tabdeal.org
Open in
urlscan Pro
2a06:98c1:3120::7
Public Scan
Effective URL: https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Submission: On February 21 via manual from IR — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 2nd 2021. Valid for: a year.
This is the only time tabdeal.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com |
ASN13335 (CLOUDFLARENET, US)
cdn.yektanet.com | |
audience.yektanet.com | |
ua.yektanet.com |
ASN43754 (ASIATECH, IR)
PTR: irmx53.parsnafe.com
cdn.tavoos.net |
ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o489718.ingest.sentry.io |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net
vars.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
tabdeal.org
tabdeal.org |
831 KB |
7 |
sabavision.com
plus.sabavision.com — Cisco Umbrella Rank: 59743 |
7 KB |
7 |
yektanet.com
1 redirects
cdn.yektanet.com — Cisco Umbrella Rank: 40483 audience.yektanet.com — Cisco Umbrella Rank: 43999 ua.yektanet.com — Cisco Umbrella Rank: 43173 |
28 KB |
6 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 1248 h.clarity.ms — Cisco Umbrella Rank: 2011 c.clarity.ms — Cisco Umbrella Rank: 693 |
24 KB |
6 |
crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 19362 |
138 KB |
5 |
najva.com
1 redirects
app.najva.com — Cisco Umbrella Rank: 56865 van.najva.com — Cisco Umbrella Rank: 63240 cookie.najva.com — Cisco Umbrella Rank: 292084 |
47 KB |
4 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 574 script.hotjar.com — Cisco Umbrella Rank: 726 vars.hotjar.com — Cisco Umbrella Rank: 809 |
68 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50 |
226 KB |
3 |
google.de
www.google.de — Cisco Umbrella Rank: 6342 |
628 B |
3 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 |
2 KB |
3 |
google.com
analytics.google.com — Cisco Umbrella Rank: 861 www.google.com — Cisco Umbrella Rank: 2 |
909 B |
3 |
sanjagh.com
cdn.sanjagh.com — Cisco Umbrella Rank: 107352 api.sanjagh.com — Cisco Umbrella Rank: 111156 |
20 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
20 KB |
2 |
tavoos.net
cdn.tavoos.net — Cisco Umbrella Rank: 563745 sniper.tavoos.net |
2 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 212 |
554 B |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99 |
15 KB |
1 |
sentry.io
o489718.ingest.sentry.io |
242 B |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1184 |
5 KB |
1 |
tbdl.io
1 redirects
tbdl.io |
869 B |
83 | 19 |
Domain | Requested by | |
---|---|---|
27 | tabdeal.org |
tabdeal.org
|
7 | plus.sabavision.com |
www.googletagmanager.com
plus.sabavision.com tabdeal.org |
6 | client.crisp.chat |
tabdeal.org
client.crisp.chat |
4 | ua.yektanet.com |
1 redirects
cdn.yektanet.com
ua.yektanet.com |
4 | www.googletagmanager.com |
tabdeal.org
www.googletagmanager.com |
3 | h.clarity.ms |
www.clarity.ms
tabdeal.org |
3 | www.google.de |
tabdeal.org
|
3 | www.google-analytics.com |
www.googletagmanager.com
tabdeal.org |
2 | van.najva.com |
tabdeal.org
|
2 | app.najva.com |
1 redirects
tabdeal.org
|
2 | api.sanjagh.com |
tabdeal.org
|
2 | c.clarity.ms |
1 redirects
tabdeal.org
|
2 | www.google.com |
tabdeal.org
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
tabdeal.org |
2 | cdn.yektanet.com |
tabdeal.org
app.najva.com |
2 | static.hotjar.com |
www.googletagmanager.com
tabdeal.org |
1 | cookie.najva.com | |
1 | sniper.tavoos.net |
tabdeal.org
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | c.bing.com | 1 redirects |
1 | audience.yektanet.com |
tabdeal.org
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | o489718.ingest.sentry.io |
tabdeal.org
|
1 | cdn.tavoos.net |
tabdeal.org
|
1 | cdn.sanjagh.com |
tabdeal.org
|
1 | www.clarity.ms |
tabdeal.org
|
1 | static.cloudflareinsights.com |
tabdeal.org
|
1 | tbdl.io | 1 redirects |
