ww.readdemonslayer.com
Open in
urlscan Pro
2606:4700:3037::ac43:bf3c
Public Scan
Submitted URL: http://ww.readdemonslayer.com/
Effective URL: https://ww.readdemonslayer.com/?2024-01-18
Submission: On January 18 via api from US — Scanned from DE
Effective URL: https://ww.readdemonslayer.com/?2024-01-18
Submission: On January 18 via api from US — Scanned from DE
Summary
This website contacted 20 IPs
in 3 countries
across 15 domains to perform 64 HTTP transactions.
The main IP is 2606:4700:3037::ac43:bf3c, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is ww.readdemonslayer.com.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.
This is the only time ww.readdemonslayer.com was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.
This is the only time ww.readdemonslayer.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
2a00:1450:4001:810::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
8
2606:4700:10::ac43:15e3
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| services.vlitag.com | |
| s3.vlitag.com |
7
2a00:1450:4001:831::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
2
34.230.160.134
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-160-134.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-160-134.compute-1.amazonaws.com
| api.purpleads.io |
2
2a00:1450:4001:82a::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
3
2a00:1450:4001:82f::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| securepubads.g.doubleclick.net |
1
2a00:1450:4001:811::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| redirector.googlevideo.com |
1
2a01:28:cb6:4::c
(Prague, Czech Republic)
ASN39392 (SUPERNETWORK ^_^, CZ)
ASN39392 (SUPERNETWORK ^_^, CZ)
| r1---sn-n02xgoxufvg3-2gbz.googlevideo.com |
1
18.197.231.253
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-231-253.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-231-253.eu-central-1.compute.amazonaws.com
| api.cmp.inmobi.com |
3
2a00:1450:4001:802::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
readdemonslayer.com
1 redirects
ww.readdemonslayer.com |
260 KB |
| 10 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 |
280 KB |
| 8 |
vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 41013 Failed s3.vlitag.com — Cisco Umbrella Rank: 52906 |
492 KB |
| 7 |
inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 3915 api.cmp.inmobi.com — Cisco Umbrella Rank: 13519 |
213 KB |
| 5 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 |
236 KB |
| 5 |
gstatic.com
fonts.gstatic.com |
104 KB |
| 4 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485 |
132 KB |
| 3 |
prplads.com
cdn.prplads.com — Cisco Umbrella Rank: 87336 |
126 KB |
| 2 |
googlevideo.com
1 redirects
redirector.googlevideo.com — Cisco Umbrella Rank: 1165 r1---sn-n02xgoxufvg3-2gbz.googlevideo.com |
990 B |
| 2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324 |
3 KB |
| 2 |
purpleads.io
api.purpleads.io — Cisco Umbrella Rank: 53805 |
2 KB |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
| 1 |
vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 36736 |
524 B |
| 1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029 |
259 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 Failed |
90 KB |
| 64 | 15 |
| Domain | Requested by | |
|---|---|---|
| 12 | ww.readdemonslayer.com |
1 redirects
ww.readdemonslayer.com
|
| 7 | pagead2.googlesyndication.com |
ww.readdemonslayer.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
| 6 | cmp.inmobi.com |
services.vlitag.com
cmp.inmobi.com |
| 5 | fonts.gstatic.com |
fonts.googleapis.com
|
| 5 | services.vlitag.com |
ww.readdemonslayer.com
services.vlitag.com |
| 3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 3 | securepubads.g.doubleclick.net |
services.vlitag.com
securepubads.g.doubleclick.net |
| 3 | s3.vlitag.com |
services.vlitag.com
ww.readdemonslayer.com |
| 3 | cdn.prplads.com |
ww.readdemonslayer.com
cdn.prplads.com |
| 3 | fonts.googleapis.com |
ww.readdemonslayer.com
cdn.prplads.com |
| 2 | cdn.jsdelivr.net |
s3.vlitag.com
cdn.prplads.com |
| 2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 2 | api.purpleads.io |
cdn.prplads.com
|
| 1 | www.google.com |
tpc.googlesyndication.com
|
| 1 | api.cmp.inmobi.com |
cmp.inmobi.com
|
| 1 | px.vliplatform.com |
ww.readdemonslayer.com
|
| 1 | r1---sn-n02xgoxufvg3-2gbz.googlevideo.com |
ww.readdemonslayer.com
|
| 1 | redirector.googlevideo.com | 1 redirects |
| 1 | imasdk.googleapis.com |
services.vlitag.com
