urlscan.io logo urlscan.io
SecurityTrails logo

rmm.baghadadiat.com Open in urlscan Pro
134.122.32.225  Public Scan

Go To Rescan Add Verdict Report
URL: https://rmm.baghadadiat.com/
Submission: On June 18 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 37 HTTP transactions. The main IP is 134.122.32.225, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is rmm.baghadadiat.com.
TLS certificate: Issued by E5 on June 18th 2024. Valid for: 3 months.
This is the only time rmm.baghadadiat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 134.122.32.225 14061 (DIGITALOC...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 149.56.240.127 16276 (OVH)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
1 18.67.76.31 16509 (AMAZON-02)
2 3.140.60.57 16509 (AMAZON-02)
1 172.64.153.173 13335 (CLOUDFLAR...)
1 67.202.105.34 32748 (STEADFAST)
2 18.160.10.25 16509 (AMAZON-02)
1 23.53.35.113 20940 (AKAMAI-ASN1)
1 18.160.46.100 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 67.202.105.31 32748 (STEADFAST)
1 18.160.41.117 16509 (AMAZON-02)
1 23.53.35.106 20940 (AKAMAI-ASN1)
1 104.18.35.167 13335 (CLOUDFLAR...)
4 6 34.197.192.192 14618 (AMAZON-AES)
4 4 52.223.40.198 ()
1 2 54.84.125.193 14618 (AMAZON-AES)
37 21
10    134.122.32.225 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
rmm.baghadadiat.com
1    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:10::6814:1247 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
s4.histats.com
3    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
1    18.67.76.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-31.iad89.r.cloudfront.net
get.s-onetag.com
2    3.140.60.57 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-60-57.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    172.64.153.173 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
2    18.160.10.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-25.iad12.r.cloudfront.net
onetag-geo.s-onetag.com
1    23.53.35.113 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-35-113.deploy.static.akamaitechnologies.com
t.sharethis.com
1    18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
1    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    18.160.41.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-117.iad55.r.cloudfront.net
data-beacons.s-onetag.com
1    23.53.35.106 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-35-106.deploy.static.akamaitechnologies.com
t.sharethis.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-tc.33across.com
6    34.197.192.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com
ps.eyeota.net
4    52.223.40.198 (None, )

ASN- ()
match.adsrvr.org
2    54.84.125.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-125-193.compute-1.amazonaws.com
ap.lijit.com
Apex Domain
Subdomains		 Transfer
10 baghadadiat.com
rmm.baghadadiat.com
98 KB
6 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1244
3 KB
4 adsrvr.org
match.adsrvr.org
1 KB
4 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 14859
t.sharethis.com — Cisco Umbrella Rank: 6895
5 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5253
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 7473
data-beacons.s-onetag.com — Cisco Umbrella Rank: 11420
11 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 18489
ic.tynt.com — Cisco Umbrella Rank: 15284
de.tynt.com — Cisco Umbrella Rank: 1657
8 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 12034
t.dtscout.com — Cisco Umbrella Rank: 10272
4 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 836
673 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 10177
s4.histats.com — Cisco Umbrella Rank: 10383
5 KB
1 33across.com
cdn-tc.33across.com — Cisco Umbrella Rank: 40446
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 10999
599 B
1 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1292
19 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
0 intentiq.com Failed
api.intentiq.com Failed
0 doubleclick.net Failed
cm.g.doubleclick.net Failed
37 16
Domain Requested by
10 rmm.baghadadiat.com rmm.baghadadiat.com
6 ps.eyeota.net 4 redirects rmm.baghadadiat.com
4 match.adsrvr.org 4 redirects
2 ap.lijit.com 1 redirects rmm.baghadadiat.com
2 t.sharethis.com pd.sharethis.com
t.sharethis.com
2 onetag-geo.s-onetag.com get.s-onetag.com
2 pd.sharethis.com e.dtscout.com
rmm.baghadadiat.com
2 t.dtscout.com e.dtscout.com
1 cdn-tc.33across.com de.tynt.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 de.tynt.com cdn.tynt.com
1 t.dtscdn.com e.dtscout.com
1 tags.crwdcntrl.net e.dtscout.com
1 ic.tynt.com rmm.baghadadiat.com
1 cdn.tynt.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 fonts.gstatic.com fonts.googleapis.com
1 s10.histats.com rmm.baghadadiat.com
1 fonts.googleapis.com rmm.baghadadiat.com
0 api.intentiq.com Failed data-beacons.s-onetag.com
0 cm.g.doubleclick.net Failed rmm.baghadadiat.com
37 23

This site contains no links.

