www.elfqrin.com
Open in
urlscan Pro
89.40.123.182
Public Scan
Submitted URL: http://www.elfqrin.com/
Effective URL: https://www.elfqrin.com/
Submission: On June 08 via manual from SG
Effective URL: https://www.elfqrin.com/
Submission: On June 08 via manual from SG
Summary
This website contacted 33 IPs
in 6 countries
across 22 domains to perform 98 HTTP transactions.
The main IP is 89.40.123.182, located in
Slough, United Kingdom and
belongs to ARUBACLOUDLTD-ASN, GB.
The main domain is www.elfqrin.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on January 31st 2020. Valid for: 2 years.
This is the only time www.elfqrin.com was scanned on urlscan.io!
TLS certificate: Issued by SSL.com RSA SSL subCA on January 31st 2020. Valid for: 2 years.
This is the only time www.elfqrin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
36
89.40.123.182
(Slough, United Kingdom)
ASN199883 (ARUBACLOUDLTD-ASN, GB)
PTR: host182-123-40-89.serverdedicati.aruba.it
ASN199883 (ARUBACLOUDLTD-ASN, GB)
PTR: host182-123-40-89.serverdedicati.aruba.it
| www.elfqrin.com |
6
2a00:1450:4001:81c::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com | |
| www.googletagservices.com |
1
2a00:1450:4001:81b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
2
2a00:1450:4001:801::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| adservice.google.de | |
| adservice.google.com |
4
172.217.16.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
| securepubads.g.doubleclick.net |
1
50.18.207.118
(San Jose, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-207-118.us-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-207-118.us-west-1.compute.amazonaws.com
| ipfind.co |
3
2a00:1450:4001:816::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
2a00:1450:4001:81c::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| ssl.google-analytics.com |
1
143.204.89.31
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-31.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-31.fra50.r.cloudfront.net
| certify-js.alexametrics.com |
1
52.15.219.226
(Columbus, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
| thisiswaldo.com |
1
52.214.166.94
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-166-94.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-166-94.eu-west-1.compute.amazonaws.com
| ads.yieldmo.com |
1
52.86.35.149
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-35-149.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-35-149.compute-1.amazonaws.com
| prebid.technoratimedia.com |
2
37.252.173.22
(Ascension Island)
ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| ib.adnxs.com |
1
104.154.142.214
(United States)
ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
| lockerdome.com |
1
52.48.220.157
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-220-157.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-220-157.eu-west-1.compute.amazonaws.com
| g2.gumgum.com |
1
13.226.159.89
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-89.dus51.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-89.dus51.r.cloudfront.net
| certify.alexametrics.com |
8
2a00:1450:4001:814::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
1
2a00:1450:4001:821::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| 87bdec679a8d952208c4dca88037f8b3.safeframe.googlesyndication.com |
1
34.249.135.160
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-135-160.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-135-160.eu-west-1.compute.amazonaws.com
| match.adsrvr.org |
| Domain | Requested by | |
|---|---|---|
| 36 | www.elfqrin.com |
1 redirects
www.elfqrin.com
|
| 8 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com securepubads.g.doubleclick.net www.elfqrin.com cdn.ampproject.org |
| 6 | cdn.ampproject.org |
securepubads.g.doubleclick.net
|
| 6 | www.google.com |
cse.google.com
www.google.com www.elfqrin.com |
| 5 | pagead2.googlesyndication.com |
www.elfqrin.com
pagead2.googlesyndication.com |
| 4 | securepubads.g.doubleclick.net |
cdn.thisiswaldo.com
securepubads.g.doubleclick.net www.elfqrin.com |
| 3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 2 | fonts.gstatic.com |
www.elfqrin.com
|
| 2 | ib.adnxs.com |
