Submitted URL: http://social-advocacy.pages.dev/
Effective URL: https://social-advocacy.pages.dev/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 07 via api from IT — Scanned from NL

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 22 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is social-advocacy.pages.dev.
TLS certificate: Issued by WE1 on November 6th 2024. Valid for: 3 months.
This is the only time social-advocacy.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 188.114.97.3 13335 (CLOUDFLAR...)
1 142.250.186.42 15169 (GOOGLE)
4 142.250.184.202 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 89.44.109.68 3164 (ASTIMP-IT)
1 142.250.184.234 15169 (GOOGLE)
1 212.146.85.216 5606 (GTS-BACKB...)
1 172.67.183.152 13335 (CLOUDFLAR...)
1 89.39.246.214 205275 (ROMARG HO...)
1 89.33.27.14 205275 (ROMARG HO...)
2 89.42.218.12 205275 (ROMARG HO...)
4 216.58.212.163 15169 (GOOGLE)
22 12
Domain Requested by
4 fonts.gstatic.com fonts.googleapis.com
4 firestore.googleapis.com social-advocacy.pages.dev
4 social-advocacy.pages.dev social-advocacy.pages.dev
2 timpul.info
1 tomisnews.ro
1 focuspress.ro
1 cugetliber.ro
1 ctnl.ro
1 firebasestorage.googleapis.com
1 www.dobrogeaexplore.ro
1 images.titler.ro
1 fonts.googleapis.com social-advocacy.pages.dev
22 12

This site contains no links.

Subject Issuer Validity Valid
social-advocacy.pages.dev
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
edgecert.googleapis.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
titler.ro
WE1
2024-10-25 -
2025-01-23
3 months crt.sh
dobrogeaexplore.ro
cPanel ECC Domain Validation Secure Server CA 3
2024-10-25 -
2025-01-23
3 months crt.sh
ctnl.ro
R10
2024-10-26 -
2025-01-24
3 months crt.sh
cugetliber.ro
WE1
2024-09-29 -
2024-12-28
3 months crt.sh
focuspress.ro
R11
2024-09-14 -
2024-12-13
3 months crt.sh
*.voceadacilor.ro
R11
2024-10-12 -
2025-01-10
3 months crt.sh
*.timpul.info
R11
2024-09-12 -
2024-12-11
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://social-advocacy.pages.dev/
Frame ID: F9BA36F21C0400AABB6B325A64172DF9
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

React App

Page URL History Show full URLs

  1. http://social-advocacy.pages.dev/ HTTP 307
    https://social-advocacy.pages.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