Subject Issuer Validity Valid
rmm.baghadadiat.com
E5		 2024-06-18 -
2024-09-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
s10.histats.com
E5		 2024-06-09 -
2024-09-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
dtscout.com
GTS CA 1P5		 2024-05-15 -
2024-08-13		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-20		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
cert1-prod.aut.a24365.net
R10		 2024-06-10 -
2024-09-08		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
dtscdn.com
GTS CA 1P5		 2024-05-11 -
2024-08-09		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh

This page contains 5 frames:

Primary Page: https://rmm.baghadadiat.com/
Frame ID: BDA1543A907BBEB9C094D141150BC5EC
Requests: 33 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C3017187360928F312433E016627177
Frame ID: 3EF53730BA9F2DE74F278F470BA08752
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1401.23387&cid=c010&cls=C
Frame ID: 6EAF1A1CEC68C4A8878F926EDC060D25
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: E6CF9116B91ED4A20A151D7A3F8F73D4
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=72328
Frame ID: A21F7BD33060A7144A733A694C1B06F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RMM Info

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

84 %
HTTPS

24 %
IPv6

16
Domains

23
Subdomains

21
IPs

4
Countries

202 kB
Transfer

602 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C3017187360928F312433E016627177 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=da1f7077414d6123 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=38be63dd-12d1-43b7-6710-d4cf8d05e21e&reqId=107e98e4-cf2f-42c5-671f-671f43ed2234&zcluid=da1f7077414d6123&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=38be63dd-12d1-43b7-6710-d4cf8d05e21e&reqId=107e98e4-cf2f-42c5-671f-671f43ed2234&zcluid=da1f7077414d6123&zdid=1332&google_tc=
Request Chain 32
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=k3eNWWZx1N0HOLzCAA1N7g%3D%3D&us_privacy=&33random=1718736093235.1&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=k3eNWWZx1N0HOLzCAA1N7g%3D%3D&us_privacy=&33random=1718736093235.1&cat=33across HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=4853879c-8bb3-4253-8a61-4463e71319c8&bid=1e2n4ou
Request Chain 33
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=k3eNWWZx1N0HOLzCAA1N7g%3D%3D&us_privacy=&33random=1718736093235.3&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=k3eNWWZx1N0HOLzCAA1N7g%3D%3D&us_privacy=&33random=1718736093235.3&cat=33across HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=2bb99e01-c39f-4888-afa5-3913764b588e&bid=1e2n4ou
Request Chain 34
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rmm.baghadadiat.com/ 		133 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
660659d229d476731a22c5c872d8f6d92b2249b0739f55f6159b89d1f5eacb93