cdn.thisiswaldo.com
|
| 2 | cse.google.com |
www.elfqrin.com
www.google.com |
| 2 | cdn.thisiswaldo.com |
www.elfqrin.com
cdn.thisiswaldo.com |
| 1 | sync.rtk.io |
cdn.thisiswaldo.com
|
| 1 | ad-cdn.technoratimedia.com |
cdn.thisiswaldo.com
|
| 1 | match.adsrvr.org |
cdn.thisiswaldo.com
|
| 1 | fonts.googleapis.com |
securepubads.g.doubleclick.net
|
| 1 | 87bdec679a8d952208c4dca88037f8b3.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
| 1 | clients1.google.com |
www.elfqrin.com
|
| 1 | www.googleapis.com |
www.elfqrin.com
|
| 1 | certify.alexametrics.com |
www.elfqrin.com
|
| 1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
| 1 | g2.gumgum.com |
cdn.thisiswaldo.com
|
| 1 | lockerdome.com |
cdn.thisiswaldo.com
|
| 1 | e.serverbid.com |
cdn.thisiswaldo.com
|
| 1 | prebid.technoratimedia.com |
cdn.thisiswaldo.com
|
| 1 | dmx.districtm.io |
cdn.thisiswaldo.com
|
| 1 | bidder.rtk.io |
cdn.thisiswaldo.com
|
| 1 | ads.yieldmo.com |
cdn.thisiswaldo.com
|
| 1 | thisiswaldo.com |
cdn.thisiswaldo.com
|
| 1 | certify-js.alexametrics.com |
www.elfqrin.com
|
| 1 | ssl.google-analytics.com |
www.elfqrin.com
|
| 1 | ipfind.co |
cdn.thisiswaldo.com
|
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | www.google-analytics.com |
www.elfqrin.com
|
| 98 | 34 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.geody.com |
| keep.google.com |
| mail.google.com |
| news.google.com |
| www.facebook.com |
| www.youtube.com |
| www.netflix.com |
| www.merriam-webster.com |
| translate.google.com |
| opensource.org |
| www.geody.org |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| geody.com SSL.com RSA SSL subCA |
2020-01-31 - 2022-03-29 |
2 years | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2 |
2019-06-16 - 2020-06-16 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| *.google.de GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| ipfind.co Amazon |
2020-03-02 - 2021-04-02 |
a year | crt.sh |
| certify-js.alexametrics.com Amazon |
2019-07-26 - 2020-08-26 |
a year | crt.sh |
| thisiswaldo.com Go Daddy Secure Certificate Authority - G2 |
2018-09-19 - 2020-11-18 |
2 years | crt.sh |
| www.google.com GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| *.yieldmo.com Amazon |
2019-12-11 - 2021-01-11 |
a year | crt.sh |
| *.rtk.io DigiCert SHA2 Secure Server CA |
2020-02-29 - 2022-03-04 |
2 years | crt.sh |
| districtm.io CloudFlare Inc ECC CA-2 |
2020-02-25 - 2020-10-09 |
7 months | crt.sh |
| *.technoratimedia.com DigiCert SHA2 High Assurance Server CA |
2018-07-24 - 2020-08-27 |
2 years | crt.sh |
| e.serverbid.com Let's Encrypt Authority X3 |
2020-03-24 - 2020-06-22 |
3 months | crt.sh |
| *.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
| *.lockerdome.com Go Daddy Secure Certificate Authority - G2 |
2019-09-27 - 2020-11-26 |
a year | crt.sh |
| *.gumgum.com Amazon |
2019-07-31 - 2020-08-31 |
a year | crt.sh |
| certify.alexametrics.com Amazon |
2019-07-26 - 2020-08-26 |
a year | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| misc-sni.google.com GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| *.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
This page contains 8 frames:
Primary Page:
https://www.elfqrin.com/
Frame ID: 46BD80704915DE3FDB79C6AF46CBABBA
Requests: 76 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20200602/r20190131/zrt_lookup.html
Frame ID: 5ADB7E3919E4A12849FC461CA6974B1F
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967366162508675&output=html&adk=1812271804&adf=3025194257&lmt=1591651183&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.elfqrin.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591651183258&bpp=150&bdt=53&idt=344&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=412955851839&frm=20&pv=2&ga_vid=617973665.1591651183&ga_sid=1591651183&ga_hid=721642825&ga_fc=1&iag=0&icsg=181126823100&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530451%2C42530453&oid=3&pvsid=1851069297205509&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=369
Frame ID: C2E56AE9BE122AD8C9CD31DDE1CF0F8C