2328 kB
Transfer

2678 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://social-advocacy.pages.dev/ HTTP 307
    https://social-advocacy.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
social-advocacy.pages.dev/
Redirect Chain
  • http://social-advocacy.pages.dev/
  • https://social-advocacy.pages.dev/
944 B
1 KB
Document
General
Full URL
https://social-advocacy.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd3335fcc15bb79941fcbda737e01c0f0bb07aa411e6480381029c4ade93f3a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8de9cb393fd81c93-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 02:11:39 GMT
link
<https://fonts.googleapis.com>; rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03yR85Q1PqClLoazfSngBT9wAmqgHSoLgwS2GDIX9yCD0mzv5katspRqieT%2B2lKHGInZWnRD3n994N0WiUVoghPSfRhiXxXER6JvgtP3yGZZ9dDAkhIhLTnlBw0eZe0TZePh7bcEniuvkmkF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=14118&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4189&recv_bytes=4446&delivery_rate=45155&cwnd=12000&unsent_bytes=0&cid=3d69de7dedf55863&ts=51&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://social-advocacy.pages.dev/
Non-Authoritative-Reason
HSTS
css2
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: social-advocacy.pages.dev
URL: https://social-advocacy.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 02:11:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 02:11:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 07 Nov 2024 00:56:33 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.1633303e.js
social-advocacy.pages.dev/static/js/
438 KB
139 KB
Script
General
Full URL
https://social-advocacy.pages.dev/static/js/main.1633303e.js
Requested by
Host: social-advocacy.pages.dev
URL: https://social-advocacy.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb06f320a577f86eb2b9f76bd994b226e73c35e7348d9b5c8550d81da34f7eec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"5c0ae39001978c909484c4baf697ff36"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwkkON6q9cQGOD%2Bf9y6aKUUP3ycIRtpRgaeec5A9FBftJd%2FehMTBE3ikkjpuejmmFBlLdHHjhM962niVdXbglvKX8FuRkBi57zjpdaK1lyUeNDDu0xIaTsWxQbF%2FSTkPIYgxc5DevBZNXOx3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de9cb39e85b1c93-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15529&sent=21&recv=16&lost=0&retrans=1&sent_bytes=10865&recv_bytes=5286&delivery_rate=31046&cwnd=12000&unsent_bytes=0&cid=3d69de7dedf55863&ts=802&x=1", cfHdrFlush;dur=0
date
Thu, 07 Nov 2024 02:11:39 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
main.0014f983.css
social-advocacy.pages.dev/static/css/
16 KB
5 KB
Stylesheet
General
Full URL
https://social-advocacy.pages.dev/static/css/main.0014f983.css
Requested by
Host: social-advocacy.pages.dev
URL: https://social-advocacy.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7200241c19d90622d30ef5f54b631912e57cd7e017323c6028ec8be82ada619e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"d994d2d6f5db7fc1297fb01e0499d069"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQWkX5LNe8LUk%2B23vSGNWNzlqBroBA6x%2FVPTxsmnyNXMmz3AELBqPnVrqvvPtc7vGoZBvsN6m5xg7nvKzNVLRuJHOkDffUec6nANisVCroAMHVDjHFuv70m405K491NZsDJgrsL133sA5G4i"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de9cb39e85d1c93-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16570&sent=16&recv=13&lost=0&retrans=1&sent_bytes=5860&recv_bytes=5156&delivery_rate=12234&cwnd=12000&unsent_bytes=0&cid=3d69de7dedf55863&ts=279&x=1", cfHdrFlush;dur=0
date
Thu, 07 Nov 2024 02:11:39 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
54 B
460 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fadvocacy-fab21%2Fdatabases%2F(default)&RID=67064&CVER=22&X-HTTP-Session-Id=gsessionid&zx=wpyozbxt3mae&t=1
Requested by
Host: social-advocacy.pages.dev
URL: https://social-advocacy.pages.dev/static/js/main.1633303e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
f4071b2bb44f6c97f634d167006815f22fca1ae7b2067deb3591f4067fa52b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
Referer
https://social-advocacy.pages.dev/

Response headers

access-control-expose-headers
x-client-wire-protocol,x-http-session-id
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 02:11:40 GMT
content-type
text/plain; charset=utf-8
vary
origin
x-http-session-id
4OrOyKwE3zfVejLIP0hIPr0DABTEyR2S9wRy5SXOMfc
x-frame-options
SAMEORIGIN
cache-control
private
access-control-allow-credentials
true
x-client-wire-protocol
h2
access-control-allow-origin
https://social-advocacy.pages.dev
content-length
71
x-xss-protection
0
server
ESF
favicon.ico
social-advocacy.pages.dev/
4 KB
4 KB
Other
General
Full URL
https://social-advocacy.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"aa92c013eff7a7976ff11896c5a643bf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rPFC6WZY8IitPqbUD4DESmPySdBj4yt6fnXrGhnasFnGFvZmSZgStWD4CiSOWjV2TyRWJltuBC076%2FSnl7qjmJL%2F3R3cUNJD07dUVnc1KI9e1DxOm9%2BvTf3MaNyvJ3BLSAYVtXag7GagpYB"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8de9cb3f7c881c93-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14062&sent=145&recv=63&lost=0&retrans=1&sent_bytes=156217&recv_bytes=7665&delivery_rate=4373669&cwnd=76800&unsent_bytes=0&cid=3d69de7dedf55863&ts=1165&x=1", cfHdrFlush;dur=0
date
Thu, 07 Nov 2024 02:11:40 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
server
cloudflare
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
19 KB
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=4OrOyKwE3zfVejLIP0hIPr0DABTEyR2S9wRy5SXOMfc&VER=8&database=projects%2Fadvocacy-fab21%2Fdatabases%2F(default)&RID=rpc&SID=tRlfxKsgE9JMQczEIWhtcA&AID=0&CI=0&TYPE=xmlhttp&zx=2vfshw5s8obq&t=1
Requested by
Host: social-advocacy.pages.dev
URL: https://social-advocacy.pages.dev/static/js/main.1633303e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

x-debug-tracking-id
12282058818757550756;o=0
cache-control
private, max-age=0
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://social-advocacy.pages.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 02:11:40 GMT
x-xss-protection
0
content-type
text/plain; charset=utf-8
vary
Referer, origin
server
ESF
x-frame-options
SAMEORIGIN
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fadvocacy-fab21%2Fdatabases%2F(default)&gsessionid=4OrOyKwE3zfVejLIP0hIPr0DABTEyR2S9wRy5SXOMfc&SID=tRlfxKsgE9JMQczEIWhtcA&RID=67065&AID=12&zx=e9nqv0z0rwvb&t=1
Requested by
Host: social-advocacy.pages.dev
URL: https://social-advocacy.pages.dev/static/js/main.1633303e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
bcdb0fc758098893f263149feccdc76d0240f3513123618533e5261c96ca3e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://social-advocacy.pages.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
date
Thu, 07 Nov 2024 02:11:40 GMT
x-xss-protection
0
content-type
text/plain; charset=utf-8
vary
origin
server
ESF
x-frame-options
SAMEORIGIN
1-1725899008.jpg
images.titler.ro/https://cugetliber.ro/imagini/original/
46 KB
47 KB
Image
General
Full URL
https://images.titler.ro/https://cugetliber.ro/imagini/original/1-1725899008.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002fa371159de2fdef74e53f0eee4c0033df2797c2c56aa4b2cabd4139e0d6d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpZlcHBUSt%2Bw4L%2Fle3BymTLKJuuehrem5QcW5PSSU6VNt4J2vh3c3y%2FQlIv5andnRM6iTGkhufL9OHElqsa3U7%2FO%2F7yuYL4zv94wQvCKQnhw%2F%2FkhDKEn7BA3mqbolNNx0Cmg"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12489&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4263&recv_bytes=4535&delivery_rate=754&cwnd=12000&unsent_bytes=0&cid=f076502065314394&ts=348&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 07 Nov 2024 02:11:40 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-reset
1
cf-ray
8de9cb420d75b986-AMS
x-ratelimit-remaining
100
content-length
47088
x-ratelimit-limit
101
server
cloudflare
unpr-daniel-morar-860x486.jpg
www.dobrogeaexplore.ro/wp-content/uploads/2024/06/
69 KB
69 KB
Image
General
Full URL
https://www.dobrogeaexplore.ro/wp-content/uploads/2024/06/unpr-daniel-morar-860x486.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.44.109.68 , Romania, ASN3164 (ASTIMP-IT, RO),
Reverse DNS
mail.dobrogeaexplore.ro
Software
LiteSpeed /
Resource Hash
306f4167cfa135b783ce380f17a497d02953c85a6e34ef25e07a74d8fc3a3eac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
public, max-age=604800
expires
Thu, 14 Nov 2024 02:11:40 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
70511
date
Thu, 07 Nov 2024 02:11:40 GMT
content-type
image/jpeg
last-modified
Sun, 30 Jun 2024 05:52:36 GMT
server
LiteSpeed
vary
User-Agent
images%2FSemnare-protocol.jpg
firebasestorage.googleapis.com/v0/b/advocacy-fab21.appspot.com/o/
318 KB
319 KB
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/advocacy-fab21.appspot.com/o/images%2FSemnare-protocol.jpg?alt=media&token=c3ee4db9-cd81-4ec4-adf7-60d0dc8883e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
UploadServer /
Resource Hash
f9d00e9b0783a0fe77ac69087b394e4dca43f57cbfd57814c2f0e18626920167

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=7NsdAw==, md5=saWb1PIYKk3MOiRWQSzbaQ==
etag
"b1a59bd4f2182a4dcc3a2456412cdb69"
x-goog-stored-content-encoding
identity
expires
Thu, 07 Nov 2024 02:11:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
325495
date
Thu, 07 Nov 2024 02:11:40 GMT
last-modified
Thu, 11 Jul 2024 16:13:51 GMT
content-type
image/jpeg
content-disposition
inline; filename*=utf-8''Semnare-protocol.jpg
x-guploader-uploadid
AHmUCY1frEB2rBZ9j9PGihm4lG7QUH-G4S8xAv_oVoVAm5zrHeJweDoVXLnAWu9MWkWLqwghK4s
cache-control
private, max-age=0
x-goog-storage-class
STANDARD
x-goog-meta-firebasestoragedownloadtokens
c3ee4db9-cd81-4ec4-adf7-60d0dc8883e8
accept-ranges
bytes
x-goog-generation
1720714431201224
content-length
325495
server
UploadServer
unpr-rse-700x375.jpg
ctnl.ro/wp-content/uploads/2024/06/
82 KB
82 KB
Image
General
Full URL
https://ctnl.ro/wp-content/uploads/2024/06/unpr-rse-700x375.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.146.85.216 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw212-adf-he216.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
5ccb491349b6f7d498e4fdaaac9c373391b3415f945365c26f6f4f441be2af11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
public, max-age=604800
expires
Thu, 14 Nov 2024 02:11:40 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
83491
date
Thu, 07 Nov 2024 02:11:40 GMT
content-type
image/jpeg
last-modified
Wed, 03 Jul 2024 20:13:15 GMT
server
LiteSpeed
vary
User-Agent
img20240629wa0020-1719656185.jpg
cugetliber.ro/imagini/mari/
124 KB
124 KB
Image
General
Full URL
https://cugetliber.ro/imagini/mari/img20240629wa0020-1719656185.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c2504a1d97029c474c7a64b7745f4bc82783828aa636f45148af48e1e6e886
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cf-cache-status
MISS
etag
"1ee87-61c04a8192578"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2F3eZ0%2FQsCuXimxN9FTOXj521zTEa5ScK5tuMTec7yJojBzHDV%2FOEq3mtJb8P9Mt2wWO1GVjjETexeyyM37mY2bIwemKUFHr9f0XpJB1QOKmwrQsMu5WPDP7r5Zbkzv3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 02:11:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12289&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4038&recv_bytes=2286&delivery_rate=310835&cwnd=254&unsent_bytes=0&cid=d01c069293d019cf&ts=269&x=0"
date
Thu, 07 Nov 2024 02:11:40 GMT
content-type
image/jpeg
last-modified
Sat, 29 Jun 2024 10:16:25 GMT
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8de9cb410f656690-AMS
accept-ranges
bytes
content-length
126599
server
cloudflare
whatsapp-image-2024-06-29-at-13-47-47-1140x815.jpeg
focuspress.ro/wp-content/uploads/2024/06/
115 KB
116 KB
Image
General
Full URL
https://focuspress.ro/wp-content/uploads/2024/06/whatsapp-image-2024-06-29-at-13-47-47-1140x815.jpeg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.39.246.214 , Romania, ASN205275 (ROMARG HOSTING, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1cdf090469a384aff31e48b5b03537df9f7addb688f289b131326fe487fb12d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
public, max-age=31557600
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 08:11:40 GMT
accept-ranges
bytes
content-length
118089
date
Thu, 07 Nov 2024 02:11:40 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Sat, 29 Jun 2024 11:35:05 GMT
server
LiteSpeed
acord.jpg
tomisnews.ro/wp-content/uploads/2024/06/
66 KB
66 KB
Image
General
Full URL
https://tomisnews.ro/wp-content/uploads/2024/06/acord.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.33.27.14 , Romania, ASN205275 (ROMARG HOSTING, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fcc9d12d553b9e1a58965aaa6ca2f035e4ef23c621bf1c816a7394b1aa3f6d12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
private
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 02:11:37 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
67662
date
Thu, 07 Nov 2024 02:11:37 GMT
x-xss-protection
1; mode=block
content-type
image/webp
last-modified
Sat, 29 Jun 2024 14:07:41 GMT
server
LiteSpeed
vary
Accept
photo-48368.jpg
timpul.info/images/uploads/
598 KB
599 KB
Image
General
Full URL
https://timpul.info/images/uploads/photo-48368.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.42.218.12 , Romania, ASN205275 (ROMARG HOSTING, RO),
Reverse DNS
server-0391.whmpanels.com
Software
LiteSpeed /
Resource Hash
e78a52a85c3780e0b7294cfc8c5abfcb9e3b63ad85a194240657cfd23158cdf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
public, max-age=604800
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 02:11:37 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
612806
date
Thu, 07 Nov 2024 02:11:37 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Sat, 29 Jun 2024 16:38:34 GMT
server
LiteSpeed
photo-48371.jpg
timpul.info/images/uploads/
694 KB
695 KB
Image
General
Full URL
https://timpul.info/images/uploads/photo-48371.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.42.218.12 , Romania, ASN205275 (ROMARG HOSTING, RO),
Reverse DNS
server-0391.whmpanels.com
Software
LiteSpeed /
Resource Hash
78e6f81e6800a950bd30e7a201d587afc99d8db8f922a029277b744b2e9d1d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
public, max-age=604800
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 02:11:37 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
711067
date
Thu, 07 Nov 2024 02:11:37 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Sat, 29 Jun 2024 16:38:36 GMT
server
LiteSpeed
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://social-advocacy.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
39097
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://social-advocacy.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
37382
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:48:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:48:38 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12456
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://social-advocacy.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
155560
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 06:59:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 06:59:00 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://social-advocacy.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
37593
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:45:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:45:07 GMT
last-modified
Thu, 01 Aug 2024 20:41:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12304
x-xss-protection
0
server
sffe
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
18 B
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=4OrOyKwE3zfVejLIP0hIPr0DABTEyR2S9wRy5SXOMfc&VER=8&database=projects%2Fadvocacy-fab21%2Fdatabases%2F(default)&RID=rpc&SID=tRlfxKsgE9JMQczEIWhtcA&AID=15&CI=0&TYPE=xmlhttp&zx=oodc0zu8ktt4&t=1
Requested by
Host: social-advocacy.pages.dev
URL: https://social-advocacy.pages.dev/static/js/main.1633303e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://social-advocacy.pages.dev/

