www.truesec.com
Open in
urlscan Pro
76.76.21.93
Public Scan
Effective URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Submission: On January 21 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 10th 2021. Valid for: 3 months.
This is the only time www.truesec.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-81.txl50.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-116.fra60.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-89.txl50.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-184-63.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
truesec.com
2 redirects
blog.truesec.com www.truesec.com |
483 KB |
19 |
assets-servd.host
optimise2.assets-servd.host — Cisco Umbrella Rank: 119665 |
909 KB |
9 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 92 |
734 KB |
4 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 644 script.hotjar.com — Cisco Umbrella Rank: 919 vars.hotjar.com — Cisco Umbrella Rank: 1012 in.hotjar.com — Cisco Umbrella Rank: 1810 |
65 KB |
3 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 static.doubleclick.net — Cisco Umbrella Rank: 356 |
1 KB |
3 |
cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 5154 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5916 |
85 KB |
3 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
33 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
20 KB |
1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 |
548 B |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109 |
77 KB |
1 |
ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 206 |
1 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 13 |
14 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
62 KB |
1 |
hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 5270 |
2 KB |
1 |
hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 7555 |
144 KB |
78 | 15 |
Domain | Requested by | |
---|---|---|
29 | www.truesec.com |
www.truesec.com
|
19 | optimise2.assets-servd.host |
www.truesec.com
|
9 | www.youtube.com |
www.truesec.com
www.youtube.com |
2 | www.google-analytics.com |
www.googletagmanager.com
|
2 | www.gstatic.com |
www.youtube.com
www.gstatic.com |
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
2 | consent.cookiebot.com |
www.googletagmanager.com
consent.cookiebot.com |
2 | blog.truesec.com | 2 redirects |
1 | pagead2.googlesyndication.com |
www.googletagmanager.com
|
1 | in.hotjar.com |
script.hotjar.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | consentcdn.cookiebot.com |
consent.cookiebot.com
|
1 | i.ytimg.com |
www.youtube.com
|
1 | yt3.ggpht.com |
www.youtube.com
|
1 | www.google.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | fonts.gstatic.com |
www.youtube.com
|
1 | www.googletagmanager.com |
www.truesec.com
|
1 | forms.hsforms.com |
js.hsforms.net
|
1 | js.hsforms.net |
www.truesec.com
|
78 | 22 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.truesec.com R3 |
2021-12-10 - 2022-03-10 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-16 - 2022-07-15 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
consent.cookiebot.com DigiCert ECC Extended Validation Server CA |
2020-06-11 - 2022-06-11 |
2 years | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.cookiebot.com DigiCert SHA2 Secure Server CA |
2021-07-05 - 2022-07-13 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Frame ID: FFE5AE0BBEBC589A03F0E8DECC3DACA5
Requests: 60 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/kKcko4LdeSM
Frame ID: 11B27D8337C71BF876171FDC1D58F201
Requests: 18 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: EEACD709BDFA40BE0EE01D61BA9ADACC
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: DC2C15A0A27450B8EB7BF41884AF66C9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Kaseya supply chain attack targeting MSPs to deliver REvil ransomware - TrueseclogoPage URL History Show full URLs
-
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransom...
HTTP 308
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransom... HTTP 307
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Page URL
Detected technologies
Cookiebot (Cookie compliance) ExpandDetected patterns
- consent\.cookiebot\.com
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Page Statistics
29 Outgoing links
These are links going to different origins than the main page.
