www.ptotoday.com
Open in
urlscan Pro
69.39.232.205
Public Scan
Effective URL: https://www.ptotoday.com/?_bta_tid=20554068325476426781078186102327610856877495102542364230519707275495116929990027009783...
Submission Tags: phishing malicious Search All
Submission: On March 12 via api from US
Summary
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on March 19th 2019. Valid for: a year.
This is the only time www.ptotoday.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
adservice.google.de | |
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
24 | www.ptotoday.com |
1 redirects
www.ptotoday.com
|
5 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
www.ptotoday.com cdn.ampproject.org tpc.googlesyndication.com |
4 | cdn.ampproject.org |
securepubads.g.doubleclick.net
|
4 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net www.ptotoday.com |
3 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
3 | fonts.gstatic.com |
www.ptotoday.com
|
3 | www.google-analytics.com |
1 redirects
www.ptotoday.com
www.google-analytics.com |
2 | px.ads.linkedin.com |
1 redirects
www.ptotoday.com
|
2 | www.facebook.com |
www.ptotoday.com
|
2 | www.google.de |
www.ptotoday.com
|
2 | www.google.com |
1 redirects
www.ptotoday.com
|
2 | connect.facebook.net |
www.ptotoday.com
connect.facebook.net |
2 | maxcdn.bootstrapcdn.com |
www.ptotoday.com
|
2 | fonts.googleapis.com |
www.ptotoday.com
|
1 | pixel.quantserve.com |
www.ptotoday.com
|
1 | www.linkedin.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | snap.licdn.com |
www.ptotoday.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | secure.quantserve.com |
www.ptotoday.com
|
1 | adservice.google.de |
www.googletagservices.com
|
1 | www.googletagservices.com |
www.ptotoday.com
|
1 | www.googleadservices.com |
www.ptotoday.com
|
1 | static.addtoany.com |
www.ptotoday.com
|
1 | cdnjs.cloudflare.com |
www.ptotoday.com
|
1 | email.ptotoday.com | 1 redirects |
66 | 27 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ptotoday.com GeoTrust TLS RSA CA G1 |
2019-03-19 - 2020-06-17 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-25 - 2020-05-19 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-05 - 2020-06-12 |
6 months | crt.sh |
ssl472428.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-12-10 - 2020-06-17 |
6 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-02-25 - 2020-05-19 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-02-25 - 2020-05-19 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-01-16 - 2020-04-15 |
3 months | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2019-10-04 - 2020-10-07 |
a year | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-02-25 - 2020-05-19 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
www.google.de GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
misc-sni.google.com GTS CA 1O1 |
2020-02-25 - 2020-05-19 |
3 months | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2019-05-29 - 2021-06-29 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2020-02-25 - 2020-05-19 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.ptotoday.com/?_bta_tid=20554068325476426781078186102327610856877495102542364230519707275495116929990027009783454029938375377160&_bta_c=0dm8973u3rcc857o1frzq4de9txbc
Frame ID: 995B8FDB0D70F9C40D2E74421186ED95
Requests: 58 HTTP requests in this frame
Frame:
https://cdn.ampproject.org/rtv/012002251816300/amp4ads-v0.js
Frame ID: FFEC463592AE94BE2C2F85E928F0E0A0
Requests: 8 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 949F0A746D8A70BD567549A53E4F0432
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://email.ptotoday.com/t/l?ssid=34909&subscriber_id=bnwziqxvbtzeuaymrcslmelnejcpbbm&delivery_id=bep...