83 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.tabdeal.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-10-02 - 2022-10-01 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
crisp.chat Cloudflare Inc ECC CA-3 |
2021-07-08 - 2022-07-07 |
a year | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-01 - 2022-06-01 |
a year | crt.sh |
sanjagh.com R3 |
2021-12-11 - 2022-03-11 |
3 months | crt.sh |
*.sabavision.com Certum Domain Validation CA SHA2 |
2020-03-02 - 2022-03-02 |
2 years | crt.sh |
*.tavoos.net Certum Domain Validation CA SHA2 |
2021-06-23 - 2022-06-23 |
a year | crt.sh |
*.ingest.sentry.io R3 |
2021-12-23 - 2022-03-23 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
a.clarity.ms Microsoft RSA TLS CA 01 |
2021-07-27 - 2022-07-27 |
a year | crt.sh |
app.najva.com R3 |
2022-01-04 - 2022-04-04 |
3 months | crt.sh |
van.najva.com R3 |
2021-12-31 - 2022-03-31 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men
Frame ID: 856BB774D7E53FC7396DCD94584C94EE
Requests: 75 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: F15742B2582FA7495CF893CF069DCF38
Requests: 1 HTTP requests in this frame
Frame:
https://plus.sabavision.com/dmp/dox/iframe.html
Frame ID: 5ECF6066F15D4838E9BA8AC06EA45723
Requests: 2 HTTP requests in this frame
Frame:
https://ua.yektanet.com/cookie/iframe/
Frame ID: A0DFCA78ECBDB0FD7BD3FEFEE4C36C4E
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
صرافی تبدیل | صرافی ارز دیجیتال - خرید و فروش ارزهای دیجیتالPage URL History Show full URLs
-
https://tbdl.io/8NLkQ/
HTTP 302
https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men Page URL
Detected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- /_nuxt/
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: راهنمای گام به گام
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tbdl.io/8NLkQ/
HTTP 302
https://tabdeal.org/winter-festival?utm_source=sms&utm_medium=paid&utm_campaign=tehran-men Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 59- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=8B2EFC937F044FFFBF7244791B8CD090&RedC=c.clarity.ms&MXFR=34241CAA587168F23E900DF85C716686 HTTP 302
- https://c.clarity.ms/c.gif?CtsSyncId=8B2EFC937F044FFFBF7244791B8CD090&MUID=3177E95D6E986FB301D1F80F6FF36E0F
- https://app.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017 HTTP 301
- https://van.najva.com/static/js/scripts/tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js?v=202201021017
- https://ua.yektanet.com/pixel?id=njv-email HTTP 302
- https://cookie.najva.com/matching/?yektanet_user_id=3c226fc1-196b1-12f60-090c5-5ecc48e795341&njc=
83 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
winter-festival
tabdeal.org/ Redirect Chain
|
602 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d40c233.js
tabdeal.org/_nuxt/ |
6 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1e99a69.js
tabdeal.org/_nuxt/ |
309 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c139a00.js
tabdeal.org/_nuxt/ |
1 MB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
96031ce.js
tabdeal.org/_nuxt/ |
304 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d5feb44.js
tabdeal.org/_nuxt/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3b096e4.js
tabdeal.org/_nuxt/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IRANSansWeb_Bold.woff2
tabdeal.org/fonts/IRANSans/woff2/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IRANSansWeb_Black.woff2
tabdeal.org/fonts/IRANSans/woff2/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IRANSansWeb_Medium.woff2
tabdeal.org/fonts/IRANSans/woff2/ |
26 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IRANSansWeb_Light.woff2
tabdeal.org/fonts/IRANSans/woff2/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IRANSansWeb_UltraLight.woff2
tabdeal.org/fonts/IRANSans/woff2/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IRANSansWeb.woff2