Title: logo
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: Learn more about this provider
Search URL Search Domain Scan URL
Title: securitysummit.se
Search URL Search Domain Scan URL
Title: geekweek.truesec.com
Search URL Search Domain Scan URL
Title: checkout.truesec.com
Search URL Search Domain Scan URL
Title: campaign.truesec.com
Search URL Search Domain Scan URL
Title: truesec.com
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Huntress
Search URL Search Domain Scan URL
Title: Kevin Beaumont
Search URL Search Domain Scan URL
Title: we published the details of the exploit in a follow-up technical post
Search URL Search Domain Scan URL
Title: released a script
Search URL Search Domain Scan URL
Title: English Newsroom
Search URL Search Domain Scan URL
Title: Swedish Newsroom
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
HTTP 308
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware HTTP 307
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 58- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
78 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
www.truesec.com/hub/blog/ Redirect Chain
|
293 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
82929dba21bc7d81.css
www.truesec.com/_next/static/css/ |
90 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2.js
js.hsforms.net/forms/ |
565 KB 144 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-378e68e29c265886.js
www.truesec.com/_next/static/chunks/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-91d7f78b5b4003c8.js
www.truesec.com/_next/static/chunks/ |
127 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-6211daef22b21f40.js
www.truesec.com/_next/static/chunks/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-52f1926b7bee734a.js
www.truesec.com/_next/static/chunks/pages/ |
199 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
970-e23970f384c7e268.js
www.truesec.com/_next/static/chunks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
691-c56c8bc5c3a58988.js
www.truesec.com/_next/static/chunks/ |
89 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
730-4aa6d1770d9f198c.js
www.truesec.com/_next/static/chunks/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
495-cbdeefa4a506e70f.js
www.truesec.com/_next/static/chunks/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
390-8e200378dbcd1428.js
www.truesec.com/_next/static/chunks/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
306-7f64258d7ae4576f.js
www.truesec.com/_next/static/chunks/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
590-991ce98b68b071a7.js
www.truesec.com/_next/static/chunks/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
255-86837ffa0af9bd87.js
www.truesec.com/_next/static/chunks/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
291-cfa71d80cf9c9a1f.js
www.truesec.com/_next/static/chunks/ |
42 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
735-e1d94f08788a00bc.js
www.truesec.com/_next/static/chunks/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
695-b201e41f9be8a9de.js
www.truesec.com/_next/static/chunks/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%5Bslug%5D-d27c36298b1d687f.js
www.truesec.com/_next/static/chunks/pages/hub/blog/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/ |
579 B 814 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_middlewareManifest.js
www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/ |
92 B 327 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iStock-1282287699.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ |
171 KB 172 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
atom-6-1.png
www.truesec.com/assets/patterns/ |
515 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fabio-viggiani-truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ |
62 KB 63 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-2048x1115.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ |
67 KB 67 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ |
58 KB 58 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sajad-nori-B5knZPjp8SY-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ |
42 KB 43 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mattias-wahlen-truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ |
7 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j3-tTwJ7xRQ-TEMP.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ |
94 KB 95 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kKcko4LdeSM
www.youtube.com/embed/ Frame 11B2 |
60 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dawid-zawila-fiu89zdeTQI-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ |
43 KB 44 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
silhouette-of-man-during-waiting-at-airport-WWUZ7G7-1.png
optimise2.assets-servd.host/jealous-emu/production/Blog/ |
11 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iStock-507713928.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ |
64 KB 64 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shutterstock_1962386719-1.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ |
38 KB 39 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unsplash-51-TEST.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ |
58 KB 59 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Martin-Tschammer-Truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Log4Shell-summary.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/2021/ |
58 KB 58 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Nicklas-Kejiser.jpeg
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/2021/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
erin-doering-Y1IDrgvDUW0-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Unsorted/ |
86 KB 86 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AndersO-portr%C3%A4tt.jpg
optimise2.assets-servd.host/jealous-emu/production/General/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font.woff2
www.truesec.com/fonts/NimbusSanReg/ |
41 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font.woff2
www.truesec.com/fonts/NimbusSanLig/ |
41 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jason-peter-Zkte7MW1j-I-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ |
16 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider-next-active.svg
www.truesec.com/assets/slider/ |
245 B 460 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider-prev-active.svg
www.truesec.com/assets/slider/ |
266 B 465 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font.woff2
www.truesec.com/fonts/NimbusSanExtReg/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SourceCodePro-Regular.woff2
www.truesec.com/fonts/SourceCode/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e3a542f3-ccea-4df6-b5e3-a9481f7b233b
forms.hsforms.com/embed/v3/form/5907437/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
170 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
www-player-webp.css
www.youtube.com/s/player/94ee882e/ Frame 11B2 |
340 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
www-embed-player.js
www.youtube.com/s/player/94ee882e/www-embed-player.vflset/ Frame 11B2 |
273 KB 84 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
base.js
www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/ Frame 11B2 |
2 MB 538 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fetch-polyfill.js
www.youtube.com/s/player/94ee882e/fetch-polyfill.vflset/ Frame 11B2 |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 11B2 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
submit-arrow.svg
www.truesec.com/assets/form/ |
243 B 457 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uc.js
consent.cookiebot.com/ |
91 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-939887.js
static.hotjar.com/c/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
id
googleads.g.doubleclick.net/pagead/ Frame 11B2 Redirect Chain
|
100 B 146 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 11B2 |
29 B 588 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remote.js
www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/ Frame 11B2 |
97 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5CvMVWGjgDRsR1jQ5WFSfGyoNmu5J8zZpcu7WmSRNPw.js
www.google.com/js/th/ Frame 11B2 |
35 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
embed.js
www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/ Frame 11B2 |
26 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 11B2 |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zhvy3_ZaC9Fllc_FZVQZpBSnm1b8plAtnKLDVX2VgAP-WOrgyQ5YNCQLf_G_jkHn6zk_zit2BVw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 11B2 |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maxresdefault.jpg
i.ytimg.com/vi/kKcko4LdeSM/ Frame 11B2 |
77 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v3.min.html
consentcdn.cookiebot.com/sdk/ Frame EEAC |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.923ec619fec69a542e35.js
script.hotjar.com/ |
229 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 11B2 |
4 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame DC2C |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
www.youtube.com/ Frame 11B2 |
0 9 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cast_sender.js
www.gstatic.com/eureka/clank/97/ Frame 11B2 |
53 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/939887/ |
146 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc.js
consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/ |
247 KB 56 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
293 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
landing
pagead2.googlesyndication.com/pagead/ |
42 B 548 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log_event
www.youtube.com/youtubei/v1/ Frame 11B2 |
28 B 54 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E object| HSFR object| _hsq function| hs_reqwest_0 object| dataLayer object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| CookieConsent object| CookieControl object| Cookiebot object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| CookiebotDialog object| CookieConsentDialog number| j string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: 2N-1jMKLycc |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: 8FAtR7CFnZQ |
|
.truesec.com/ | Name: _hjSessionUser_939887 Value: eyJpZCI6ImUxYzU2Mzg0LTFmNzItNTg4NC1iYTlmLTZjZjc4NjA3MmJiYiIsImNyZWF0ZWQiOjE2NDI3OTc5MzUzNDAsImV4aXN0aW5nIjpmYWxzZX0= |
|
.truesec.com/ | Name: _hjFirstSeen Value: 1 |
|
www.truesec.com/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.truesec.com/ | Name: _hjSession_939887 Value: eyJpZCI6IjI2ZmNlOTU3LWQwOTUtNDViMC04YjEzLTU0MjkxZDBmODZmNiIsImNyZWF0ZWQiOjE2NDI3OTc5MzU0NjEsImluU2FtcGxlIjpmYWxzZX0= |