HTTP 307
http://www.ptotoday.com/?_bta_tid=205540683254764267810781861023276108568774951025423642305197072754... HTTP 301
https://www.ptotoday.com/?_bta_tid=205540683254764267810781861023276108568774951025423642305197072754... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Analytics Enhanced eCommerce (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Quantcast (Analytics) Expand
Detected patterns
- script /\.quantserve\.com\/quant\.js/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: Finance Manager login
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Pinterest
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Sale
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Do not sell my personal information
Search URL Search Domain Scan URL
Title: SchoolFamily.com
Search URL Search Domain Scan URL
Title: SchoolFamilyNights.com
Search URL Search Domain Scan URL
Title: TeacherLists.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://email.ptotoday.com/t/l?ssid=34909&subscriber_id=bnwziqxvbtzeuaymrcslmelnejcpbbm&delivery_id=bepbpniblxzoyodfnjpqilxoxpjxbdp&td=eLD80Vewmccnp7ZWqb9XtQjk1Ztpw82pcyZCHqRp9ODvZXjM5Pv2aqGUkNualqJOPeDpbQTWlpXkJg97zp4GEdEZLdMIjitrCZiamSNR6_4LVIkV66B9SyIwmsJARbR43fstGJRLqqR8UFy_OUFFqucqUR2KXlVeMWqPuRpNZuJrJsCRYRZSliJpBfPGYihdAeeW9rrEaARqVRTHF7qe2mCENpTsvb6633zTKYl60-W5PlorJqFPQUJg
HTTP 307
http://www.ptotoday.com/?_bta_tid=20554068325476426781078186102327610856877495102542364230519707275495116929990027009783454029938375377160&_bta_c=0dm8973u3rcc857o1frzq4de9txbc HTTP 301
https://www.ptotoday.com/?_bta_tid=20554068325476426781078186102327610856877495102542364230519707275495116929990027009783454029938375377160&_bta_c=0dm8973u3rcc857o1frzq4de9txbc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 46- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1006575247&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ptotoday.com%2F%3F_bta_tid%3D20554068325476426781078186102327610856877495102542364230519707275495116929990027009783454029938375377160%26_bta_c%3D0dm8973u3rcc857o1frzq4de9txbc&ul=en-us&de=UTF-8&dt=PTO%20Today%3A%20Expert%20Advice%20and%20Essential%20Products%20for%20School%20PTA%20%26%20PTO%20Organizations%20in%202020%20-%20PTO%20Today&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aChAAEIJ~&jid=1281490844&gjid=1117054548&cid=1443613790.1584023364&tid=UA-332558-1&_gid=1246141006.1584023364&_r=1&_av=2.4.1&_au=20&did=i5iSjo&z=49680785 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-332558-1&cid=1443613790.1584023364&jid=1281490844&_gid=1246141006.1584023364&gjid=1117054548&_v=j81&z=49680785 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-332558-1&cid=1443613790.1584023364&jid=1281490844&_v=j81&z=49680785 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-332558-1&cid=1443613790.1584023364&jid=1281490844&_v=j81&z=49680785&slf_rd=1&random=2311873217
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62339&url=https%3A%2F%2Fwww.ptotoday.com%2F%3F_bta_tid%3D20554068325476426781078186102327610856877495102542364230519707275495116929990027009783454029938375377160%26_bta_c%3D0dm8973u3rcc857o1frzq4de9txbc&time=1584023364066 HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D62339%26url%3Dhttps%253A%252F%252Fwww.ptotoday.com%252F%253F_bta_tid%253D20554068325476426781078186102327610856877495102542364230519707275495116929990027009783454029938375377160%2526_bta_c%253D0dm8973u3rcc857o1frzq4de9txbc%26time%3D1584023364066%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62339&url=https%3A%2F%2Fwww.ptotoday.com%2F%3F_bta_tid%3D20554068325476426781078186102327610856877495102542364230519707275495116929990027009783454029938375377160%26_bta_c%3D0dm8973u3rcc857o1frzq4de9txbc&time=1584023364066&liSync=true
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.ptotoday.com/ Redirect Chain
|
51 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
474c8abdf213a057ffbb616a0cc0b11c.css
www.ptotoday.com/media/plg_jchoptimize/assets/gz/ |
270 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 572 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 918 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autotrack.js
cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
12cbb52d4786b56b40aa5eaba8272bd3.js
www.ptotoday.com/media/plg_jchoptimize/assets/gz/ |
494 KB 155 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1459e5e53d35a4440241fd9cc2621204.js
www.ptotoday.com/media/plg_jchoptimize/assets/gz/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0819-get-movin-sponsored-modal.png
www.ptotoday.com/images/modules/ |
98 KB 99 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.ptotoday.com/templates/ptotodayorg/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0119-live-alert-30px.gif
www.ptotoday.com/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pto-hp-slide-image-school-penny-war-fundraiser.png
www.ptotoday.com/images/slides-newhp/ |
277 KB 278 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0219-teacher-appreciation-gifts-for-5-or-less-cta-double.png
www.ptotoday.com/images/articles/double-height/ |
234 KB 234 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0215-march-to-do-350.jpg
www.ptotoday.com/images/articles/graphics-newhp/ |
74 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0120-end-of-school-year-guide-fullsize.png