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967366162508675&output=html&h=280&slotname=9079945190&adk=4099040558&adf=2670593219&w=372&fwrn=4&fwrnh=100&lmt=1591651183&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=372x280&url=https%3A%2F%2Fwww.elfqrin.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591651183445&bpp=8&bdt=241&idt=202&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=412955851839&frm=20&pv=1&ga_vid=617973665.1591651183&ga_sid=1591651183&ga_hid=721642825&ga_fc=1&iag=0&icsg=35365498911932&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=614&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530451%2C42530453&oid=3&pvsid=1851069297205509&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qfRpB05wTU&p=https%3A//www.elfqrin.com&dtd=211
Frame ID: 68C94425FA7010CEB12255CD4CEE0B4D
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 487B77861E79910C03D9111086202049
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.ampproject.org/rtv/032005272217000/amp4ads-v0.js
Frame ID: F6E79559141CCEFECCF6632D0A217388
Requests: 17 HTTP requests in this frame
Frame:
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.5.0
Frame ID: A172482AB22C897C3AC318C115104758
Requests: 1 HTTP requests in this frame
Frame:
https://sync.rtk.io/cs
Frame ID: 48AE14DC39E197AF28B07508C1C00E1A
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.elfqrin.com/
HTTP 301
https://www.elfqrin.com/ Page URL
Detected technologies
Debian
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /Debian/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\//i
Prebid
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/prebid\.js/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
URL: https://www.geody.com/geolook.php?world=terra&ms=5&mw=620&mh=310&cs=
Search URL Search Domain Scan URL
URL: https://keep.google.com/
Search URL Search Domain Scan URL
URL: https://mail.google.com/
Search URL Search Domain Scan URL
URL: https://news.google.com/
Search URL Search Domain Scan URL
URL: https://www.facebook.com/
Search URL Search Domain Scan URL
URL: https://www.youtube.com/
Search URL Search Domain Scan URL
URL: https://www.netflix.com/
Search URL Search Domain Scan URL
URL: https://www.merriam-webster.com/
Search URL Search Domain Scan URL
URL: https://translate.google.com/
Search URL Search Domain Scan URL
URL: https://www.geody.com/home
Title: Geody Home
Title: Geody Home
Search URL Search Domain Scan URL
URL: https://opensource.org/licenses/MIT
Title: MIT License
Title: MIT License
Search URL Search Domain Scan URL
URL: http://www.geody.org/
Title: Geody.org
Title: Geody.org
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.elfqrin.com/
HTTP 301
https://www.elfqrin.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
98 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.elfqrin.com/ Redirect Chain
|
47 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
108 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5246.js
cdn.thisiswaldo.com/static/js/ |
37 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.js
www.elfqrin.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lang_en.js
www.elfqrin.com/lang/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config_favlinks.js
www.elfqrin.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config_events.js
www.elfqrin.com/ |
1 KB 924 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jxeyes_config.js
www.elfqrin.com/ |
1 KB 963 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jxeyes.js
www.elfqrin.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cal.js
www.elfqrin.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
colorpicker.js
www.elfqrin.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CalcSS3.js
www.elfqrin.com/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookiechoices.js
www.elfqrin.com/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
urchin.js
www.google-analytics.com/ |
22 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/ |
215 KB 81 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
43 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid.js
cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/ |
261 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
me
ipfind.co/ |
341 B 452 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
home_dark.css
www.elfqrin.com/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CalcSS3.css
www.elfqrin.com/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200602/r20190131/ Frame 5ADB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
home_geody-1_dark.png
www.elfqrin.com/img/home/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cse.js
cse.google.com/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
terra_nit_geody.jpg
www.elfqrin.com/img/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_id-card_1.png
www.elfqrin.com/img/websites/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_card_discard.png
www.elfqrin.com/img/websites/ |
371 B 729 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_card_bin.png
www.elfqrin.com/img/websites/ |
1019 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_id-card_2.png
www.elfqrin.com/img/websites/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_car_ylw.png
www.elfqrin.com/img/websites/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_password.png
www.elfqrin.com/img/websites/ |
654 B 1012 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_dice.png
www.elfqrin.com/img/websites/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_mask.png
www.elfqrin.com/img/websites/ |
974 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favx_googlekeep_favicon.gif
www.elfqrin.com/img/websites/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fav_more_bigpad_blu.gif
www.elfqrin.com/img/websites/ |
320 B 678 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favx_gmail_favicon.gif
www.elfqrin.com/img/websites/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favx_google-news_favicon.gif
www.elfqrin.com/img/websites/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favx_facebook_favicon.gif
www.elfqrin.com/img/websites/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favx_youtube_favicon.gif
www.elfqrin.com/img/websites/ |
308 B 666 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favx_netflix_favicon.gif
www.elfqrin.com/img/websites/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favx_merriam-webster_favicon.gif
www.elfqrin.com/img/websites/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favx_google-translate_favicon.gif
www.elfqrin.com/img/websites/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jxeye_1.gif
www.elfqrin.com/img/ |
828 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jxeye_2.gif
www.elfqrin.com/img/ |
824 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
elf_face_min_dark.gif
www.elfqrin.com/img/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__utm.gif
ssl.google-analytics.com/ |
35 B 96 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
atrk.js
certify-js.alexametrics.com/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
new-impression
thisiswaldo.com/ |
1 B 384 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cse_element__en.js
www.google.com/cse/static/element/57975621473fd078/ |
261 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default_v2+en.css
www.google.com/cse/static/element/57975621473fd078/ |
40 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.css
www.google.com/cse/static/style/look/v4/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid
ads.yieldmo.com/exchange/ |
0 224 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aardvark
bidder.rtk.io/Xv16/N5GD/ |
136 B 745 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
v1
dmx.districtm.io/b/ |
0 425 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
newor
prebid.technoratimedia.com/openrtb/bids/ |
70 B 491 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
v2
e.serverbid.com/api/ |
16 B 169 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ |
145 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ |
145 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
prebid
lockerdome.com/ladbid/ |
11 B 413 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
imp
g2.gumgum.com/hbid/ |
122 B 670 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame C2E5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 68C9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubads_impl_2020060103.js