Response headers

cache-control
private, max-age=0
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://social-advocacy.pages.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 02:11:44 GMT
x-xss-protection
0
content-type
text/plain; charset=utf-8
vary
origin
server
ESF
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkadvocacy string| __reactRouterVersion

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ctnl.ro
cugetliber.ro
firebasestorage.googleapis.com
firestore.googleapis.com
focuspress.ro
fonts.googleapis.com
fonts.gstatic.com
images.titler.ro
social-advocacy.pages.dev
timpul.info
tomisnews.ro
www.dobrogeaexplore.ro
142.250.184.202
142.250.184.234
142.250.186.42
172.67.183.152
188.114.96.3
188.114.97.3
212.146.85.216
216.58.212.163
89.33.27.14
89.39.246.214
89.42.218.12
89.44.109.68
002fa371159de2fdef74e53f0eee4c0033df2797c2c56aa4b2cabd4139e0d6d6
1cd3335fcc15bb79941fcbda737e01c0f0bb07aa411e6480381029c4ade93f3a
1cdf090469a384aff31e48b5b03537df9f7addb688f289b131326fe487fb12d3
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
306f4167cfa135b783ce380f17a497d02953c85a6e34ef25e07a74d8fc3a3eac
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
5ccb491349b6f7d498e4fdaaac9c373391b3415f945365c26f6f4f441be2af11
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
7200241c19d90622d30ef5f54b631912e57cd7e017323c6028ec8be82ada619e
78e6f81e6800a950bd30e7a201d587afc99d8db8f922a029277b744b2e9d1d30
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
99c2504a1d97029c474c7a64b7745f4bc82783828aa636f45148af48e1e6e886
bcdb0fc758098893f263149feccdc76d0240f3513123618533e5261c96ca3e0e
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e78a52a85c3780e0b7294cfc8c5abfcb9e3b63ad85a194240657cfd23158cdf4
eb06f320a577f86eb2b9f76bd994b226e73c35e7348d9b5c8550d81da34f7eec
f4071b2bb44f6c97f634d167006815f22fca1ae7b2067deb3591f4067fa52b3a
f9d00e9b0783a0fe77ac69087b394e4dca43f57cbfd57814c2f0e18626920167
fcc9d12d553b9e1a58965aaa6ca2f035e4ef23c621bf1c816a7394b1aa3f6d12