|
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | www.googletagmanager.com |
ww.readdemonslayer.com
|
| 64 | 21 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| theapothecarydiaries.org |
| readdemonslayer.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| readdemonslayer.com GTS CA 1P5 |
2024-01-02 - 2024-04-01 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| prplads.com GTS CA 1P5 |
2023-12-11 - 2024-03-10 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| vlitag.com GTS CA 1P5 |
2023-11-26 - 2024-02-24 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| *.purpleads.io Amazon RSA 2048 M01 |
2023-10-01 - 2024-10-28 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://ww.readdemonslayer.com/?2024-01-18
Frame ID: 67BA52D2830444A124FC5EC634B2521A
Requests: 53 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/zrt_lookup_fy2021.html
Frame ID: 517D50E80D3A45FDAAF1AE20C086A2E5
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5154380815947733&output=html&adk=1812271804&adf=3025194257&lmt=1705595367&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fww.readdemonslayer.com%2F%3F2024-01-18&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705595367946&bpp=2&bdt=203&idt=173&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1604700447351&frm=20&pv=2&ga_vid=55765111.1705595368&ga_sid=1705595368&ga_hid=1970548703&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080334%2C95322181%2C95320889%2C95321627%2C95321967%2C95322162&oid=2&pvsid=3919771580541760&tmod=656081451&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fww.readdemonslayer.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183
Frame ID: D63CF80C253426E9EC7AAE6F71AB4C95
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55E0F3FBADAC31D750581AF6BEA84B7C
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 82BF4EAAED34BF1F6973AEAB4B4D9615
Requests: 2 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: 9C05192EB06A8999DECEE0CAF8F03C14
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Demon Slayer Manga OnlinePage URL History Show full URLs
-
http://ww.readdemonslayer.com/
HTTP 301
https://ww.readdemonslayer.com/ Page URL
- https://ww.readdemonslayer.com/?2024-01-18 Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://theapothecarydiaries.org/
Title: The Apothecary Diaries
Title: The Apothecary Diaries
Search URL Search Domain Scan URL
URL: http://readdemonslayer.com/
Title: © 2022 readdemonslayer.com. All rights reserved.
Title: © 2022 readdemonslayer.com. All rights reserved.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ww.readdemonslayer.com/
HTTP 301
https://ww.readdemonslayer.com/ Page URL
- https://ww.readdemonslayer.com/?2024-01-18 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ww.readdemonslayer.com/ HTTP 301
- https://ww.readdemonslayer.com/
- https://services.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
- https://redirector.googlevideo.com/videoplayback?expire=1705613215&ei=P0OpZavvCsOR2_gPz6OSiAY&ip=23.92.64.170&id=o-AMrrvrO66Rb5EsTleHTnTlJ4oh5_5Crf64XIKbundiXh&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=d6&mm=31%2C26&mn=sn-q4fl6n6s%2Csn-a5mlrnek&ms=au%2Conr&mv=u&mvi=1&pl=24&spc=UWF9fyh32smtLHjapW5593BNKsJ-fDubI3ANembvTHhANBA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=uL1sKSviWlprQpc2USpfr1EQ&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1705590906&fvip=4&fexp=24007246&c=WEB&txp=6219224&n=qnYWiBGHeacPl79ap&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AJfQdSswRQIgYE19hzcK0jRxXa9NLg0RU9qLm2OZeLqCXydZ-aC0COECIQD8wPi5z-ZmYjMPSeuXAaayDicTvwB1GQ_h32hionsY0w%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRAIgXf7mNk6GuGBdHd64alO_EO81PG7ieaV6DZ4VxPaZDDgCIF0bFq5-KthUK5amPaufY3DrlKdoQf_Puh3jvFjGIjml HTTP 302
- https://r1---sn-n02xgoxufvg3-2gbz.googlevideo.com/videoplayback?expire=1705613215&ei=P0OpZavvCsOR2_gPz6OSiAY&ip=23.92.64.170&id=o-AMrrvrO66Rb5EsTleHTnTlJ4oh5_5Crf64XIKbundiXh&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9fyh32smtLHjapW5593BNKsJ-fDubI3ANembvTHhANBA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=uL1sKSviWlprQpc2USpfr1EQ&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=qnYWiBGHeacPl79ap&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AJfQdSswRQIgYE19hzcK0jRxXa9NLg0RU9qLm2OZeLqCXydZ-aC0COECIQD8wPi5z-ZmYjMPSeuXAaayDicTvwB1GQ_h32hionsY0w%3D%3D&cms_redirect=yes&mh=d6&mip=2a02:6ea0:c71b:0:1012:8bfd:4041:24a8&mm=31&mn=sn-n02xgoxufvg3-2gbz&ms=au&mt=1705594636&mv=m&mvi=1&pl=40&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIgOJofQqYy7X9zja8F8jiCoWB0KJIm6Ncmy_viAfX2rUYCIQDdDib7qANvGGUZjEmMSBTwnifPq_OLhpwEqaE_XxNLtw%3D%3D