tabdeal.org/fonts/IRANSans/woff2/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
174 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
179 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
snow-bg.svg
tabdeal.org/images/festivals/winter/ |
24 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
winter-festival-info-hero-mobile.svg
tabdeal.org/images/festivals/winter/ |
54 KB 17 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tabdeal-typo-logo-black.svg
tabdeal.org/images/homepage/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
winter-festival-info-hero-desktop.png
tabdeal.org/images/festivals/winter/ |
59 KB 60 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l.js
client.crisp.chat/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0fc0741.js
tabdeal.org/_nuxt/ |
146 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tabdeal-logo-dark-text.svg
tabdeal.org/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
client.js
client.crisp.chat/static/javascripts/ |
381 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
client_default.css
client.crisp.chat/static/stylesheets/ |
328 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
173 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2694472.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/OMKRPNMz/ |
35 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2694472.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9ibqjwxkc5
www.clarity.ms/tag/ |
572 B 952 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
cdn.sanjagh.com/assets/sdk/tabdeal.org/ |
58 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.min.js
plus.sabavision.com/dmp/dox/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sniper.js
cdn.tavoos.net/services/retargeting/1884/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
101 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
o489718.ingest.sentry.io/api/5695492/envelope/ |
2 B 242 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
84a9b23.js
tabdeal.org/_nuxt/ |
51 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
94d45d0.js
tabdeal.org/_nuxt/ |
55 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5de73f5.js
tabdeal.org/_nuxt/ |
100 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f06da4e.js
tabdeal.org/_nuxt/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7c1cb43.js
tabdeal.org/_nuxt/ |
55 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
04dff6d.js
tabdeal.org/_nuxt/ |
25 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6f962af.js
tabdeal.org/_nuxt/ |
39 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.7d6d0311dc6eb2c0bc38.js
script.hotjar.com/ |
235 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame F157 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 344 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 335 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.html
plus.sabavision.com/dmp/dox/ Frame 5ECF |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 151 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audience.yektanet.com/api/v1/scripts/preview/validate/ |
5 B 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ua.yektanet.com/cookie/iframe/ Frame A0DF |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
__fake.gif
ua.yektanet.com/ |
42 B 603 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
client.crisp.chat/settings/website/7c73fe4c-92f8-4457-9b9a-49a42a2015c2/prelude/ |
78 B 516 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
h.clarity.ms/s/0.6.32/ |
53 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 368 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/438346452/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tags
sniper.tavoos.net/v1/retargeting/ |
15 B 531 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
set
ua.yektanet.com/cookie/ Frame A0DF |
78 B 1006 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
61e287ee9c35581ab9732f84
api.sanjagh.com/web/rc/ |
2 B 582 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
61e287ee9c35581ab9732f84
api.sanjagh.com/web/rc/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/438346452/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-user-list/438346452/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie
plus.sabavision.com/api/dmp/v1/ Frame 5ECF |
46 B 333 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
client.crisp.chat/settings/website/7c73fe4c-92f8-4457-9b9a-49a42a2015c2/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa.js
client.crisp.chat/static/javascripts/locales/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
plus.sabavision.com/api/tagmanager/ |
349 B 466 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
plus.sabavision.com/api/tagmanager/ Frame |
0 0 |
Preflight
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
tabdeal.org/cdn-cgi/ |
0 163 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
h.clarity.ms/ |
0 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a8e958d7-ecd3-4e8e-8272-bc99162f48f0
plus.sabavision.com/api/dmp/v1/event/ |
597 B 887 B |
XHR
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
a8e958d7-ecd3-4e8e-8272-bc99162f48f0
plus.sabavision.com/api/dmp/v1/event/ Frame |
0 0 |
Preflight
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
h.clarity.ms/ |
0 48 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
local-messaging.css
app.najva.com/static/css/ |
0 427 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.js
van.najva.com/static/js/scripts/ Redirect Chain
|
180 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tabdeal-website-23971-fa5cd7b0-d86f-4035-ba9f-23863b9a47c9.json
van.najva.com/static/js/scripts/ |
3 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
complete.js
cdn.yektanet.com/rg_woebegone/scripts_v4/K2ffEHaH/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cookie.najva.com/matching/ Redirect Chain
|
0 498 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| structuredClone number| _gtm_init number| doNotTrack object| _gtm_ids function| _gtm_inject object| dataLayer object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| vueRecaptchaApiLoaded object| $crisp string| CRISP_WEBSITE_ID object| $nuxt object| __cfBeacon object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data function| hj object| _hjSettings string| yektanetAnalyticsObject function| yektanet function| clarity object| h object| s object| d object| sniper_head object| sniper_script string| sniper_script_address object| now function| onYouTubeIframeAPIReady object| __SENTRY__ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData object| _dollar_crisp function| _0xfb0979 function| _0x1902 function| _0x3dc5 object| __SabaEvents function| _SabaEventAjax object| ynWebpackJsonp boolean| yektanet_ua-script-K2ffEHaH_is_loaded function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO undefined| retargeting object| __sentry_instrumentation_handlers__ boolean| snj_rc string| configFile object| Najva42 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tbdl.io/ | Name: BIGipServerlink.tabdealbot.com.app~link.tabdealbot.com_pool Value: 18750124.47873.0000 |
|
.tbdl.io/ | Name: TS01eb5eaa Value: 0171a97b61dec77550fde77271a65eee02fc78460e0a1fd23bde9bc1a2b98f1bbbabd7022e1e25d95f0884dd5848bc1f2996406ec4485a5e537e1712d79b666271ec4a6d7b |
|
tabdeal.org/ | Name: auth.strategy Value: local |
|
.yektanet.com/ | Name: __cf_bm Value: i2cv3lCymAULEUa2hUk.CamGAOCvEBmS77Zw20HVfBI-1645463562-0-ASAxMRfvgnUkppNfnBpHWp0qSfMa+F74eJaCRR396j2QUQ+by0PzviAmodGEfEXeRf0DUCcCxsGeXZzH0Ey21GE= |
|
.tabdeal.org/ | Name: _gid Value: GA1.2.1598372671.1645463562 |
|
.tabdeal.org/ | Name: _gat_UA-182342470-4 Value: 1 |
|
.tabdeal.org/ | Name: _ga Value: GA1.1.1500156969.1645463562 |
|
.tabdeal.org/ | Name: _gcl_au Value: 1.1.655656355.1645463562 |
|
www.clarity.ms/ | Name: CLID Value: 23fabbf1ea7548d0b4e5cc8a38a7edb3.20220221.20230221 |
|
.tabdeal.org/ | Name: analytics_campaign Value: {%22source%22:%22sms%22%2C%22medium%22:%22paid%22%2C%22campaign%22:%22tehran-men%22} |
|
tabdeal.org/ | Name: analytics_token Value: 05126fc4-4cd2-33e5-d53f-661f899972a9 |
|
tabdeal.org/ | Name: analytics_session_token Value: 539af0c3-0d17-5eaa-9ebf-d756e86ca3ae |
|
tabdeal.org/ | Name: yektanet_session_last_activity Value: 2/21/2022 |
|
tabdeal.org/ | Name: _yngt_iframe Value: 1 |
|
.tabdeal.org/ | Name: _hjSessionUser_2694472 Value: eyJpZCI6IjkzMWQ0MDFlLTlhMzMtNWY4OS04ZWY2LWU5ODgyMWQ4YmI0OCIsImNyZWF0ZWQiOjE2NDU0NjM1NjI2NTUsImV4aXN0aW5nIjpmYWxzZX0= |
|
.tabdeal.org/ | Name: _hjFirstSeen Value: 1 |
|
tabdeal.org/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.tabdeal.org/ | Name: _hjSession_2694472 Value: eyJpZCI6ImRlMDE5MGMxLWJjMTItNGQ2My1iODUxLTQyNWJmOWE2ODAxZiIsImNyZWF0ZWQiOjE2NDU0NjM1NjI2OTcsImluU2FtcGxlIjpmYWxzZX0= |
|
.tabdeal.org/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.yektanet.com/ | Name: gearbox_ad_token Value: 3c226fc1-196b1-12f60-090c5-5ecc48e795341 |
|
.yektanet.com/ | Name: analytics_global_token Value: 3c226fc1-196b1-12f60-090c5-5ecc48e795341 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
tabdeal.org/ | Name: _yngt Value: 3c226fc1-196b1-12f60-090c5-5ecc48e795341 |
|
.tabdeal.org/ | Name: crisp-client%2Fsession%2F7c73fe4c-92f8-4457-9b9a-49a42a2015c2 Value: session_47a0851a-c174-4b3e-8abc-3f2fa432a8d0 |
|
.c.bing.com/ | Name: SRM_B Value: 3177E95D6E986FB301D1F80F6FF36E0F |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 3177E95D6E986FB301D1F80F6FF36E0F |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
.plus.sabavision.com/ | Name: sid Value: 7b291ad8-9339-11ec-a531-00505697a10e |
|
.sabavision.com/ | Name: sid Value: 7b291ad8-9339-11ec-a531-00505697a10e |
|
.tabdeal.org/ | Name: _clck Value: 143dztd|1|ez6|0 |
|
.tabdeal.org/ | Name: _ga_XG21X11D9E Value: GS1.1.1645463562.1.0.1645463563.0 |
|
.tabdeal.org/ | Name: _ga_7PM8D8Q912 Value: GS1.1.1645463562.1.0.1645463563.59 |
|
.tavoos.net/ | Name: tavoosuid Value: 6213c80b1a0d0 |
|
.tavoos.net/ | Name: _rt Value: 1 |
|
.sanjagh.com/ | Name: _r Value: 200 |
|
.sanjagh.com/ | Name: _u Value: wFjOrYSmS3y3VjyorjV3pSwF |
|
.sanjagh.com/ | Name: _n Value: 200 |
|
tabdeal.org/ | Name: _61e287ee9c35581ab9732f84 Value: true |
|
.tabdeal.org/ | Name: _clsk Value: hhb090|1645463563587|1|1|h.clarity.ms/collect |
|
cookie.najva.com/ | Name: najva_token Value: 2ce9f55035f24c97b118a4e8e0384343 |
|
cookie.najva.com/ | Name: email_cookie_set Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
api.sanjagh.com
app.najva.com
audience.yektanet.com
c.bing.com
c.clarity.ms
cdn.sanjagh.com
cdn.tavoos.net
cdn.yektanet.com
client.crisp.chat
cookie.najva.com
googleads.g.doubleclick.net
h.clarity.ms
o489718.ingest.sentry.io
plus.sabavision.com
script.hotjar.com
sniper.tavoos.net
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
tabdeal.org
tbdl.io
ua.yektanet.com
van.najva.com
vars.hotjar.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
109.206.255.46
178.216.251.178
18.66.139.40
18.66.97.10
185.105.185.162
185.147.162.21
185.147.178.24
185.166.104.4
188.114.97.7
216.58.212.162
217.182.142.36
2606:4700:3033::6815:29f0
2606:4700::6810:5f41
2606:4700::6812:1c5b
2620:1ec:27::cafe:1377
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9a
2a06:98c1:3120::7
34.120.195.249
52.142.114.2
52.222.236.74
52.224.31.34
01dfdc130cd3e3b7ed01572613ea6552ab9819ca803c688076f850d06aa627a0
0788bc490dca49b1eb2d8d9d048e365432486b4bdcebca9343e20adccee41e39
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