www.ptotoday.com/images/articles/fullsize/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0118-elections-faq-350.jpg
www.ptotoday.com/images/articles/graphics-newhp/ |
89 KB 90 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0120-live-spring-2020-photo-booth-fullsize.gif
www.ptotoday.com/images/articles/fullsize-newhp/ |
368 KB 369 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0315-what-volunteers-hate-cta-350.png
www.ptotoday.com/images/articles/graphics-newhp/ |
110 KB 111 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0916-duct-tape-principal-fullsize.jpg
www.ptotoday.com/images/articles/fullsize/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1016-passive-fundraisers-fullsize.jpg
www.ptotoday.com/images/articles/fullsize/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1018-awesome-ways-to-encourage-being-kind-at-school-fullsize.jpg
www.ptotoday.com/images/articles/fullsize/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1118-your-toughest-leadership-challenges-tackled-fullsize.jpg
www.ptotoday.com/images/articles/fullsize/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0916-fun-social-event-ideas-for-adults-fullsize.jpg
www.ptotoday.com/images/articles/fullsize/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/ |
35 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.js
static.addtoany.com/menu/ |
80 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
25 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
43 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020030501.js
securepubads.g.doubleclick.net/gpt/ |
165 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.sync.js
adservice.google.de/adsid/ |
113 B 175 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quant.js
secure.quantserve.com/ |
13 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-shadow.jpg
www.ptotoday.com/templates/ptotodayorg/images/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quicksand-bold-webfont.woff2
www.ptotoday.com/templates/ptotodayorg/fonts/ |
23 KB 24 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quicksand-regular-webfont.woff2
www.ptotoday.com/templates/ptotodayorg/fonts/ |
22 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
16 KB 5 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_rendering_2020030501.js
securepubads.g.doubleclick.net/gpt/ |
69 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.png
www.ptotoday.com/templates/ptotodayorg/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
660890017332372
connect.facebook.net/signals/config/ |
447 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-c2glUQlv8li_c.js
rules.quantcount.com/ |
3 B 348 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072557459/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-v0.js
cdn.ampproject.org/rtv/012002251816300/ Frame FFEC |
200 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-v0.js
cdn.ampproject.org/rtv/012002251816300/ Frame FFEC |
200 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012002251816300/v0/ Frame FFEC |
92 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame FFEC |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012002251816300/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13132714224252983724
tpc.googlesyndication.com/simgad/ Frame FFEC |
105 KB 106 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
securepubads.g.doubleclick.net/pcs/ Frame FFEC |
0 75 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 40 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1072557459/ |
42 B 160 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1072557459/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13132714224252983724
tpc.googlesyndication.com/simgad/ Frame FFEC |
105 KB 105 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel;r=370848097;rf=0;a=p-c2glUQlv8li_c;url=https%3A%2F%2Fwww.ptotoday.com%2F%3F_bta_tid%3D20554068325476426781078186102327610856877495102542364230519707275495116929990027009783454029938375377160%...
pixel.quantserve.com/ |
35 B 658 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 203 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 949F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 58 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame FFEC |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
208 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| _gaq object| _gat object| pageTracker function| ga object| gaDevIds object| gaplugins string| GoogleAnalyticsObject function| JCaption function| IFrame function| Elements function| Cookie function| IframeShim function| Mask function| Spinner function| InputValidator function| OverText function| Drag function| Slider function| Sortables object| Asset function| HtmlTable function| Scroller object| SqueezeBox function| initInfinityScroll function| initSlideShow function| initAccordion function| initSameHeight function| initTouchNav function| initDistributeFilesharingColumnContent function| initFilesharingAccordion function| initFilesharingPlusLogin function| TouchNav function| $ function| jQuery object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| DOMEvent function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx function| Swiff object| Joomla function| writeDynaList function| changeDynaList function| radioGetCheckedValue function| getSelectedValue function| listItemTask