securepubads.g.doubleclick.net/gpt/ |
246 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
atrk.gif
certify.alexametrics.com/ |
43 B 553 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
async-ads.js
cse.google.com/adsense/search/ |
171 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clear.png
www.google.com/cse/static/css/v2/ |
1018 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
branding.png
www.google.com/cse/static/images/1x/en/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generate_204
www.googleapis.com/ |
0 244 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generate_204
clients1.google.com/ |
0 39 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 487B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
58 KB 12 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.html
87bdec679a8d952208c4dca88037f8b3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp4ads-v0.js
cdn.ampproject.org/rtv/032005272217000/ Frame F6E7 |
202 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/032005272217000/v0/ Frame F6E7 |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-analytics-0.1.js
cdn.ampproject.org/rtv/032005272217000/v0/ Frame F6E7 |
97 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/032005272217000/v0/ Frame F6E7 |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp-form-0.1.js
cdn.ampproject.org/rtv/032005272217000/v0/ Frame F6E7 |
48 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ Frame F6E7 |
4 KB 721 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
downsize_200k_v1
tpc.googlesyndication.com/simgad/14663123133597525609/ Frame F6E7 |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame F6E7 |
214 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amp4ads-host-v0.js
cdn.ampproject.org/rtv/032005272217000/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F6E7 |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F6E7 |
295 B 420 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
www.google.com/ads/measurement/ Frame F6E7 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adview
securepubads.g.doubleclick.net/pagead/ Frame F6E7 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame F6E7 |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame F6E7 |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F6E7 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F6E7 |
295 B 357 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame F6E7 |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rid
match.adsrvr.org/track/ |
109 B 543 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usersync.html
ad-cdn.technoratimedia.com/html/ Frame A172 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
cs
sync.rtk.io/ Frame 48AE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B){kind=link}
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B){kind=link}
Verdicts & Comments Add Verdict or Comment
480 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| adDomainCheck function| waldoIsInArray function| waldoInitScripts function| waldoSetTagsOnPage function| isElementInViewport function| isElementInViewport2 function| waldoInitGPT function| waldoInitGPTSingleSlot function| fetchHeaderBids function| waldoTriggerHB function| waldoInitCmp function| waldoAddCloseBtn function| waldoPassbackCheck function| waldoInitTags function| hbRefreshBid function| hbRandomMinMaxRefreshMulti function| hbRandomMinMaxRefresh function| hbRandomMinMaxRefreshOnView function| getRandomNumber function| waldoGeoBidsCheck function| waldoGetUserData function| waldoLoadPassback function| waldoCreateCookie function| waldoReadCookie function| waldoEmailDetected function| waldoRecordImpression number| refEn string| updateDate number| tagsInitDone object| gptAdSlots string| adDomain object| breakpoints number| domainValid number| PREBID_TIMEOUT number| interstitialDone object| waldoTimeOuts object| waldoAdRefreshes object| allAdUnits object| blockAdsOn string| pubwiseSiteId number| adTagsInitFlag number| siteId number| bidDivAvailable object| waldoTagsStatus object| googletag object| pbjs number| switchUserSync number| waldoRestrictIp number| waldoImpressionDone string| blockedPageAds number| waldoGDPR object| waldoCountry object| waldoContinent object| waldoDataPointsDone number| closeBtnAdded object| unlimitedRefGeos object| waldoGPTSlots object| waldoTagsOnPage object| waldoSlotIds object| waldoDefinedSlots object| waldoAdUnitsAddedToPbjs object| waldoAdRefreshesOnView number| browserWidth object| adUnits object| passbackAdUnits undefined| affiliateBanners object| waldo number| smlwinw string| ctitle string| cmsg boolean| shwChooseTheme number| cxTheme string| sepItem number| dlsthm number| dlenhm boolean| shwDateu boolean| tikDateu boolean| shwDatel boolean| tikDatel string| sepDate string| sepTime boolean| shwZod object| es_zsfn object| es_zscfn boolean| shwDayYrBar boolean| shwSearch boolean| shwScrnInfo boolean| shwScrnColors boolean| startshwColPk boolean| shwMouse boolean| shwMap boolean| startshwMap boolean| shwgetpos boolean| shwCal boolean| startshwCal number| cal_dwfirst boolean| shwCalc boolean| startshwCalc boolean| startCalcSci boolean| checkOnline string| offlBgLight string| offlBgDark boolean| shwPageLoadUTC boolean| shwPageLoadLoc boolean| shwUsrAg boolean| shwJSEn boolean| shwAsc boolean| startshwAsc boolean| shwXmasLit number| xmltstmd number| xmltenmd number| xmltsthm number| xmltenhm boolean| startshwAbt object| es_dwds object| es_dwds2 object| es_dmms object| es_zs object| es_zsc string| es_y string| es_n string| es_cal string| es_dds string| es_yy string| es_today string| es_tlocal string| es_tutc string| es_yfondrome string| es_ygregref string| es_yjws string| es_ymsm string| es_ylp string| es_ylbbc string| es_ylbad string| es_ylbau string| es_ylbam string| es_ylbah string| es_easter string| es_cnzd string| es_passed string| es_togo string| es_jd string| es_mjd string| es_ratd string| es_zodsign string| es_yin string| es_yang string| es_earth string| es_water string| es_fire string| es_air string| es_metal string| es_wood string| es_scnres string| es_coldep string| es_colors string| es_color string| es_colrgbh string| es_colrgbd string| es_colhsl string| es_colhsv string| es_colcmyk string| es_winsiz string| es_chars string| es_mapw string| es_favs string| es_theme string| es_thmnone string| es_thmauto string| es_thmlite string| es_thmdark string| es_enab string| es_online string| es_offline string| es_mousepos string| es_calc string| es_entplc string| es_mypos string| es_posno string| es_poschkperm string| es_go string| es_pageloaded string| es_thequickfox string| es_about boolean| shwFav boolean| startshwFav string| favNewWin number| favsprow object| favs number| favsn string| homeimgdir string| homeimg_lite string| homeimg_dark boolean| shwEvents object| eventx function| fix function| toggleBox function| writeBox function| toggleFavX function| npadf2 object| hexDigits function| hex function| rgb2hex function| setPrefTime function| changeThemeTime function| clockTick function| toCapitalCase function| sundfix function| showTime function| getEventDesc function| getfnnam function| getfnext function| getHomeImgEvent function| infoDateNow function| infoDate function| checkDate function| leapYr function| DiffDates function| DateToJulianDay function| isJulian function| dayWeek function| convYr function| easter function| zodiac function| bpress function| bpressgrp function| win_resized function| getDateTime function| findme function| coordshow number| tdap number| xmltenhm2 number| xmltenmd2 number| nmm number| ndd string| nhhmm string| nmmdd string| homeimg_title string| jxfaceimgmouseinlite string| jxfaceimgmouseindark string| jxfaceimgmouseoulite string| jxfaceimgmouseoudark string| jxeyeimg1 string| jxeyeimg2 boolean| shwface boolean| shwmcoords number| jxfacew number| jxfaceh number| jxeye1w number| jxeye1h number| jxeye2w number| jxeye2h number| jxeye1pl number| jxeye1pt number| jxeye2pl number| jxeye2pt number| jxeyem1w number| jxeyem1h number| jxeyem2w number| jxeyem2h number| jxxeyes string| jxsayh string| jxsayc object| jxeyeso object| jxeye1 object| jxeye2 object| xbody function| getitem function| jxeyesmov function| jxeyes function| jxeyeslook function| numDaysMonth function| prez function| calendarNow function| calendar function| selday function| rgbToHsl function| hslToRgb