091d71dbcd9e7a71782b3d8aef33460d90163a25d2f769082ea6f49187584e8d
0b6204effd2d0d3abfff8bc94d24c0f759af51bc1bf10689970d3d4b9d64d53a
13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f
16e9a5f57bb1c1b083f14948e9e16ca2f8aa41e4ce7fcebd0c47703c9d0c803e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2897540a30a42c67a5a288f0dd0724a4bb03ecb53873c5146e19b3ba04599785
34a3b30d3bca509c980fddbfd28ef11ca18106f605cdc44e8a82de387fbce1f4
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
3dd4c8d908872c745e745385a7421a0ec36e2a74dafd4a8016c638fcc9167b77
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47dcd0765922a10bb0d997d4b853fb66c369a76bb0f091dd4167db2c84f62d2e
48b5a69ef0d31bd00970a0c27c81b8f1a1081de54cc62caa0d8535d315eda2bd
4c828ef740a9e5a1a35b013fe85a3030a746dda24b09f872494130d8a278a32a
50a2b35361768a440b40b723b75c32ff89f79009d288532bb5e6c8cd27953d76
51499dee81f4c877020cf7826779c181dcf936e1604b471e99d13ac0889435cc
5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82
5e8559023c88d8bd7c7c91c55f05d89620c836c37cf7a49f33212b966efed2ff
5fe2ac550fe9d3c9f073380b1c0ed67651cb7600fb55c8aa59e55c1f028788c4
64753d2c2fbc6ae6f1adbf3a984d1b44583de5ccd58574bb921c1d45f365d3d0
6b6be29ca3140a8b25b6a14ec1b08bc74204492f4cf1379a68f367cdf350a22a
6dd49ac1b30321b6c9975b1a3d390fb67efe5f6ded74aa077226a1c8973c8055
71c1e4e33b7c1f1c194135421f0343fe851e219db8315e6600f8f492e089279f
7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1
7f4afb4979549d71973eba802ed23e3b243f073e94854b05a36391672cbc9931
83f5dd75c25836b1622863c5270a4567ac18ba53c9d95f763d1067a9cd2a1cc6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a269cb8a92b9aeadb869c45ba267e8ed1561dc1b274ff2ecb07dd578acabcb7
8b1b098005b653092b8b3d6e3bd02e5b30625362d5fe8352daf5ca87a3c4748d
8d1e13f6b391b4195fd8cdd61c4ef94865f0821681225d655b0f0a5bfaacee18
8d858d95fe8f5404e5d93f0116f465dfac6f7e56db08255b4957bc8adcb57bb5
9021fba3573af072e9bc4cf93b63b2f6b26023fa2a2a97d427e09c9cbfc0f6b2
92aa8d005161f8c9533dc8d5492f5d52a67eeb4a41086a39d26f66dda49fb800
9411ba68f63d20eb78a8f533be084e3bda7bfc4937a91b1527ff075d12b6f80e
991b112bd0495cc6f0f820dbd40a108b3d5f8166e5c34c4a7af35aff25791d4c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b25c7173faa60129b7581c3737d7b100d964d6f294b05c5d554bf7990bd61ba
9f80e4b984e0e4f743bce20837bc945ef558583f12c671617c329f89af1e854e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a632dc684383a269349fee1d320cba350a64be6616f1863c615158072d073fe2
aa0fc523f6e3e1072bb95e326a4f2c0b835e4de36fdbb59b8b77e3a965a50e6d
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
baea914dc241fed474e3b6fcf9191ad39538ceee0b05f698a41d414fffadd8ee
c95f2e27c0d29ddf395d39259949a2fb0943900c2834fd2ef90147caced84d5c
ca553e066eb8da9b51216765f124e2096e4894cb9256f97c41f2715bf0eca43b
d263125b7f56d2fbc0573e75a93af8014032a03bbbee3ba0a81c2ecf5c0a3c89
d84534f7a3584eef30c98a26f9c3bd4a381715aa22c78191b1bfe69fbffd16b5
d8ec49de9c004f18b228d28027b6f25dd854da6aa5f9b901777e593c59371ea7
d9b253707ca27aa8bc2eb51ceeb7bd78adca7fcdcf54ab2fe3ae86173e7d63fa
de17569e01fa18f28176ab5b2e973a146bb50b01d2031fec25a494ee0d8586f3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debb7401a8c66e83a04940640a4210f2cd6c70b82bf3dfbd2c9695421c64e9cf
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41cf678c0f31f236be7d64046b68a0754cafd4a1502e6545361cd81db3576a1
e8e6dbf4b3e7bd3961d7f4890ae4737196de5a66b39c6edbbfee65bf07dbad3c
eacf84a52b5b66739a5366c451a4472413e4eb6304d063ba83a1ae1902497870
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f043b149412a58d7703923ee611976a9fa48bca2bf3ccb5f8869999e278df700
f6a9b0bc3d1611d74cae4ae1fd57ed165593403fe787e00d68e572a9fc695404
f8d61fa1ee0a23f68a0322d69d7c67263f9e0b3786015752b4daf5fb4f21bf9d
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe65f879590f8a096a37f94c751f1237a9e263ec0a43940c2c43fe57738c35fe