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-length
40480
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 18:41:29 GMT
link
<https://rmm.baghadadiat.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache-control
no-cache
x-litespeed-tag
048_HTTP.200,048_home,048_URL.6666cd76f96956469e7be39d750cc7d9,048_F,048_
x-ua-compatible
IE=edge
style.min.css
rmm.baghadadiat.com/wp-includes/css/dist/block-library/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 18 Jun 2024 04:19:13 GMT
server
LiteSpeed
etag
"1bae5-66710ac1-13f797;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13743
expires
Tue, 25 Jun 2024 18:41:30 GMT
main.min.css
rmm.baghadadiat.com/wp-content/themes/generatepress/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 05 Mar 2024 07:31:39 GMT
server
LiteSpeed
etag
"4c6c-65e6ca5b-141801;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4372
expires
Tue, 25 Jun 2024 18:41:30 GMT
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2Cregular%2Citalic%2C600%2C700&display=auto&ver=3.4.0
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2e4537e92ee06780895bca5b7c31216e42b5bf36a2b79b67b63c129f2725c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 18:27:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 18:41:30 GMT
featured-images.min.css
rmm.baghadadiat.com/wp-content/plugins/gp-premium/blog/functions/css/ 		3 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.4.0
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 05 Mar 2024 07:32:01 GMT
server
LiteSpeed
etag
"cdd-65e6ca71-14165a;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
421
expires
Tue, 25 Jun 2024 18:41:30 GMT
navigation-branding-flex.min.css
rmm.baghadadiat.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 		3 KB
610 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding-flex.min.css?ver=2.4.0
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 05 Mar 2024 07:32:01 GMT
server
LiteSpeed
etag
"a06-65e6ca71-1416d8;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
544
expires
Tue, 25 Jun 2024 18:41:30 GMT
jquery.min.js
rmm.baghadadiat.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 18 Jun 2024 04:19:13 GMT
server
LiteSpeed
etag
"15601-66710ac1-13f9a6;br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
29597
sticky.min.js
rmm.baghadadiat.com/wp-content/plugins/gp-premium/menu-plus/functions/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.4.0
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
57d35f39158ef6990a75261c466b5c93e3f441b5b05426a35975fc3f31c19c45

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 05 Mar 2024 07:32:01 GMT
server
LiteSpeed
etag
"214c-65e6ca71-1416e1;br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2665
menu.min.js
rmm.baghadadiat.com/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 05 Mar 2024 07:31:39 GMT
server
LiteSpeed
etag
"1b2d-65e6ca5b-141823;br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1549
modal.js
rmm.baghadadiat.com/wp-content/themes/generatepress/assets/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-content/themes/generatepress/assets/dist/modal.js?ver=3.4.0
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
91b2dc9cd7ac64ecf6e58b3a6929024bb30b9af8de18de40d63e10ec4fbb35ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 05 Mar 2024 07:31:39 GMT
server
LiteSpeed
etag
"d65-65e6ca5b-141826;br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1283
74e9dd20-47c6-48b1-9f78-962ee1fc5307
https://rmm.baghadadiat.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://rmm.baghadadiat.com/74e9dd20-47c6-48b1-9f78-962ee1fc5307
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
84317
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
895d69f9bcffabdc-YYZ
content-length
4547
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2Cregular%2Citalic%2C600%2C700&display=auto&ver=3.4.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://rmm.baghadadiat.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:51:19 GMT
x-content-type-options
nosniff
age
215412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Jun 2025 06:51:19 GMT
wp-emoji-release.min.js
rmm.baghadadiat.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rmm.baghadadiat.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
134.122.32.225 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:30 GMT
content-encoding
br
last-modified
Tue, 18 Jun 2024 04:19:13 GMT
server
LiteSpeed
etag
"4926-66710ac1-13f7f7;br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4630
0.php
s4.histats.com/stats/ 		378 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4875464&@f16&@g1&@h1&@i1&@j1718736091279&@k0&@l1&@mRMM%20Info&@n0&@o1000&@q0&@r0&@s0&@ten-CA&@u1600&@b1:182268008&@b3:1718736091&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Frmm.baghadadiat.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
e998e43c93058fc4744c7820c1769adcca45e4470d49de1bc40120cf48b0e70b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 18:41:31 GMT
Connection
close
Content-Length
378
Content-Type
text/html;charset=UTF-8
/
e.dtscout.com/e/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frmm.baghadadiat.com%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4875464&@f16&@g1&@h1&@i1&@j1718736091279&@k0&@l1&@mRMM%20Info&@n0&@o1000&@q0&@r0&@s0&@ten-CA&@u1600&@b1:182268008&@b3:1718736091&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Frmm.baghadadiat.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e257393828e7b42821f4cc102b52dc744ea8b5bf6f46f52a5b6c03f6126ba38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:32 GMT
x-t
0.218
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=93lMyOwfvGqHO9oIBVdAMXrfJJa82apj%2B309OudO28s1Eyz5zzrm2EofeeIjtQ5rfRGQh4Pl%2FWDBPm1ptMbQunp8Xk6PJ2djEnAWsHI0OzQMvKRYf6k%2B3BASRo5Z6MU11GPgHAR3PluJgoU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl3
cf-ray
895d69ffb8941121-ORD
expires
Tue, 18 Jun 2024 18:41:31 GMT
/
t.dtscout.com/idg/ Frame 3EF5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=4C3017187360928F312433E016627177
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frmm.baghadadiat.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://rmm.baghadadiat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
895d6a031d261106-ORD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 18:41:32 GMT
expires
Tue, 18 Jun 2024 18:41:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfuweIcQOXiJ9M3or6CBhRdxussdXpZP0RLmh2NmX6LrxY3XAMms1zMUjzWivbu2z%2BCgpTldfoJ3otXgvYwCOuspPxD4uweC1pnu9PxG5SKBy2Z8YgK3US7HDydF5h326wIAoWrwULkm4XY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frmm.baghadadiat.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-31.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c8ce49ea0bca4a25c06125706d379cd2786025153ced2d4ddcf7a1a9f8a2972

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Pe6GIZEM6dgqeqUvm6LottgOapPgk7ue
content-encoding
gzip
via
1.1 ec18462cf9d88c8bdb0cd5e50dbe442a.cloudfront.net (CloudFront)
date
Tue, 18 Jun 2024 08:57:47 GMT
last-modified
Tue, 27 Feb 2024 18:38:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
35026
x-amz-server-side-encryption
AES256
etag
W/"20ad935553b73dd8a08c669492e0a0a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
KSA8gxGXT0VlG0kWrq0AZq0L4-HT2wHLErumP5x2oGps1Qt97yWteg==
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frmm.baghadadiat.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.60.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-60-57.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
bc00bc39c17386255fe75f8bcddd024201ac31c53489ee3010eb740aeaa879bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 18:41:32 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frmm.baghadadiat.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
server
cloudflare
age
185765
etag
W/"651ed192-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
895d6a026836aac0-YYZ
expires
Fri, 21 Jun 2024 18:41:32 GMT
/
t.dtscout.com/pv/ 		51 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=rmm.baghadadiat.com&_ss=7e6hgyns07&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=4idf&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frmm.baghadadiat.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce38152f6506ebc9e2f28a68ec629a2c6f2929184b84bc59d73fb0449ddcd5ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:32 GMT
x-t
0.154
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JUta1iVFI93MkSmFT8orZuCmEDnN2cSZ%2B3j9KA6dQ6Q5Es3N0vMuw6WKMGS5Oldlmxy7LwXgWj7LZxh8hganntKaAb%2FJRVK%2BU0feTUc1JCs5pOCehebm9k81Yy%2F3Pyttzr5NTa2G6JsonpE%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
895d6a00ba581121-ORD
expires
Tue, 18 Jun 2024 18:41:31 GMT
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1718736092648&dn=AFWU&iso=0&pu=https%3A%2F%2Frmm.baghadadiat.com%2F&t=RMM%20Info&chpv=10.0.0&chuav=Not%2FA)Brand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D126.0.6478.61%2C%20Google%20Chrome%3Bv%3D126.0.6478.61&chp=Win32&chmob=0&chua=Google%20Chrome%3Bv%3D126%2C%20Not%3AA-Brand%3Bv%3D8%2C%20Chromium%3Bv%3D126
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:33 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
/
onetag-geo.s-onetag.com/ 		535 B
951 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-25.iad12.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 10:43:25 GMT
via
1.1 a27022837959b6f70545c8d6d0de9d04.cloudfront.net (CloudFront), 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, IAD12-P3
age
28688
x-amzn-requestid
9f296b41-09e8-4c70-a064-f169a7b48491
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
ZjywNGH6iYcEF8Q=
content-length
535
x-amz-cf-id
OQ8HfqifU3Z86uEBW3KokXz8ovZBM6T3uxFqaLGaq9ryd5Gp43dAcw==
/
onetag-geo.s-onetag.com/ 		535 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-25.iad12.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 10:43:25 GMT
via
1.1 a27022837959b6f70545c8d6d0de9d04.cloudfront.net (CloudFront), 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, IAD12-P3
age
28688
x-amzn-requestid
9f296b41-09e8-4c70-a064-f169a7b48491
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
ZjywNGH6iYcEF8Q=
content-length
535
x-amz-cf-id
OQ8HfqifU3Z86uEBW3KokXz8ovZBM6T3uxFqaLGaq9ryd5Gp43dAcw==
t.dhj
t.sharethis.com/1/k/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.07497536197393062&stid=ZHwACWZx1NwAAAAIIB7wAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.113 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e18274e8fcf59b7c2ac17ba86eba62d55da874852de628e690e19f0d886a8471
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 18:41:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1363
Expires
Tue, 18 Jun 2024 19:41:33 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Frmm.baghadadiat.com%2F&event_source=dtscout&rnd=0.07497536197393062&exptid=ZHwACWZx1NwAAAAIIB7wAw%3D%3D&fcmp=false
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.60.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-60-57.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 18:41:32 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frmm.baghadadiat.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f48c893a654f568c3373c81304998a26837c9f9816b6d6afb72596903eafbf37

