www.payperinvest.com
Open in
urlscan Pro
2a00:1450:4001:831::2013
Public Scan
Effective URL: https://www.payperinvest.com/
Submission: On November 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1D4 on October 25th 2023. Valid for: 3 months.
This is the only time www.payperinvest.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com | |
maxcdn.bootstrapcdn.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
googledrive.com | |
tpc.googlesyndication.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.84.55.243.136.clients.your-server.de
ad.a-ads.com | |
static.a-ads.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 |
225 KB |
8 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 827 x.clarity.ms — Cisco Umbrella Rank: 7419 c.clarity.ms — Cisco Umbrella Rank: 1405 |
28 KB |
8 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 49 |
584 KB |
7 |
payperinvest.com
1 redirects
www.payperinvest.com |
349 KB |
4 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 11551 |
2 MB |
4 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137 |
123 KB |
3 |
disqus.com
1 redirects
payperinvest-1.disqus.com |
3 KB |
2 |
a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 34375 static.a-ads.com — Cisco Umbrella Rank: 45230 |
389 KB |
2 |
gstatic.com
fonts.gstatic.com |
70 KB |
2 |
googledrive.com
googledrive.com — Cisco Umbrella Rank: 67042 |
|
2 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 762 |
113 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
2 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 236 |
760 B |
1 |
togybux.com
www.togybux.com |
485 KB |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 |
534 B |
1 |
blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 13467 |
976 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462 |
258 B |
1 |
disquscdn.com
a.disquscdn.com — Cisco Umbrella Rank: 15117 |
2 KB |
1 |
blogger.com
www.blogger.com — Cisco Umbrella Rank: 10409 |
58 KB |
1 |
2img.net
2img.net — Cisco Umbrella Rank: 289827 |
30 KB |
1 |
faucetwave.net
faucetwave.net |
359 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
90 KB |
61 | 23 |
Domain | Requested by | |
---|---|---|
8 | lh3.googleusercontent.com |
www.payperinvest.com
|
7 | pagead2.googlesyndication.com |
www.payperinvest.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
7 | www.payperinvest.com |
1 redirects
www.payperinvest.com
code.jquery.com |
4 | x.clarity.ms |
www.clarity.ms
|
4 | i.ibb.co |
www.payperinvest.com
|
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
3 | payperinvest-1.disqus.com |
1 redirects
payperinvest-1.disqus.com
|
2 | c.clarity.ms | 1 redirects |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.clarity.ms |
www.payperinvest.com
www.clarity.ms |
2 | googledrive.com |
www.payperinvest.com
|
2 | code.jquery.com |
www.payperinvest.com
|
2 | maxcdn.bootstrapcdn.com |
www.payperinvest.com
maxcdn.bootstrapcdn.com |
2 | fonts.googleapis.com |
www.payperinvest.com
|
2 | stackpath.bootstrapcdn.com |
www.payperinvest.com
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | c.bing.com | 1 redirects |
1 | www.togybux.com |
www.payperinvest.com
|
1 | static.a-ads.com |
ad.a-ads.com
|
1 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
1 | 4.bp.blogspot.com |
www.payperinvest.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | ad.a-ads.com |
www.payperinvest.com
|
1 | a.disquscdn.com |
www.payperinvest.com
|
1 | www.blogger.com |
www.payperinvest.com
|
1 | 2img.net |
www.payperinvest.com
|
1 | faucetwave.net |
www.payperinvest.com
|
1 | www.googletagmanager.com |
www.payperinvest.com
|
61 | 28 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.payperinvest.com GTS CA 1D4 |
2023-10-25 - 2024-01-23 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
ibb.co R3 |
2023-10-09 - 2024-01-07 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
faucetwave.net cPanel, Inc. Certification Authority |
2023-10-02 - 2023-12-31 |
3 months | crt.sh |
2img.net Cloudflare Inc ECC CA-3 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.blogger.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-29 - 2024-08-29 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA |
2022-12-21 - 2024-01-21 |
a year | crt.sh |
misc-sni.blogspot.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
togybux.com E1 |
2023-11-07 - 2024-02-05 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 06 |
2023-02-13 - 2024-02-08 |
a year | crt.sh |
*.disqus.com Sectigo RSA Domain Validation Secure Server CA |
2023-04-13 - 2024-04-20 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.payperinvest.com/
Frame ID: 7F14E894478B89E98840074882874DBA
Requests: 53 HTTP requests in this frame
Frame:
https://ad.a-ads.com/2278188?size=250x250
Frame ID: C717345214E154DB04AB0CDA16EFAF7F
Requests: 3 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8271138230391115&output=html&adk=1812271804&adf=3025194257&lmt=1700425663&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.payperinvest.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700479811605&bpp=7&bdt=552&idt=297&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1106313051734&frm=20&pv=2&ga_vid=1976809213.1700479812&ga_sid=1700479812&ga_hid=1882411645&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532601%2C31078297%2C31079756%2C44807764%2C44808149%2C44808285%2C44809057&oid=2&pvsid=73027114732761&tmod=62839540&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=413
Frame ID: 15C26AFA66578E598E93C5167608D814
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C821A7AF079664521D5B751E906A0B97
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D67142A47CE765ED7E79612F0DDF982
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
payeer perfectmoney faucetpay earnings from internet Payeer, Perfectmoney & Faucetpay earningsPage URL History Show full URLs
-
http://www.payperinvest.com/
HTTP 301
https://www.payperinvest.com/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
42 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: YOUTUBE channel
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Telegram
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Blogger template
Search URL Search Domain Scan URL
Title: Open Themes
Search URL Search Domain Scan URL
Title: Weitere Informationen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.payperinvest.com/
HTTP 301
https://www.payperinvest.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://payperinvest-1.disqus.com/blogger_index.js HTTP 302
- https://a.disquscdn.com/blogger_index.js
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D2921F9BC37D407BB670983472ABED37&RedC=c.clarity.ms&MXFR=35F8B72532D064BE0011A4EA36D06A81 HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2921F9BC37D407BB670983472ABED37&MUID=011C716538FC6216385762AA39776384
61 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.payperinvest.com/ Redirect Chain
|
180 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nziuxccprdtthcj.php
www.payperinvest.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.payperinvest.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
268 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 809 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
151 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 930 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ezgif-wide-f7e8d83ca1.gif
i.ibb.co/mRRxXCY/ |
375 KB 375 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ALY8t1syNtstpmp_0Op_aqDQ--Yl0G_OMEDzP3Oboz2EZ-wLYjjfNX9qLSZyN_EKwdTMIKeg7AIhOsC3tHBap7aWtURHuGUE=w825
lh3.googleusercontent.com/blogger_img_proxy/ |
111 KB 112 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ALY8t1vslSQrKT2d5FBod0vShlod-Uicb8NKLse-5qyInBjVmf7ukQQ8i99xf4zvq2NhX3_8apoXEDMadlzjalEJIZyq4CL_a39rgcvDyZTqy0yrp0gS2g=w825
lh3.googleusercontent.com/blogger_img_proxy/ |
71 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ALY8t1sUvR1MpBvQo-9hWmOHV-iQZ2boFxnDrB0IJEtjpi7mBvwsUrHObRPmtPEP8bI0Pat9bQemn-GlHcQX9Gx3O3pT4GHRqtsaH-JLiUhwzSovYmYBrQ=w825
lh3.googleusercontent.com/blogger_img_proxy/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ALY8t1tpK2KACNxlhdMRm09dcQciARPe2zgqqbdCcHUGUQuUiRypRzyoccndBnLiqpRpFj3x2FnSPpOkq5TtQ-4VwBRX4ccfBNtkHxTLHMndEx4r9BGUlUD_aGO9I84IoKUKb3j2cgkjiDoxbWp8spXCbgjQrPYswgP-uij2ch0MhRqikJbo7NNfTIsXXRdlE3XTv...
lh3.googleusercontent.com/blogger_img_proxy/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ALY8t1tHWyk80EpalDi8v2L40MyEOPeQZJ7IppRkW3_-XZTmeU1XfhpXue7pisfo82xj2qD1AUpmiwMUkqjogom5tMdjIvE5VW84lEimFuyL2M5gf6NPgw=w825
lh3.googleusercontent.com/blogger_img_proxy/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ALY8t1upXEoLtAUn66gZoW2ULkxH6luiraYP71_V5aEAqmnTdsPMgsaUdN3f1_YFoCyM6-0h1Am_i-Q9rmUq57AfzxB0UuGjlsNqsfDSMLwibElsW7ZGHjjvOZoxE5VCuFzPN_9aIg=w825
lh3.googleusercontent.com/blogger_img_proxy/ |
74 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ALY8t1u9gNLyZgaicxyqNZVk5a3Haw0jVgKyx8KEg7JB3fzY1Wc12neaz8tRpfx1eDAHT46xH1FPgBR5yjXlxZxIbNl3UWuR6HxcSE6Nrr_GJQMUd4gHOg=w825
lh3.googleusercontent.com/blogger_img_proxy/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ALY8t1uR-d6gG5_HAd7c9gtbseVMJv2voIGoxi1nrb9HQCiIjF94QPRSkg2F_-pEwIvZ2oG7zJe4oiJikAIEpEvJ1JHRrNUm89KQFRA9dpqJpZ0MOODZ8g=w825
lh3.googleusercontent.com/blogger_img_proxy/ |
71 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ezgif-2-f0c17cbeac.gif
i.ibb.co/YtprjzV/ |
1 MB 1 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
faucetwave-3-3-6.gif
faucetwave.net/assets/ |
359 KB 359 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner_neverclick.png
2img.net/h/s18.postimg.cc/glnlhkym1/ |
29 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ |
59 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.js
code.jquery.com/ |
276 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0B4n9GL3eVuV-cEhJOFFLTWdSYXM
googledrive.com/host/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0B4n9GL3eVuV-QjAwRmpVbEVHZm8
googledrive.com/host/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookienotice.js
www.payperinvest.com/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
500025675-widgets.js
www.blogger.com/static/v1/widgets/ |
160 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gf5cx8ovmo
www.clarity.ms/tag/ |
650 B 1013 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ |
397 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blogger_index.js
a.disquscdn.com/ Redirect Chain
|
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2278188
ad.a-ads.com/ Frame C717 |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 258 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rP2Hp2yn6lkG50LoCZOIHQ.woff2
fonts.gstatic.com/s/satisfy/v21/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.18/ |
59 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default
www.payperinvest.com//feeds/posts/ |
67 KB 14 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.payperinvest.com//feeds/posts/default/ |
2 MB 298 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader.gif
4.bp.blogspot.com/-VWY5-YJq0v4/XO4Y_HXklkI/AAAAAAAABE0/8G7P03z0YrgxKQx3cMrdagfB9K5GjkJ6ACLcBGAs/s1600/ |
673 B 976 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 15C2 |
603 B 534 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
250x250
static.a-ads.com/a-ads-banners/485510/ Frame C717 |
383 KB 384 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OIG.jpg
i.ibb.co/C2Yg9V0/ |
126 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PPP700.gif
i.ibb.co/jkvpBkG/ |
15 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner02.gif
www.togybux.com/images/ |
484 KB 485 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame C717 |
7 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
x.clarity.ms/ |
0 300 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count.js
payperinvest-1.disqus.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
x.clarity.ms/ |
0 300 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count-data.js
payperinvest-1.disqus.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 443 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C821 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 9D67 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C821 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 9D67 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame C821 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
x.clarity.ms/ |
0 300 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
x.clarity.ms/ |
0 300 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