function| rgbToHsv function| hsvToRgb function| sbtStringS function| rgbToCmyk function| cmykToRgb function| baseconv function| DecObas function| ObasDec function| propor function| asc function| leftS function| midS function| validhex function| cpcolpick2colval function| cpcolval2colpick function| colupdate number| mb function| google_spfd object| google_sv_map object| google_t12n_vars number| bgrn number| itms string| hidshw number| earthpicw number| earthpich undefined| oearthpicw number| i1 number| i2 string| jxfaceimg string| numalf number| ypp number| ynn number| yp number| mp number| yn number| mn number| fdmwd number| fdpos string| r number| ldm number| ldmp number| j number| jwd number| curd number| curdn number| j1 boolean| mwkok boolean| ipos string| hnvS number| t boolean| _gfp_p_ number| google_lpabyc number| google_unique_id number| bgrmx function| sysOnline function| sysOffline function| winMouseOut function| winMouseIn object| cookieChoices string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno number| _uff number| _udh object| _udt number| _ubl string| _udo number| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx object| gaGlobal object| _atrk_opts number| index object| __gcse function| pbjsChunk object| _pbjsGlobals object| __core-js_shared__ object| _clrm function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| closure_memoize_cache_ function| atrk boolean| _atrk_fired object| google object| closure_lm_387653 function| _googCsa number| nextSearchboxId function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpa number| _googEnableTcf number| _googEnableQup number| _googTcfApiTimeout number| _googUspApiTimeout number| googleAltLoader object| GoogleGcLKhOms object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| AMP12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .elfqrin.com/ | Name: __auc Value: a6339e4b17295cdac3b0f19f015 |
|
| www.elfqrin.com/ | Name: waldo_region Value: ZH |
|
| .doubleclick.net/ | Name: DSID Value: NO_DATA |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlxv7RYUfQkq4VRMFrM913V3swdUX2TRIEwKFp4zYswXM6sCs39295KUn6f |
|
| .elfqrin.com/ | Name: __asc Value: a6339e4b17295cdac3b0f19f015 |
|
| www.elfqrin.com/ | Name: waldo_country Value: CH |
|
| .elfqrin.com/ | Name: __utmb Value: 32078186 |
|
| www.elfqrin.com/ | Name: waldo-pbjs-pubCommonId Value: 4d02e9fc-9920-4416-af65-4063f004b719 |
|
| .elfqrin.com/ | Name: __utmz Value: 32078186.1591651183.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none) |
|
| .elfqrin.com/ | Name: __utmc Value: 32078186 |
|
| www.elfqrin.com/ | Name: waldo_continent Value: EU |
|
| .elfqrin.com/ | Name: __utma Value: 32078186.617973665.1591651183.1591651183.1591651183.1 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
87bdec679a8d952208c4dca88037f8b3.safeframe.googlesyndication.com
ad-cdn.technoratimedia.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
bidder.rtk.io
cdn.ampproject.org
cdn.thisiswaldo.com
certify-js.alexametrics.com
certify.alexametrics.com
clients1.google.com
cse.google.com
dmx.districtm.io
e.serverbid.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
ib.adnxs.com
ipfind.co
lockerdome.com
match.adsrvr.org
pagead2.googlesyndication.com
prebid.technoratimedia.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
sync.rtk.io
thisiswaldo.com
tpc.googlesyndication.com
www.elfqrin.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
104.154.142.214
104.16.68.69
13.226.159.89
143.204.89.31
147.75.107.82
147.75.199.185
152.199.22.191
172.217.16.130
178.128.135.80
2600:9000:21f3:1e00:4:164e:ca00:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:814::2001
2a00:1450:4001:815::200a
2a00:1450:4001:816::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:81f::2004
2a00:1450:4001:820::200a
2a00:1450:4001:821::2001
2a00:1450:4001:825::200e
34.249.135.160
37.252.173.22
50.18.207.118
52.15.219.226
52.214.166.94
52.48.220.157
52.86.35.149
89.40.123.182
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
084a168289f16b25bcff46a84af4ba9ece50ac8e03d48d01d7a76451ae8dd2ae
0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
23304e9ae5b04a60edeb8a18d67e2de3a37fe961b02ee5d4db9a18493fd85641