function| submitbutton function| submitform function| saveorder function| checkAll_button object| Locale function| URI function| Hash function| $H object| Form function| Color function| $RGB function| $HSB function| $HEX function| Group function| Table function| Tips object| lib function| Hammer function| jModalClose string| jax_live_site string| jax_token_var object| jax function| Jax function| jax_iresponse object| pathInfo object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleTokenSync number| google_srt undefined| google_measure_js_timing object| gptAdSlots object| mapping object| mappingBoards object| slot object| slot2 object| slot4 object| slot6 object| slot8 string| menutitle string| sad function| fbq function| _fbq object| _qevents number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| submitSignupForm_1035 function| echeck_1035 function| validateNews_1035 object| google_tag_data object| gaData function| quantserve function| __qc object| ezt object| _qoptions object| a2a_config object| a2a object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url string| _linkedin_data_partner_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages function| lintrk boolean| _already_called_lintrk object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ptotoday.com/ | Name: _fbp Value: fb.1.1584023364558.2032796549 |
|
.ptotoday.com/ | Name: __qca Value: P0-771113448-1584023364337 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.de
cdn.ampproject.org
cdnjs.cloudflare.com
connect.facebook.net
email.ptotoday.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pixel.quantserve.com
px.ads.linkedin.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.linkedin.com
www.ptotoday.com
172.217.22.98
172.217.23.162
2001:4de0:ac19::1:b:1b
216.27.63.21
2600:9000:21f3:c600:6:44e3:f8c0:93a1
2606:4700:10::6814:6f27
2606:4700::6811:4004
2a00:1450:4001:808::2001
2a00:1450:4001:817::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2003
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a02:26f0:10c:382::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
69.39.232.205
91.228.74.175
91.228.74.200
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0f9e4199998e0ef1d93855ace8c1ff81d7fb76ca166ed600f9fcbfa62c92dbf4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
138534e5b6e900e6be9d93ecabfd2bc2cdd293493746b4ea7b7d96669a98e445
17d8cafbe039bea3d84b94db687a4e9749f265286254d58516f129c2ee73f9e1
24922dd72461e05777b1df352596516d9a5cd44198e41a413fa76d8200391e89
2fc00338905cb296e88c2453ee5665c895ffea0076b69f86de2f4ae99513f7dd
308afbad7f14066482350c3fd42f6a7de4fd349733b36d2f8fb6e2975d6f3d6c
3313553da3835e8d600ef79759e28e82a993b452d256ac2d54122ba47c1c4a19
334a0369730828b84712c4e23fe93928d9d6dfab8e2f39b5be11fd2432375c20
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4320a4c8da1c28fc29317bb572e95434e98c61894ad30e2823c4120858bb4a5f
46e5e38ddd06a6d2ac70da91cb3ab7da23e0a617fcf561ecbe47a931c4f5a66b
476a898bc63714b16f1f49b175ac6cb912e26bbe1cbb6a23930e9d7a2d971c83
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4a65a99354b55b521e5b190f19fe3756f4b53a787da9b77d721107fce5a76e76
5351b0a5c287ca1ce184fb4bab706372523b26c9f8fb4c42d680458bc588d429
5386cd85c961a51c9300f88de1f95d770a6dec3d200b9d2b060d670b6ede5163
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5a37abfbf14be715e3a2639a0bac71a220d9c853196041ca40050e969d8d9e72
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5e017b2504ce301b42a0d6a05741c6f0e48af3331322b8b7817aeac77d10047c
5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056
64fbfb0263a904422a978957ad284ea6359cef9128df57699ac7d6a10bad3bdc
75bb393ca12cc2f3ece52fd0c30e679530c53e02666ff6a5b7ff3ca6603268e8
7dd48f1bc2fdacfb2d54d2ca4ee92c84ae24fa3cde216997b6f71dab2644e32b
885272c4dedd00fe344bf1f3353bdfe79dc2e872051d3456589f22008109d731
8cebbfa1487e3dc67737bb93e04d96fef483b4b69cd67707d0cb4817e09a4335
8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55
8fe847b8ecfeeb427de6067bd90ee789a1745970dfd55472cb194ba148f5cd6e
93de351a44b5ddd6094761a66d5dee03eafc0f2c6b6f3785392b039035f92a46
95a334e0c78b57f4f41ebd95ecc4ad749aefb308e0b5b8c8d1b9366e775ceb01
9a7e49fb41c1175f9d4e394b6fe993af1b657150e53115b86b7e410a4aad4985
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
a0a275ab8686efea8ed506fc00b4830f2a35088f11cf6dd30a337a41bc696f3d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b20b51ecbeba7e5debfd2005eb4644ef47194bd87cc1f520f8b59f2d211a859d
b21fde0e64ad4d955121732bf01611727712b3620a98b86418adf0a82db24522
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
db3c4026461e8b74dbea4b1e1caa4b602ea5a0ea0ee46b696cb36e5e13f711bc
dffd83700dd74d4524da45259085e0a134e06e87b4fe5b7fdf77134269da81ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4467bcf03f01d270b7f7b91eeeb4ea1480b9014eb416ba0b1ad25fde02fa799
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
e9f0e845e3012d35d9c61f4079df216ccdabde9192467c839b5ef0ff72930cc3
e9f22757c9e9e4abf30e4567be67bfcd723e52bf90a841f2fd6957d7967bd47f
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
eee589bb4d1ca9c17e77394c0c57f83c38b05a1296f557e1fcc2426d0b84edd8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f82785127af538fbd99eeac1e4b4f6b7d5fac1cbc9de8b8302c30a9b5d862c98
fc3be089e3ce006189876b5dba2df9510b5f05b41bf46324c74f16263a6e86dc
ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc