urlscan.io logo urlscan.io
SecurityTrails logo

mercadoes.com Open in urlscan Pro
2606:4700:30::6818:746b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cutt.us/DgzbC
Effective URL: https://mercadoes.com/sync/one
Submission: On May 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 53 HTTP transactions. The main IP is 2606:4700:30::6818:746b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is mercadoes.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on May 4th 2019. Valid for: 6 months.
This is the only time mercadoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 192.111.136.74 46562 (TOTAL-SER...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 216.58.210.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 217.116.199.90 49879 (HOSTHANE)
1 18 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 185.225.208.133 13213 (UK2NET-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 167.114.209.61 16276 (OVH)
1 67.202.94.94 32748 (STEADFAST)
1 104.16.88.26 13335 (CLOUDFLAR...)
7 208.100.17.185 32748 (STEADFAST)
1 208.100.17.184 32748 (STEADFAST)
53 19
1    192.111.136.74 (Atlanta, United States)

ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US)
cutt.us
2    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
2    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    217.116.199.90 (Ankara, Turkey)

ASN49879 (HOSTHANE, TR)
PTR: ns1.medanis.net
ankarayerindetemizlik.com
18    2606:4700:30::6818:746b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.mercadoes.com
mercadoes.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
4    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)
widgets.amung.us
2    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    167.114.209.61 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns515688.ip-167-114-209.net
t.dtscout.com
1    67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
1    104.16.88.26 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.tynt.com
7    208.100.17.185 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip185.208-100-17.static.steadfastdns.net
ic.tynt.com
1    208.100.17.184 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip184.208-100-17.static.steadfastdns.net
de.tynt.com
Domain Requested by
17 mercadoes.com mercadoes.com
7 ic.tynt.com mercadoes.com
4 pagead2.googlesyndication.com mercadoes.com
pagead2.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google.com mercadoes.com
2 adservice.google.com www.googletagservices.com
pagead2.googlesyndication.com
2 adservice.google.de www.googletagservices.com
pagead2.googlesyndication.com
2 www.googletagservices.com cutt.us
pagead2.googlesyndication.com
1 de.tynt.com cdn.tynt.com
1 cdn.tynt.com widgets.amung.us
1 whos.amung.us widgets.amung.us
1 t.dtscout.com widgets.amung.us
1 widgets.amung.us mercadoes.com
1 ajax.googleapis.com mercadoes.com
1 www.mercadoes.com 1 redirects
1 ankarayerindetemizlik.com cutt.us
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 cutt.us
0 ads74321.hotwords.com Failed mercadoes.com
0 fonts.googleapis.com Failed mercadoes.com
53 21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
Subject Issuer Validity Valid
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
ankarayerindetemizlik.com
cPanel, Inc. Certification Authority		 2019-03-02 -
2019-05-31		 3 months crt.sh
sni166423.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-04 -
2019-11-10		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
whos.amung.us
GeoTrust EV RSA CA 2018		 2018-03-09 -
2020-05-25		 2 years crt.sh
*.dtscout.com
RapidSSL RSA CA 2018		 2018-10-10 -
2019-11-04		 a year crt.sh
*.tynt.com
COMODO RSA Domain Validation Secure Server CA		 2014-10-14 -
2019-10-13		 5 years crt.sh

This page contains 4 frames:

Primary Page: https://mercadoes.com/sync/one
Frame ID: 22F5BDE02CD189335DF67028F244999F
Requests: 51 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190508/r20190131/show_ads_impl.js
Frame ID: 761DBAB939CEB92C382410231D1333E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190508/r20190131/zrt_lookup.html
Frame ID: 56C907B0F72C07C031F4DC70C4232A74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1836760906300532&output=html&h=15&slotname=5943464016&adk=975599612&adf=3934991167&w=1200&fwrn=4&lmt=1557782414&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1200x15_0ads_al&url=https%3A%2F%2Fmercadoes.com%2Fsync%2Fone&flash=0&fwr=0&wgl=1&adsid=NT&dt=1557782414673&bpp=17&bdt=487&fdt=57&idt=56&shv=r20190508&cbv=r20190131&saldr=aa&abxe=1&correlator=5096605140057&frm=20&pv=2&ga_vid=968944138.1557782415&ga_sid=1557782415&ga_hid=1926174609&ga_fc=0&iag=0&icsg=2355368&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&ref=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=2715424449&ifi=1&uci=1.uewbbs6bo92n&fsb=1&xpc=JnoQ2K9FPS&p=https%3A//mercadoes.com&dtd=75
Frame ID: DD0E43E62E058D552A1E97E09F7445DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cutt.us/DgzbC Page URL
  2. https://ankarayerindetemizlik.com/htmm.html Page URL
  3. https://www.mercadoes.com/sync/one HTTP 301
    https://mercadoes.com/sync/one Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

53
Requests

91 %
HTTPS

50 %
IPv6

13
Domains

21
Subdomains

19
IPs

4
Countries

589 kB
Transfer

1215 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cutt.us/DgzbC Page URL
  2. https://ankarayerindetemizlik.com/htmm.html Page URL
  3. https://www.mercadoes.com/sync/one HTTP 301
    https://mercadoes.com/sync/one Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
DgzbC
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cutt.us/DgzbC
Protocol
HTTP/1.1
Server
192.111.136.74 Atlanta, United States, ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US),
Reverse DNS
Software
nginx /
Resource Hash
4031eb3838513a52ffa828402d3c5b8441c83055045e3e5ce1fdae829a9a1ccd

Request headers

Host
cutt.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Mon, 13 May 2019 21:20:11 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
I-AM
Gamma
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: http://cutt.us/DgzbC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
38e63bb2323d428a96fd0957d1e874dc89d10d337283f7bdcac35bf7539a2843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cutt.us/DgzbC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"165 / 683 of 1000 / last-modified: 1557778435"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10588
x-xss-protection
0
expires
Mon, 13 May 2019 21:20:12 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cutt.us/DgzbC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cutt.us/DgzbC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019050901.js
securepubads.g.doubleclick.net/gpt/ 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a161cba4b2b8a90e2ca19e935256925fa3920b6ed129ec1568fccbd1a290b1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cutt.us/DgzbC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2019 13:16:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55799
x-xss-protection
0
expires
Mon, 13 May 2019 21:20:12 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		465 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1283269090554354&correlator=1173862433113375&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062420%2C21063741&vrg=2019050901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F5837603%2FCutt_360&sz=300x360&cookie_enabled=1&bc=23&abxe=1&lmt=1557782412&dt=1557782412676&dlt=1557782412529&idt=124&frm=20&biw=1600&bih=1200&oid=3&adx=0&ady=0&adk=1933368604&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcutt.us%2FDgzbC&dssz=7&icsg=170&std=0&vis=1&scr_x=0&scr_y=0&psz=300x445&msz=0x0&blev=1&bisch=1&ga_vid=969187048.1557782413&ga_sid=1557782413&ga_hid=1746924035&fws=128
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e98ccc0288e9ebe7b55da0c5e4aea4083e1a8ec9e31f8e6d0e94d47e8e6c6f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://cutt.us/DgzbC
Origin
http://cutt.us

Response headers

date
Mon, 13 May 2019 21:20:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
308
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019050901.js
securepubads.g.doubleclick.net/gpt/ 		71 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019050901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
93d39da3773a26f38a235454f91d1d2a57a0d9d066c72f9a41452651b08e539e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cutt.us/DgzbC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2019 13:16:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27443
x-xss-protection
0
expires
Mon, 13 May 2019 21:20:12 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://cutt.us/DgzbC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
htmm.html
ankarayerindetemizlik.com/ 		78 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ankarayerindetemizlik.com/htmm.html
Requested by
Host: cutt.us
URL: http://cutt.us/DgzbC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.116.199.90 Ankara, Turkey, ASN49879 (HOSTHANE, TR),
Reverse DNS
ns1.medanis.net
Software
Apache /
Resource Hash