235e19887f72505a405bba297bdfafa92174d88640db44671bf00fdbf2c77b72
2ac89713cd8844cf2916829a50c421a0ca4d0819585eae0bd57c2acc9af60fce
2b8cae937ae91a3220b33a1fe5318c186c3a5783f4c758af38a3dc052984dbc3
2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3343f30c0f196d0a2c4d2b0825bc1f7e7d5a0382a57960036cb95ec56391a15d
35f80e0ec4f911e46443e8c6ebdbecee59f22d64569dce46260d734189f8d651
387d203fc4d6695bab82c2760060ed7dc5e2a0162a4b21fe80773ed66db78743
3a2b5aedab6d8d1c405b309e966859cc6f9f836039b5b4999d15dfc25307e8b4
3c41448557292a04664412430068570793e9e006d4232ab03c3889f81c0bf287
43106da48d2ee397a685f95549d4601c0a6590c976aa91fa3b5f7084a0785a4d
43c0b95425205c35c6a2306cf68e94547f4172578b787daf8a5fa9fa807b7ab3
4467f07e2394d400a395fe16d62fba253dececc399f8c6e0302090c58db1e435
47c895c4978d731c6388abf5790494dca47b32671b42038fda3d06f0379e0b21
4927cd2494733c349a22151a87fcce16fa40eb2b3cb143fbf5c062c1372b0560
4b51aff62bc4bd5650adf00ff30b45b358e3d8286cf4356f829b5e237f415357
4bf95ecf4f84305e21a527cbd98691da46dcb3de9891c60934cced943032ce4f
529a138a771c56adc3ddae82ccc1e8b31ec7662622287bc092d9ffda8758e8bb
54270e6ff93ac8b493d4a873221b5a68dd13cfdd2f091c2a099f21c260270a35
5e92461b3b19673df204ce0b7cd23c87b8768ddbb51c7364b3cd8515f7048603
5ef81fc374a5a543256afc89df1eb0a5502cb7a1ab8c9be80c86e4d18aba2c71
63082767364d28c31e57cbf557f2f7105f6bc3c81ae6546b6f8683a14202725b
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
6958ac591e224f9c831ffa4b90e1219a354b25cc2374b19876f094c4701b69bc
696afd3711ce9a5d3a425e8099aab6cadcf09aaac399d25e8b4b9a8ac08e757b
6a4958915a78e78f344bd54e481cf87192b7f6cb1844201d5772bf675ed3a187
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df7b88bf786124161c91ce7636949e353cb8ff1ed090a3ba030152d4fde3e2f
7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454
72abccdfeae870efe33449899435222b5d36809232b2d240cc525213a5cf3f12
7418be138d257de88e67e747ca9e90b75ca5a7240715a6c326aa8e3cade4afeb
7c038e50f98e4a7f4e43f874a0a90763867a2a567c1f4235241d6a9145864e8d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bef3a588b121dda074f62ef5c88cd6aa73cd747e7485c4da3f999fb4da4868c
8fafeba3a752db5f2192dded348b290fe87005475cde47ef5867c8a347842fdd
90020a966a1402cbdae25c514d34b52285403201995ee6d69d1e2e3a401e9e44
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
91c349da61c2c50594a3c84de754f81dd95fec54d193246db309691954215c21
93c0bb6d5a2bd772554991618f686d3cf170495c33287493c56f733dacdbc3a8
97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183
9b48e3c23423a619b170bf257cc527de488a3f74f3b8e3d4a8896306d15d64b7
9bf2ff3fb500f52024dc219d5561f201dfc0d62a3f7e16808aea09498b5f2afa
9cd96a294350424ff8e30f43e2ec8e7958c061b75fff8e37538bd7bf83fb7733
9fa4b05de77cc95d326d53e824ba9e5d6845ea85905f1cfa5d7c7a825716fa9b
a12f1a214065fa61ec7319ac93f0e63f5168fce52d4365e2023a22b39088aceb
a3d895491a469e74252acf71f522a6237b934149c20b75ee0567b2c355947f15
a40e1dc1167d45b46526d6d2ed46d0227c8bc4a531c82738aa237ccfe0455684
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a50f20ecac24eeea05e7fc20c4f5d20b5075e061fd067d1f956e424fe010dcf2
ac2bfb682edcde0cb90188a613a80ae2d61f121f6e125d323ea7ad9a7c177be7
b349aeb34f1a4abd36db123427d3d0796dd9d8a7ffc6275a58ba6aa514c927dd
bdad1c876019a03cc143e7c0aa64d81b017cc897ae2bb1bb259eb8e9b67c2d12
c0563e7f92c3564af0f9d4cfbce95ed0f34c6e7e0b4c04dd68e4b6628412c458
c17d0c431d90aff8be0d8522887b3c5b475d7a757eec3afaeae95e7c6051eb3a
cacaf2e83a1f9b412b0f3fd7edf6f39d3455dd234f139df3a3bcaa9a9120868d
cff59e85c2af6df2930a5f867cc205acd0efbd21b1d5467c9a7f173443a34160
d0a32ad408c481c4425a3a3786612271017afdcf34969c678ba135747b094677
d34da2ea21a041db1e9f4b80b0755ab58036714f03204b9c48dd10fe8e728bec
d8617998db60e8b28f99a8abbd1dec66e250623255c67f48161e9ddfd49f67a8
d861a6b1309334822ab43870321d8c7b7ec614fd7289d2b3c7c01a19c2d65528
dc1ba605ea4d58be75c098b08b3e5bb950bcf7c75729709d802e0f376978d9c4
dd4ebbb782803fc48a52a589cdbe91bad2c5d2a93f336ece03cd6fe7d65dd2ec
dff326460024b56ec9ecf4ca91a555b5425aa497baff73a42df426d4dd143941
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f37872c23dc532588b46e5836dbd0d0ffb6ba0b1fe3ca37689c800443f9d36e8
f8389a27c7aec087ff70ce2a2f6f58981f08eaa64fa7acbecb37b5759d6cdc77
fd1f0f9a11765767e56b6868dd08526b1f7f2c59d71371879b9b443b1031311f