111 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| documentPictureInPicture function| gtag object| dataLayer function| clarity object| adsbygoogle object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| disqus_shortname string| disqus_blogger_current_url string| disqus_blogger_homepage_url string| disqus_blogger_canonical_homepage_url string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery object| bootstrap string| blogurl string| blogtitle function| $j function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt object| cookieChoices object| linkListUl object| regex function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| postLocation string| postId string| postAuthorAvatar string| postAuthor string| postsThumbnailSquare string| postSummary string| postTags string| postContent string| postThumbnail object| postCommentsCount string| postLabelsList string| postUrl string| postDay string| postMonthName string| postMonth string| postYear string| postDate string| postDateTime string| postTitle string| postDateStr string| postThumbnailSquare string| nextPostsUrl object| DISQUSWIDGETS undefined| disqus_domain object| post object| GoogleGcLKhOms13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.payperinvest.com/ | Name: _ga_PH26WR3YXP Value: GS1.1.1700479811.1.0.1700479811.0.0.0 |
|
.payperinvest.com/ | Name: _ga Value: GA1.1.1976809213.1700479812 |
|
www.clarity.ms/ | Name: CLID Value: dd9645358fc24871b396649dd79ebdae.20231120.20241119 |
|
.payperinvest.com/ | Name: _clck Value: 118gyfp%7C2%7Cfgv%7C0%7C1419 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.payperinvest.com/ | Name: _clsk Value: 1mr4vw5%7C1700479812622%7C1%7C1%7Cx.clarity.ms%2Fcollect |
|
.bing.com/ | Name: MUID Value: 011C716538FC6216385762AA39776384 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 011C716538FC6216385762AA39776384 |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 011C716538FC6216385762AA39776384 |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2img.net
4.bp.blogspot.com
a.disquscdn.com
ad.a-ads.com
c.bing.com
c.clarity.ms
code.jquery.com
faucetwave.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googledrive.com
i.ibb.co
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
payperinvest-1.disqus.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
static.a-ads.com
tpc.googlesyndication.com
www.blogger.com
www.clarity.ms
www.google.com
www.googletagmanager.com
www.payperinvest.com
www.togybux.com
x.clarity.ms
136.243.55.84
162.19.58.157
199.232.196.134
199.232.198.49
20.114.190.119
2001:4860:4802:34::36
2606:4700:3038::6815:eb4b
2606:4700::6812:bcf
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2009
2a00:1450:4001:830::2001
2a00:1450:4001:831::2008
2a00:1450:4001:831::2013
2a04:4e42::649
2a06:98c1:3121::3
38.46.218.29
68.219.88.97
0042bddf60824afc0c103a9e34b16189da334b857da18d3612c2e4f65f3578c6
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0116a4ea91b03ced373fbd6bcda8039083d2946f9bfb28fc861b80e85465463a
0296194a7d7c278db6acce1512434cf4e097b6b500ac2dd8eb01a3fdf3c96d86
032ea5f7350a667c86fe136c2c26f7fb9c1694df16d113bb840aa2b73a7bd0b5
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
082aeca31c7d0bff1df38d2c6aa87b019254ebddc5002e366f69d075d7cc2858
0896870463c5f78461ed20f1a8d3835dc9049cfba28985e86cf953a19caff086
0b73bd305dd70f9f480df919390d925aaeef6e47227dd36cfeb7e71d53edd321
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
243a5726e7e623f0b3f1801b0e850cf64ef5b19b35f0729291356e2fee2f08f3
27f7952173e2d2e9400b8b7cb76237ffd6870af128a57e120eb02c4e3bf2fb47
29f25da68f3a2080cd224f55c5705960ffe6e2460417fe9c399b31ab205a3a37
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3dc8a98ad94819adc88bb4759c22e75a7bc6f07a1b237bf746659ab86266532d
55012931f719833b6c9cb59417e22e0f672c7f241bcee6db572ba228ed145cdc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58bc1a737213ea3c686f2fd95e3292d5101b45758c10151e30612d6c26fd95d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
688d84c03d50d076f88034c3e2c639499b3c9b2173f4bc6e22184f2ea408fa78
691c9b0edb68f74dc14a4e7de3ee1dbb4520b6638baf83a126bb75be97d89bdf
72e84fe83358c924e68c8e3822a75bd067a944f339bfa7ae5dc6934e9b58f947
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ccbba1d8b0fd4c6b878ba336c1400be1f6abdcef6229813cae941d145711a9d
7e9da83b8e6b489e0430a8d342480c533e01036f3142223a359a9387efcca24d
86f97596d3b983e1d053c4e6fe15f1004fbe58bdb51b9c89b70b17ad9eb82d29
8af1771bd8f194ce921dae5531dac9d873559874e0103c434f088203302b197b
95b2927eaa778c3b215ccb173261606eb28efebd409cfcb2b419982897880afe
9616800a503f3dbf9ec2c9669890096de410b28b2486371168401376361ec1ed
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9fc0e8a0d95c9616f111c3f0a0b6539f1eeecdd0d940062ab8d68b38991e18cc
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34
a17b60c92d22eb4635021233804e59af9f1d442532461930deef8e00ac662c8b
a8cb37839c0692377a7794d9611d0e1030916a0636c64271c503f1264d0896a9
ad158ac996e5f385615518e3aa6e9d523f5cb470632853575dc76bd641b7f2df
b9b106fcc032a1fb073a6d68acc5cc02f7237629119aad95329cd15b8a46538c
c8ea496d908459848c271c1200d4ea1863ae04eba5892a947f1b27c8ea61fbee
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
dc4737578334671cf89dcc9ea96a64bac1b94b2d2bc28dc6620ae19b1c7aae65
df2f9996520b232b1bce745e3a75065e242b91bb52226857d37088df0caf49ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f19f8eec24304ecc0c48adf418e06bd7efafb764c793c0df45190432d543d877
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d