Request headers

Host
ankarayerindetemizlik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://cutt.us/DgzbC
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://cutt.us/DgzbC

Response headers

Date
Mon, 13 May 2019 21:20:11 GMT
Server
Apache
Last-Modified
Thu, 02 May 2019 16:33:56 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
98
Keep-Alive
timeout=20, max=200
Connection
Keep-Alive
Content-Type
text/html
Primary Request one
mercadoes.com/sync/
Redirect Chain
  • https://www.mercadoes.com/sync/one
  • https://mercadoes.com/sync/one
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fc91e37e74bcd64699360ba86017ccb2087fccc1a3410cc15d8f80666112b

Request headers

:method
GET
:authority
mercadoes.com
:scheme
https
:path
/sync/one
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://ankarayerindetemizlik.com/htmm.html
accept-encoding
gzip, deflate, br
cookie
__cfduid=df7ff542a8b52d78d0b8637a32a8e36c81557782413
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ankarayerindetemizlik.com/htmm.html

Response headers

status
404
date
Mon, 13 May 2019 21:20:14 GMT
content-type
text/html
vary
Accept-Encoding,User-Agent
cache-control
max-age=1604800, private, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d67acd5cb1f9736-FRA
content-encoding
br

Redirect headers

status
301
date
Mon, 13 May 2019 21:20:13 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
__cfduid=df7ff542a8b52d78d0b8637a32a8e36c81557782413; expires=Tue, 12-May-20 21:20:13 GMT; path=/; domain=.mercadoes.com; HttpOnly
location
https://mercadoes.com/sync/one
cache-control
max-age=900
expires
Mon, 13 May 2019 21:35:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d67acd2ef1c9736-FRA
custom.css
mercadoes.com/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mercadoes.com/css/custom.css
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa07e494a958ff376f2a32937f89ecb8babbc041a2041806577c1ff5d824164c

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:10:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
public, max-age=1604800
cf-ray
4d67acd8bf449736-FRA
expires
Sat, 01 Jun 2019 11:06:54 GMT
check.css
mercadoes.com/css/ 		2 KB
512 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mercadoes.com/css/check.css
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0461fb24671dc44ca5e2cfa03f4dcb6f1dff027c93d8999e9150d2530ffe9d0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:10:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
public, max-age=1604800
cf-ray
4d67acd8bf459736-FRA
expires
Sat, 01 Jun 2019 11:06:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 20:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5705458
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33434
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Mar 2020 20:29:16 GMT
select.js
mercadoes.com/js/ 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mercadoes.com/js/select.js
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac5484bea370c8c4d232dcc218425f678df30c3fe1305128dd25fe78d8ce1af

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:11:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1604800
cf-ray
4d67acd8bf469736-FRA
expires
Sat, 01 Jun 2019 11:06:54 GMT
check.js
mercadoes.com/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mercadoes.com/js/check.js
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b01a7c0387835126f6dfc9035890d6df5cc04cd8fa971c9ccbe5ffd7dceb165

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:11:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1604800
cf-ray
4d67acd8bf479736-FRA
expires
Sat, 01 Jun 2019 11:06:54 GMT
custom.js
mercadoes.com/js/ 		1 KB
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mercadoes.com/js/custom.js
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9948ad786f9be20a2aec6d349772e56b3f60d68d070e17df3a10e7be99465bc5

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:11:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1604800
cf-ray
4d67acd8bf499736-FRA
expires
Sat, 01 Jun 2019 11:06:54 GMT
apide3a.js
www.google.com/recaptcha/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/apide3a.js?hl=es
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
facebook-stopdas.png
mercadoes.com/img/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/img/facebook-stopdas.png
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdea98dcd30e8480cc4345ce2fb23760be341ed85c2bab905f46937667954380

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:11:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=1604800
accept-ranges
bytes
cf-ray
4d67acd8bf4a9736-FRA
content-length
44740
expires
Sat, 01 Jun 2019 11:06:54 GMT
twitter-stopdas.png
mercadoes.com/img/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/img/twitter-stopdas.png
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e20497fbf2bf491a614d1c7e0ca06941bdb66ac5e3a441bd548d104e33c65e

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:11:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=1604800
accept-ranges
bytes
cf-ray
4d67acdb3ad19736-FRA
content-length
45559
expires
Sat, 01 Jun 2019 11:06:55 GMT
google-stopdas.png
mercadoes.com/img/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/img/google-stopdas.png
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2759c860c7a655273c098c17983fa6124fa24dc5591f8b672fb729a8df38cb0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:11:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=1604800
accept-ranges
bytes
cf-ray
4d67acdb7b169736-FRA
content-length
45793
expires
Sat, 01 Jun 2019 11:06:55 GMT
logo.png
mercadoes.com/img/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/img/logo.png
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf47cc0cca68c8e6a18691d1b456993d51689f92a4f44dab3b154b842517499

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:11:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=1604800
accept-ranges
bytes
cf-ray
4d67acdb7b179736-FRA
content-length
48786
expires
Sat, 01 Jun 2019 11:06:55 GMT
logo-mobile.png
mercadoes.com/img/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/img/logo-mobile.png
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b354e880ff49a14522813e6ee0e5c1d908d908bfe6f49aeff766d90422bec2b6

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
cf-cache-status
MISS
last-modified
Fri, 10 May 2019 17:11:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=1604800
accept-ranges
bytes
cf-ray
4d67acdb7b189736-FRA
content-length
42883
expires
Sat, 01 Jun 2019 11:06:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
1f445d686b60a4e0a31b14fa72efb98c869ed7843ec319e7a84b2b0292bde572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
32988
x-xss-protection
0
server
cafe
etag
9195837113134488049
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 May 2019 21:20:14 GMT
timthumb.php
mercadoes.com/ 		284 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/timthumb.php?src=https://mercadoes.com/files/9017-2016-12-09.jpg&h=271&w=470&zc=1
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0dc511a2071a84dc44a247bff84c5c21fec5ec7b447e5d670c8020a6836af2c

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/html
status
400
cache-control
max-age=1604800, private, must-revalidate
cf-ray
4d67acdb7b1b9736-FRA
timthumb.php
mercadoes.com/ 		284 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/timthumb.php?src=https://mercadoes.com/files/7899-2016-12-09.jpg&h=271&w=470&zc=1
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b55f561e5b8ffdfbfc74dc996be43159c6cdd0e7ef8766f74452385a50b00d2

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/html
status
400
cache-control
max-age=1604800, private, must-revalidate
cf-ray
4d67acdb9b4b9736-FRA
timthumb.php
mercadoes.com/ 		284 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/timthumb.php?src=https://mercadoes.com/files/0077-2016-12-09.jpg&h=122&w=211&zc=1
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f475af7bf2837e1920b371677f8baef450ff0d58678ee767d417d15e5f4d26e

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/html
status
400
cache-control
max-age=1604800, private, must-revalidate
cf-ray
4d67acdb9b499736-FRA
timthumb.php
mercadoes.com/ 		284 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/timthumb.php?src=https://mercadoes.com/files/5293-2016-12-09.jpg&h=122&w=211&zc=1
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73fee1c98abdea5e493dc282921146bf6de8a9f80542f50960603ed3f953751

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/html
status
400
cache-control
max-age=1604800, private, must-revalidate
cf-ray
4d67acdb9b489736-FRA
timthumb.php
mercadoes.com/ 		284 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/timthumb.php?src=https://mercadoes.com/files/3601-2016-12-09.jpg&h=122&w=211&zc=1
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c1b43971e49120a728c12d5b4c98dd10615cfcb2d536a66912e4eee9a23f8e

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/html
status
400
cache-control
max-age=1604800, private, must-revalidate
cf-ray
4d67acdb9b4c9736-FRA
timthumb.php
mercadoes.com/ 		284 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercadoes.com/timthumb.php?src=https://mercadoes.com/files/9663-2016-11-05.jpg&h=122&w=211&zc=1
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:746b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fb3e05d66083e33320a1302f113dc2b322575afc5d0f9ce4660d27f003dc23

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/html
status
400
cache-control
max-age=1604800, private, must-revalidate
cf-ray
4d67acdb9b479736-FRA
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
apide3a.js
www.google.com/recaptcha/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/apide3a.js?hl=es
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
show.jsp
ads74321.hotwords.com/ 		0
0
small.js
widgets.amung.us/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.amung.us/small.js
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
1f0b4598b7e8f61d46bd01c1abc79a6a0a56ee7a922de1505c45953652e3d6f3

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2019 06:16:41 GMT
access-control-allow-origin
*
etag
W/"5cd3c5c9-1d64"
content-type
application/x-javascript
status
200
cache-control
max-age=86400, private
expires
Tue, 14 May 2019 21:20:14 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mercadoes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mercadoes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190508/r20190131/ 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190508/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
1c08d6efed83ec3195dfd18ae8719309423645a12deb7e224345e2a346ac5119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
77592
x-xss-protection
0
server
cafe
etag
14248736354230065905
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 May 2019 21:20:14 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190508/r20190131/ Frame 761D 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190508/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
1c08d6efed83ec3195dfd18ae8719309423645a12deb7e224345e2a346ac5119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
77592
x-xss-protection
0
server
cafe
etag
14248736354230065905
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 May 2019 21:20:14 GMT
ca-pub-1836760906300532.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1836760906300532.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 19:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 12 May 2019 19:20:48 GMT
server
sffe
age
6445
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
125
x-xss-protection
0
expires
Tue, 14 May 2019 07:32:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190508/r20190131/ Frame 56C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190508/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190508/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://mercadoes.com/sync/one
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://mercadoes.com/sync/one

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 08 May 2019 14:06:35 GMT
expires
Wed, 22 May 2019 14:06:35 GMT
content-type
text/html; charset=UTF-8
etag
1357556803790654411
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6990
x-xss-protection
0
cache-control
public, max-age=1209600
age
458019
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ads
googleads.g.doubleclick.net/pagead/ Frame DD0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1836760906300532&output=html&h=15&slotname=5943464016&adk=975599612&adf=3934991167&w=1200&fwrn=4&lmt=1557782414&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1200x15_0ads_al&url=https%3A%2F%2Fmercadoes.com%2Fsync%2Fone&flash=0&fwr=0&wgl=1&adsid=NT&dt=1557782414673&bpp=17&bdt=487&fdt=57&idt=56&shv=r20190508&cbv=r20190131&saldr=aa&abxe=1&correlator=5096605140057&frm=20&pv=2&ga_vid=968944138.1557782415&ga_sid=1557782415&ga_hid=1926174609&ga_fc=0&iag=0&icsg=2355368&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&ref=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=2715424449&ifi=1&uci=1.uewbbs6bo92n&fsb=1&xpc=JnoQ2K9FPS&p=https%3A//mercadoes.com&dtd=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190508/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1836760906300532&output=html&h=15&slotname=5943464016&adk=975599612&adf=3934991167&w=1200&fwrn=4&lmt=1557782414&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1200x15_0ads_al&url=https%3A%2F%2Fmercadoes.com%2Fsync%2Fone&flash=0&fwr=0&wgl=1&adsid=NT&dt=1557782414673&bpp=17&bdt=487&fdt=57&idt=56&shv=r20190508&cbv=r20190131&saldr=aa&abxe=1&correlator=5096605140057&frm=20&pv=2&ga_vid=968944138.1557782415&ga_sid=1557782415&ga_hid=1926174609&ga_fc=0&iag=0&icsg=2355368&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=87&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&ref=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=2715424449&ifi=1&uci=1.uewbbs6bo92n&fsb=1&xpc=JnoQ2K9FPS&p=https%3A//mercadoes.com&dtd=75
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://mercadoes.com/sync/one
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://mercadoes.com/sync/one