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:30:20 GMT
content-encoding
gzip
via
1.1 860065ea331017b0ace9fee85adf8e5c.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jun 2024 13:19:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
674
etag
W/"6189336214153efc9ca460848b3cf18a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
2t1AZAPHyENRWIctWGE7srPlQF1tc8CmHMgkOpTHvTVv_9GajF3-hg==
/
t.dtscdn.com/widget/ 		0
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=4C3017187360928F312433E016627177&nid=300&p=2114454483&t=420&s=1600x1200x24&u=https%3A%2F%2Frmm.baghadadiat.com%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frmm.baghadadiat.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:41:33 GMT
x-t
1.03
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tg8vjO751o8ZT9pzHT0g8jX6rwsLQM5K4P7SOEwYROsMRk8MHSNA1To6xwkivjxVgfSChNVwYmobmNLkX7%2F0ivEtQVfvNgAZh6dDzjJtVd8D2SIhagAXzGiCZ2%2FVGXqExEyUt87xnUtvzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web13.ny1.dtscdn.com
cf-ray
895d6a068d0e36d3-YYZ
expires
Tue, 18 Jun 2024 17:59:55 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C3017187360928F312433E016627177
  • https://spl.zeotap.com/?zdid=1332&zcluid=da1f7077414d6123
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=38be63dd-12d1-43b7-6710-d4cf8d05e21e&reqId=107e98e4-cf2f-42c5-671f-671f43ed2234&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=38be63dd-12d1-43b7-6710-d4cf8d05e21e&reqId=107e98e4-cf2f-42c5-671f-671f43ed2234&zclu...
0
0
v2
de.tynt.com/deb/ 		811 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chpv=10.0.0&chuav=Not%2FA)Brand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D126.0.6478.61%2C%20Google%20Chrome%3Bv%3D126.0.6478.61&chp=Win32&chmob=0&chua=Google%20Chrome%3Bv%3D126%2C%20Not%3AA-Brand%3Bv%3D8%2C%20Chromium%3Bv%3D126&r=&pu=https%3A%2F%2Frmm.baghadadiat.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
a7066be50a30a96a63dbe0c674e74215b30350830df6144dca8f872f4ef32f53

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 18 Jun 2024 18:41:32 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
811
expires
Sat, 26 Jul 1997 05:00:00 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-117.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e163818928211f02c67e6e681d6eaa2836d0b76bf6f7d788d2ac8b3559006cd1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rmm.baghadadiat.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
qPB_DsY9PcNoqTcQmlYVavIgcqbEMkpN
content-encoding
gzip
via
1.1 eb30892e0d329aead17e943e1b1cc5ae.cloudfront.net (CloudFront)
date
Tue, 18 Jun 2024 18:10:00 GMT
last-modified
Mon, 26 Feb 2024 21:11:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P1
age
1894
etag
W/"55d68040e85314adc43d0fc5d17f0b10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
eSvn4r0PG9YpBSe1Fq4m2_ReQlU5YCU5iarkiMOPFnzPmIaB9c5rSw==
t_.htm
t.sharethis.com/a/ Frame 6EAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1401.23387&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.07497536197393062&stid=ZHwACWZx1NwAAAAIIB7wAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.106 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://rmm.baghadadiat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1174
Content-Type
text/html
Date
Tue, 18 Jun 2024 18:41:33 GMT
Expires
Tue, 25 Jun 2024 18:41:33 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
lotame-sync.html
cdn-tc.33across.com/ Frame E6CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chpv=10.0.0&chuav=Not%2FA)Brand%3Bv%3D8.0.0.0%2C%20Chromium%3Bv%3D126.0.6478.61%2C%20Google%20Chrome%3Bv%3D126.0.6478.61&chp=Win32&chmob=0&chua=Google%20Chrome%3Bv%3D126%2C%20Not%3AA-Brand%3Bv%3D8%2C%20Chromium%3Bv%3D126&r=&pu=https%3A%2F%2Frmm.baghadadiat.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://rmm.baghadadiat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
213549
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
895d6a092fe6ac09-YYZ
content-encoding
gzip
content-type
text/html
date
Tue, 18 Jun 2024 18:41:33 GMT
etag
W/"651ed188-157"
expires
Fri, 21 Jun 2024 18:41:33 GMT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
vary
Accept-Encoding
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=k3eNWWZx1N0HOLzCAA1N7g%3D%3D&us_privacy=&33random=1718736093235.1&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=k3eNWWZx1N0HOLzCAA1N7g%3D%3D&us_privacy=&33random=1718736093235.1&cat=33across
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=4853879c-8bb3-4253-8a61-4463e71319c8&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=4853879c-8bb3-4253-8a61-4463e71319c8&bid=1e2n4ou
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://rmm.baghadadiat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 18 Jun 2024 18:41:34 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=4853879c-8bb3-4253-8a61-4463e71319c8&bid=1e2n4ou
date
Tue, 18 Jun 2024 18:41:34 GMT
server
Kestrel
content-length
191
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=k3eNWWZx1N0HOLzCAA1N7g%3D%3D&us_privacy=&33random=1718736093235.3&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=k3eNWWZx1N0HOLzCAA1N7g%3D%3D&us_privacy=&33random=1718736093235.3&cat=33across
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=2bb99e01-c39f-4888-afa5-3913764b588e&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=2bb99e01-c39f-4888-afa5-3913764b588e&bid=1e2n4ou
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://rmm.baghadadiat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 18 Jun 2024 18:41:34 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=2bb99e01-c39f-4888-afa5-3913764b588e&bid=1e2n4ou
date
Tue, 18 Jun 2024 18:41:34 GMT
server
Kestrel
content-length
191
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
323 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: rmm.baghadadiat.com
URL: https://rmm.baghadadiat.com/
Protocol
H2
Server
54.84.125.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-125-193.compute-1.amazonaws.com
Software
/
Resource Hash
10546142cb9f649162ad875c10d7fa2f562dd9c0de2824f6f544a9d6fb4c782b

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://rmm.baghadadiat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 18 Jun 2024 18:41:34 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://rmm.baghadadiat.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
61

Redirect headers

date
Tue, 18 Jun 2024 18:41:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
access-control-allow-origin
https://rmm.baghadadiat.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame A21F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=38be63dd-12d1-43b7-6710-d4cf8d05e21e&reqId=107e98e4-cf2f-42c5-671f-671f43ed2234&zcluid=da1f7077414d6123&zdid=1332&google_tc=
Domain
api.intentiq.com
URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=72328

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| _wpemojiSettings undefined| $ function| jQuery object| _Hasync function| generateStickyDebounce object| generatepressMenu function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| twemoji object| wp function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| a object| cv object| Tynt object| _dtspv object| _33Across function| __uspapi object| __connect object| lotame_3825 number| char function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_ma object| lt3825_na object| lt3825_p object| lt3825_y object| lt3825_Oa object| lt3825_6 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_ka function| lt3825_la function| lt3825_o function| lt3825_q function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_v function| lt3825_w function| lt3825_ra function| lt3825_oa function| lt3825_pa function| lt3825_sa function| lt3825_qa function| lt3825_ta function| lt3825_x function| lt3825_z function| lt3825_ua function| lt3825_r function| lt3825_A function| lt3825_B function| lt3825_va function| lt3825_wa function| lt3825_D function| lt3825_C function| lt3825_xa function| lt3825_ya function| lt3825_E function| lt3825_F function| lt3825_za function| lt3825_G function| lt3825_H function| lt3825_I function| lt3825_Aa function| lt3825_Ba function| lt3825_K function| lt3825_Ca function| lt3825_L function| lt3825_J function| lt3825_Da function| lt3825_Ea function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_M function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_N function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_Ya function| lt3825_Za function| lt3825__a function| lt3825_O function| lt3825_P function| lt3825_0a function| lt3825_Q function| lt3825_R function| lt3825_1a function| lt3825_2a function| lt3825_3a function| lt3825_S function| lt3825_T function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_4a function| lt3825_7a function| lt3825_6a function| lt3825_5a function| lt3825_X function| lt3825_Y function| lt3825_8a function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_$a function| lt3825_bb function| lt3825_ab function| lt3825_db function| lt3825_9a function| lt3825_cb function| lt3825_2 function| lt3825_gb function| lt3825_ib function| lt3825_1 function| lt3825_hb function| lt3825_3 function| lt3825_eb function| lt3825_fb function| lt3825_jb function| lt3825_kb function| lt3825_ob function| lt3825_lb function| lt3825_mb function| lt3825_nb function| lt3825_pb function| lt3825_rb function| lt3825_qb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_4 function| lt3825_5 function| lt3825_wb function| lt3825_xb function| lt3825_yb function| lt3825_zb function| lt3825_Ab function| lt3825_Bb function| lt3825_Cb function| lt3825_Db function| lt3825_Eb function| lt3825_Fb function| lt3825_7 function| lt3825_Ib function| lt3825_Jb function| lt3825_Hb function| lt3825_Gb function| lt3825_Lb function| lt3825_Kb function| lt3825_Nb function| lt3825_Mb function| lt3825_Ob function| lt3825_Pb function| lt3825_Qb function| lt3825_Rb function| lt3825_Sb function| lt3825_Tb function| lt3825_Vb function| lt3825_Yb function| lt3825_Xb function| lt3825_Ub function| lt3825_0b function| lt3825_Wb function| lt3825_Zb function| lt3825_2b function| lt3825_1b function| lt3825_3b function| lt3825__b function| lt3825_4b function| lt3825_5b function| lt3825_6b function| lt3825_8 function| lt3825_7b function| lt3825_8b function| lt3825_9b function| lt3825_$b function| lt3825_ac function| lt3825_9 function| lt3825_bc function| lt3825_cc function| lt3825_dc function| lt3825_ec function| lt3825_fc function| lt3825_gc function| lt3825_hc function| lt3825_$ function| lt3825_ic function| lt3825_kc function| lt3825_lc function| lt3825_mc function| lt3825_jc object| __underground function| arrive function| unbindArrive function| leave function| unbindLeave

25 Cookies

Domain/Path Name / Value
rmm.baghadadiat.com/ Name: HstCfa4875464
Value: 1718736091279
rmm.baghadadiat.com/ Name: HstCla4875464
Value: 1718736091279
rmm.baghadadiat.com/ Name: HstCmu4875464
Value: 1718736091279
rmm.baghadadiat.com/ Name: HstPn4875464
Value: 1
rmm.baghadadiat.com/ Name: HstPt4875464
Value: 1
rmm.baghadadiat.com/ Name: HstCnv4875464
Value: 1
rmm.baghadadiat.com/ Name: HstCns4875464
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1718736092
.dtscout.com/ Name: l
Value: 4C3017187360928F312433E016627177
.sharethis.com/ Name: __stid
Value: ZHwACWZx1NwAAAAIIB7wAw==
.sharethis.com/ Name: __stidv
Value: 2
.baghadadiat.com/ Name: __dtsu
Value: 4C3017187360928F312433E016627177
.tynt.com/ Name: uid
Value: k3eNWWZx1N0HOLzCAA1N7g==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1718736093235%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1718736093235%7D%5D
.dtscdn.com/ Name: uid
Value: 4C3017187360928F312433E016627177
.onaudience.com/ Name: cookie
Value: da1f7077414d6123
.onaudience.com/ Name: done_redirects219
Value: 1
.eyeota.net/ Name: mako_uid
Value: 1902ca78244-17820000010a5426
.eyeota.net/ Name: SERVERID
Value: 21542~DM
.lijit.com/ Name: ljt_reader
Value: I2ShASZHyU1eYNp3Qd-l8XjZ
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1718736094233
.zeotap.com/ Name: zc
Value: 38be63dd-12d1-43b7-6710-d4cf8d05e21e
.zeotap.com/ Name: zsc
Value: %85w%D0%E9%7FX%DD%FF%FD%CD%E5%DC%B7%F0%1An%F4%21j%5D%B3%E17y%0D%E3%12%84m%E8%8B%B7rG%1A%0B%2F%2CQw%EB%E0Q%2A%05%09%84%9C%3C%8A%EA%9E%D3+58%EA8%11%87j%B9%F4%9B%86p%F3%C7%FBS%19%92%D0%16%B9%29%88%08%97%13B3Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.lijit.com
api.intentiq.com
cdn-tc.33across.com
cdn.tynt.com
cm.g.doubleclick.net
data-beacons.s-onetag.com
de.tynt.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
ic.tynt.com
match.adsrvr.org
onetag-geo.s-onetag.com
pd.sharethis.com
ps.eyeota.net
rmm.baghadadiat.com
s10.histats.com
s4.histats.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.crwdcntrl.net
api.intentiq.com
cm.g.doubleclick.net
104.18.35.167
134.122.32.225
149.56.240.127
172.64.153.173
18.160.10.25
18.160.41.117
18.160.46.100
18.67.76.31
23.53.35.106
23.53.35.113
2606:4700:10::6814:1247
2606:4700:20::681a:c3c
2606:4700:21::8d65:780a
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5f
3.140.60.57
34.197.192.192
52.223.40.198
54.84.125.193
67.202.105.31
67.202.105.34
10546142cb9f649162ad875c10d7fa2f562dd9c0de2824f6f544a9d6fb4c782b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
57d35f39158ef6990a75261c466b5c93e3f441b5b05426a35975fc3f31c19c45
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
660659d229d476731a22c5c872d8f6d92b2249b0739f55f6159b89d1f5eacb93
7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c8ce49ea0bca4a25c06125706d379cd2786025153ced2d4ddcf7a1a9f8a2972
91b2dc9cd7ac64ecf6e58b3a6929024bb30b9af8de18de40d63e10ec4fbb35ea
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9e257393828e7b42821f4cc102b52dc744ea8b5bf6f46f52a5b6c03f6126ba38
a7066be50a30a96a63dbe0c674e74215b30350830df6144dca8f872f4ef32f53
bc00bc39c17386255fe75f8bcddd024201ac31c53489ee3010eb740aeaa879bc
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce38152f6506ebc9e2f28a68ec629a2c6f2929184b84bc59d73fb0449ddcd5ed
d2e4537e92ee06780895bca5b7c31216e42b5bf36a2b79b67b63c129f2725c89
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e163818928211f02c67e6e681d6eaa2836d0b76bf6f7d788d2ac8b3559006cd1
e18274e8fcf59b7c2ac17ba86eba62d55da874852de628e690e19f0d886a8471
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e998e43c93058fc4744c7820c1769adcca45e4470d49de1bc40120cf48b0e70b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48c893a654f568c3373c81304998a26837c9f9816b6d6afb72596903eafbf37