|
www.truesec.com/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.truesec.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blog.truesec.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
i.ytimg.com
in.hotjar.com
js.hsforms.net
optimise2.assets-servd.host
pagead2.googlesyndication.com
script.hotjar.com
static.doubleclick.net
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.truesec.com
www.youtube.com
yt3.ggpht.com
13.32.121.116
18.64.79.89
18.66.2.81
2606:4700:20::ac43:4bc3
2606:4700::6810:5605
2606:4700::6811:b749
2a00:1450:4001:801::2016
2a00:1450:4001:803::2006
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a02:26f0:fb:594::f09
2a02:26f0:fb::5f64:99a9
52.48.184.63
76.76.21.93
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
06d612040bfa74fc2573e015a751bc17281f73495d4905944b6ee10a5b86979a
080e4e6a3bb5279ae05d16d94e7ff0bf70d9a754bc9595ba104d01cb823bfff0
0b0d6756194596a0da992634ad369f33e6c1cdead1dc3895acb7c46aead3ec3c
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
0d01c252e2958d9d1a858b1e3ef0c51e6e25c4495d6f9c8565ade0b730b4d757
18bfd108e0350640edd723648d8cea23363793faa49c2a54acc652a677708632
1c2322f6714f254f2166b732262d6fcf5066d626ebcc0a422a7023c9fc7e8d86
1cd4e4220b2281415687119e4dae5dc4d09fbf6f34cd947b236ae63043cf63f5
21f6af5d62976c60e60b84a6586ddd4c71d6969e3a2589c4f8a29774886a5de3
2298b4b48b280951e837943cc1ae31a64039c10ec7d36887bb3efeaab152363e
2466940e9f2f793bef82078165a0b979c59ea7c89c7a5840e9571f4e7eb3f2a1
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
27523667a1d79ed7e48da938fd4eb15565a47613054bff8f2b9ee6c1732f849c
2cb3703e579875fd7b74fd5f1e5e5b6212896b9b4e282465f51c236b3bc06587
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
3347be09e14b684dad1ea6d9817e34fd36e10bd4c4f0914daa054932344c1d7f
3d9167fcd69a3f621386a8135b60ea216b4362009414c8631166c66d7c935bde
3ddbeaa61005463a17ff6d9903ff1d73a158e04a10db88ede26fe7f6d7ece989
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40369b19cd79c958bce6eb17c8fee87a3fdf7d0df2c3ba1e4e3d95be466389cf
4095270bd9e0d892470abd5bf83c212222b8aa8d55734f307bb6b7382cd5af41
46802a692af6557a560d548bcd048a28966d2b68beb29083974943de82b818a3
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
59630935840a38c5b2a1c7191c2bea389e06888dbaf33946fd80c62474a5e8ae
5d64e84418e7133a5bb50d2b3b55677e8574e2d4e9d9ed869ea6dbb6f44c0a73
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
6243f3c77f193612648027475eaab6da009b985f0716acdfc021de263dd6f3c9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7219d0fd967b565f827df0e7675715faa0d539964f1e64144bdabf667f482644
762830592b8802db74cdfb05ba8842abcedf00f6d8663f7e6530648c22e82e93
7a1d4320bd3ecf9de6e4c4164f2aac7841d18d0d44c9a69ab9856bfd00b104a0
811d40810a5f80ed0ec016c290779f53b42b38889440630768f8906f381e6963
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e9f6d70d0113133af6e1cffa555a7a97a910c2883866ace15f050a058ec11d
8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892
8f095977b3c341c57870d8f8f96fd38c30d70c50eee6d8bacb41ff40030ad30e
9171a46ea05b0dc4401c5d7977a8e1979425ed485079803c9c602561dbc887bf
96222ba0ce213bcd48c79515accf42963dbe3011f979456790ebe264c9bfc193
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
a40013cc29ce42733279603b3399d01dfde26a90a84dd2b718d64fa63172b294
a463f197a33375cdbbe0b8aaa383f9219afbb4b6caba412fc7a642d146aeb9ef
aabbe635d60e29e016c4bca05f556554d00c0ff7b8cac21d1613fda08cb5419f
adfaf54621f479fda0fa70f3235cb7e8dc5c30a6b896e5e2c025ea0e8971d06d
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
b4e549236bea58a575189eda174e9e067193b6a7ef0448cbcbbec096370bb640
b808c79adcdbd5df211fb64d05e220a1cb48cae0245fb720e718c7658a1ee5f9
bf9feb7688cd103c0bbbfb0c53276e60d879063271a5650d156cc5348eedf3df
bfd3b7e70bb0380ea888f4a26ac88334b34cfbd49b3306cf0bf32a03aab2a7a3
c112122123af6e36a38d5da11b0ca4cf5a74d7f0f3dcd38b26c52ab33d0c0396
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c8a43f870820df1799336d8c4d25352b33b9acb521a57921763d0e3d2644605f
c931e84b0d28fb4eaca2ecf8dfb3d1b2b2537c1c916c0999411d755ce92f269c
cca2a4c5f7a241ec258225c2d1b1ae4ef61174f96ddbfa8d08ca71767f3b829a
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
ceb0ff6b7050576bc752e7a3c92710aec6c3b56af39935f5e4e58dcd226fb9ea
d47b9c5d7be62ddd3c18b7bda9ae7640bfbd39e0b78fd9c4dad34c25eafcabfb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d97d6a4eee498ffb32dc0f0d0754441e50fe36627d42accda8d9c29ec1e8981b
d9ead0fe0d24c8c5cd7a4054770d386ee803edafc29d0d4235d744b3c69788e4
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42bcc5561a380346c4758d0e561527c6ca8366bb927ccd9a5cbbb5a649134fc
e96d3e8936cbc8ccbadbaf7968f39563040f6456088e63d849d7306211da532c
ea6e008bc85376939c0d57f5852c176d87bc2f593bbf7e63b7036ac8eb014e2a
eccab74b9739bef8ec0f81f6e8be004093244e1981268e09ef9fdc413cd7ee19
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6836ff18d69e8f17a355b8a1b892b0eaaec6ce527c30eadd49f336a1234fa3
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
f3dd88318c0794527db64d8bf8e3193172f8b27f1e243f7308bd2a090255e412
f837149a0a9a2b92a8d7f152da2ef4e69b30f98ed029cddcfcaa76bf9883ffc1
f936ef3e674b7896b491821da2ac1c46d1108c1847f147ef8cea66bab43eb68a
fc0effce63aea3615c4806a936d3cd428b8ce33f0d6570a5e191dc1ba31d488b
fd33bbecf9cd62f171950662a1f7fd70377af80b2a8c6710b8b5f26fb379fa0a