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 13 May 2019 21:20:14 GMT
server
cafe
content-length
6334
x-xss-protection
0
set-cookie
IDE=AHWqTUlAqKz7gR_4qAlT4z-xM_T6xYyhugFlv9ZkXwGUUh0GyrTJ9oPQzI80p7bI; expires=Sat, 06-Jun-2020 21:20:14 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 13 May 2019 21:20:14 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190508/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
477a6024d6d851678c69ba63dd809ad308929d173ef21ed62d7bc8b0176928de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1557327549562739"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28709
x-xss-protection
0
expires
Mon, 13 May 2019 21:20:14 GMT
/
t.dtscout.com/i/ 		17 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fmercadoes.com%2Fsync%2Fone&j=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns515688.ip-167-114-209.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 21:20:15 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Z
I
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Mon, 13 May 2019 21:20:14 GMT
/
whos.amung.us/pingjs/ 		30 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=3qnl4ph49o8u&t=Directorio%20Comercial%20y%20Empresarial%20de%20Espa%C3%B1a&c=s&y=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html&a=0&d=1.467&v=22&r=2981
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.94 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
3adf51c373d420fee977ab3cf4aa333aa4595e332688ae0ccc60035dd8276610

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 13 May 2019 21:20:15 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
tc.js
cdn.tynt.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa19653b08ed60591dfb34fef389cbc3c358b5e4229544eccd118ec41b31a94d

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:20:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2019 20:08:07 GMT
server
cloudflare
etag
W/"5cbf70a7-3e50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
4d67acdf0bb62b3e-AMS
expires
Thu, 16 May 2019 21:20:15 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/gif
p
ic.tynt.com/b/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!3qnl4ph49o8u&lm=0&ts=1557782415229&dn=TC&iso=0&r=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html&t=Directorio%20Comercial%20y%20Empresarial%20de%20Espa%C3%B1a
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Mon, 13 May 2019 21:20:15 GMT
server
nginx/1.14.0
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
v2
de.tynt.com/deb/ 		4 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!3qnl4ph49o8u&dn=TC&cc=1&r=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 13 May 2019 21:20:15 GMT
cache-control
max-age=86400
expires
Tue, 14 May 2019 21:20:15 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
content-length
4
content-type
application/javascript
p
ic.tynt.com/b/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!3qnl4ph49o8u&lm=0&ts=1557782415229&dn=TC&iso=0&r=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html&t=Directorio%20Comercial%20y%20Empresarial%20de%20Espa%C3%B1a
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Mon, 13 May 2019 21:20:15 GMT
server
nginx/1.14.0
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!3qnl4ph49o8u&lm=0&ts=1557782415229&dn=TC&iso=0&r=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html&t=Directorio%20Comercial%20y%20Empresarial%20de%20Espa%C3%B1a
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Mon, 13 May 2019 21:20:15 GMT
server
nginx/1.14.0
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!3qnl4ph49o8u&lm=0&ts=1557782415229&dn=TC&iso=0&r=https%3A%2F%2Fankarayerindetemizlik.com%2Fhtmm.html
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Mon, 13 May 2019 21:20:15 GMT
server
nginx/1.14.0
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!3qnl4ph49o8u&lm=0&ts=1557782415229&dn=TC&iso=0
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Mon, 13 May 2019 21:20:16 GMT
server
nginx/1.14.0
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!3qnl4ph49o8u&lm=0&ts=1557782415229&dn=TC&iso=0
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Mon, 13 May 2019 21:20:16 GMT
server
nginx/1.14.0
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!3qnl4ph49o8u&lm=0&ts=1557782415229&dn=TC&iso=0
Requested by
Host: mercadoes.com
URL: https://mercadoes.com/sync/one
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mercadoes.com/sync/one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Mon, 13 May 2019 21:20:16 GMT
server
nginx/1.14.0
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Titillium+Web:700,900,700italic,200,200italic,300,400italic,300italic,400,600,600italic
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Nothing+You+Could+Do
Domain
ads74321.hotwords.com
URL
http://ads74321.hotwords.com/show.jsp?id=74321&cor=FF0000&tag=div&atr=class&vatr=cuerpo

