e0294555fe3fdb9aeedd68c072bcc12cde8
b35a95082226c266729cf5903ba7c4877ae5786aaf7275e2b72127a2998743a2
b6aff3c3243270b1640acb09d152266a2bcdaabcf7b13bc8fa9804415982047d
d1c4ce8bbcd14cb37d03321fbfb013d7733d03d5bf9d91b6795d5a3a25987e8c
ddc1b0506ce042f4ad2c83b13fef7bdcd7eb8ad010f5770224b1f628b1073e92
ee490401ba2622c8488bf4ad023d668ef83cdea24861219b3b3ee15efe184c7c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c