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| adsbygoogle object| _wau object| jQuery111109138844401806119 object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _dts object| x string| x1 string| x2 object| Tynt object| _33Across

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads74321.hotwords.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ankarayerindetemizlik.com
cdn.tynt.com
cutt.us
de.tynt.com
fonts.googleapis.com
googleads.g.doubleclick.net
ic.tynt.com
mercadoes.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
t.dtscout.com
tpc.googlesyndication.com
whos.amung.us
widgets.amung.us
www.google.com
www.googletagservices.com
www.mercadoes.com
ads74321.hotwords.com
fonts.googleapis.com
104.16.88.26
167.114.209.61
185.225.208.133
192.111.136.74
208.100.17.184
208.100.17.185
216.58.210.2
217.116.199.90
2606:4700:30::6818:746b
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:814::2002
2a00:1450:4001:815::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:820::200a
2a00:1450:4001:821::2001
67.202.94.94
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068fc91e37e74bcd64699360ba86017ccb2087fccc1a3410cc15d8f80666112b
1c08d6efed83ec3195dfd18ae8719309423645a12deb7e224345e2a346ac5119
1f0b4598b7e8f61d46bd01c1abc79a6a0a56ee7a922de1505c45953652e3d6f3
1f445d686b60a4e0a31b14fa72efb98c869ed7843ec319e7a84b2b0292bde572
2b55f561e5b8ffdfbfc74dc996be43159c6cdd0e7ef8766f74452385a50b00d2
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4
38e63bb2323d428a96fd0957d1e874dc89d10d337283f7bdcac35bf7539a2843
3adf51c373d420fee977ab3cf4aa333aa4595e332688ae0ccc60035dd8276610
4031eb3838513a52ffa828402d3c5b8441c83055045e3e5ce1fdae829a9a1ccd
477a6024d6d851678c69ba63dd809ad308929d173ef21ed62d7bc8b0176928de
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5f475af7bf2837e1920b371677f8baef450ff0d58678ee767d417d15e5f4d26e
72fb3e05d66083e33320a1302f113dc2b322575afc5d0f9ce4660d27f003dc23
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8b01a7c0387835126f6dfc9035890d6df5cc04cd8fa971c9ccbe5ffd7dceb165
93d39da3773a26f38a235454f91d1d2a57a0d9d066c72f9a41452651b08e539e
9948ad786f9be20a2aec6d349772e56b3f60d68d070e17df3a10e7be99465bc5
a161cba4b2b8a90e2ca19e935256925fa3920b6ed129ec1568fccbd1a290b1b1
a4e20497fbf2bf491a614d1c7e0ca06941bdb66ac5e3a441bd548d104e33c65e
aa07e494a958ff376f2a32937f89ecb8babbc041a2041806577c1ff5d824164c
aa19653b08ed60591dfb34fef389cbc3c358b5e4229544eccd118ec41b31a94d
b0461fb24671dc44ca5e2cfa03f4dcb6f1dff027c93d8999e9150d2530ffe9d0
b354e880ff49a14522813e6ee0e5c1d908d908bfe6f49aeff766d90422bec2b6
c0dc511a2071a84dc44a247bff84c5c21fec5ec7b447e5d670c8020a6836af2c
c7c1b43971e49120a728c12d5b4c98dd10615cfcb2d536a66912e4eee9a23f8e
cdf47cc0cca68c8e6a18691d1b456993d51689f92a4f44dab3b154b842517499
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98ccc0288e9ebe7b55da0c5e4aea4083e1a8ec9e31f8e6d0e94d47e8e6c6f80
eac5484bea370c8c4d232dcc218425f678df30c3fe1305128dd25fe78d8ce1af
f2759c860c7a655273c098c17983fa6124fa24dc5591f8b672fb729a8df38cb0
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f73fee1c98abdea5e493dc282921146bf6de8a9f80542f50960603ed3f953751
fdea98dcd30e8480cc4345ce2fb23760be341ed85c2bab905f46937667954380