64 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
ww.readdemonslayer.com/ Redirect Chain
|
131 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
autoptimize_521f53ab40aeee6ccba9c722b238678b.css
ww.readdemonslayer.com/wp-content/cache/autoptimize/css/ |
201 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ww.readdemonslayer.com/wp-includes/js/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
js
www.googletagmanager.com/gtag/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
load.js
cdn.prplads.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
services.vlitag.com/adv1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
light.png
ww.readdemonslayer.com/wp-content/plugins/wp-dark-mode/assets/images/btn-1/ |
736 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
lazysizes.min.js
ww.readdemonslayer.com/wp-content/plugins/autoptimize/classes/external/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
ww.readdemonslayer.com/ |
135 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
autoptimize_1f4199d2fa0185b59773310593958625.css
ww.readdemonslayer.com/wp-content/cache/autoptimize/css/ |
201 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
7 KB 890 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.min.js
ww.readdemonslayer.com/wp-includes/js/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
270 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
load.js
cdn.prplads.com/ |
45 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
services.vlitag.com/adv1/ |
546 KB 142 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
light.png
ww.readdemonslayer.com/wp-content/plugins/wp-dark-mode/assets/images/btn-1/ |
736 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
lazysizes.min.js
ww.readdemonslayer.com/wp-content/plugins/autoptimize/classes/external/js/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
autoptimize_3c8a523dab364b24b99c0a9ff707d733.js
ww.readdemonslayer.com/wp-content/cache/autoptimize/js/ |
133 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
f
api.purpleads.io/x/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f
api.purpleads.io/x/v2/ |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
df434eec68e7cac0aebb7b5ff0af9dad.json
services.vlitag.com/cli/ |
42 B 369 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
68 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ |
402 KB 136 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/ Frame 517D |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
dark.png
ww.readdemonslayer.com/wp-content/plugins/wp-dark-mode/assets/images/btn-1/ |
675 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
vl.json
services.vlitag.com/vld/1705463035/ |
13 B 277 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
df434eec68e7cac0aebb7b5ff0af9dad.json
services.vlitag.com/obj/1705463035/ |
27 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame D63C |
284 KB 64 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
choice.js
cmp.inmobi.com/choice/pCNAReJk6bG2R/soamaps.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid-8.30.0.js
s3.vlitag.com/vli-assets/prebid/default/ |
627 KB 191 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
97 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ima3.js
imasdk.googleapis.com/js/sdkloader/ |
377 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sf_host.min.js
s3.vlitag.com/vli-assets/plugins/safeframe/src/js/ |
38 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmp2.js
cmp.inmobi.com/tcfv2/ |
158 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ |
438 KB 138 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
73 B 82 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1679645040.png
s3.vlitag.com/vli-assets/widget/2023/03/24/ |
137 KB 137 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
videoplayback
r1---sn-n02xgoxufvg3-2gbz.googlevideo.com/ Redirect Chain
|
0 0 |
Media
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tf-v1.jpeg
px.vliplatform.com/ |
0 524 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmp-list.json
cmp.inmobi.com/GVL-v2/ |
12 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmp2ui-en.js
cmp.inmobi.com/tcfv2/50/ |
279 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ |
557 KB 62 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google-atp-list.json
cmp.inmobi.com/tcfv2/ |
142 KB 33 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
api.cmp.inmobi.com/ |
2 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ |
162 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55E0 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 82BF |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 55E0 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 82BF |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
css
fonts.googleapis.com/ Frame 9C05 |
761 B 382 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid-2023-12-20.js
cdn.prplads.com/ Frame 9C05 |
317 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 55E0 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 9C05 |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 9C05 |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.googletagmanager.com
- URL
- https://www.googletagmanager.com/gtag/js?id=G-9JY3BQ4DPF
- Domain
- services.vlitag.com
- URL
- https://services.vlitag.com/adv1/?q=df434eec68e7cac0aebb7b5ff0af9dad
- Domain
- ww.readdemonslayer.com
- URL
- https://ww.readdemonslayer.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4
Verdicts & Comments Add Verdict or Comment
123 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 boolean| isBot string| timestamp string| currentLocation string| newLocation undefined| $ function| jQuery function| gtag object| dataLayer function| _0x288d function| _0x26d7 boolean| _purpleadsWasLoaded object| _purpleads string| purpleadsInstanceId object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| _PBCFG object| vitag string| tagApi object| viAPItag object| wpDarkMode function| checkOsDarkMode object| adsbygoogle object| lazySizesConfig object| _wpUtilSettings function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect function| ai_run_868067525843 boolean| ai_js_code object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| setCookie function| getCookie object| DarkMode function| _ object| wp function| ai_document_write string| selector_string object| lazySizes function| ai_process_lists number| height function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| getEidsByVLI function| __tcfapi function| __uspapi boolean| __VLICMP object| $sf object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| googletag object| observeElementInViewport function| __tcfapiui object| google_llp object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .readdemonslayer.com/ | Name: _ga Value: GA1.1.55765111.1705595368 |
|
| .readdemonslayer.com/ | Name: _ga_9JY3BQ4DPF Value: GS1.1.1705595367.1.0.1705595367.0.0.0 |
|
| ww.readdemonslayer.com/ | Name: __ppIdCC Value: rewssenobakwyer_xon217955.5308137 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | upgrade-insecure-requests upgrade-insecure-requests |
| Strict-Transport-Security | max-age=63072000; includeSubdomains; preload |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.cmp.inmobi.com
api.purpleads.io
cdn.jsdelivr.net
cdn.prplads.com
cmp.inmobi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
px.vliplatform.com
r1---sn-n02xgoxufvg3-2gbz.googlevideo.com
redirector.googlevideo.com
region1.google-analytics.com
s3.vlitag.com
securepubads.g.doubleclick.net
services.vlitag.com
tpc.googlesyndication.com
ww.readdemonslayer.com
www.google.com
www.googletagmanager.com
services.vlitag.com
ww.readdemonslayer.com
www.googletagmanager.com
18.197.231.253
2001:4860:4802:34::36
2600:9000:2550:4400:1b:cadc:ef40:93a1
2606:4700:10::ac43:15e3
2606:4700:20::ac43:4a5d
2606:4700:3037::ac43:9e3b
2606:4700:3037::ac43:bf3c
2606:4700::6810:5614
2a00:1450:4001:802::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a01:28:cb6:4::c
34.230.160.134
048d79c104f901bde0add36e8bedf90d31dfddab2af1954d1185d4652af22686
0a5bbca89b5c843d12f6b0e1d92673f423ff2521b1639aaea8ac5ca49092e967
0b640db060bd6c45e02eb82c75a7f0f087e7b0b30f47bcfa6aa892c310778fc4
17ef0fb1246f4b86977fb3632d4e8feef9f51f18469ba1202b37caaa752aa17b
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
29a9023ef7170c1fdf28a69719b1f9141507983f19443d6d82e4dfb5b05704fb
2abcf8b424677573d58f0a2bc8d48ccc657b4fa7e558ba5617394e065abb45ee
38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353
3839b37198c5727ebe8c57a6274b19e84192147d313fd1c6de2c6ce506a41281
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3
3a8f59340ce472660db410161f3e7fc7ade175053930bb1ef074df92bb58847a
43a37f06edc7c8c3c4cf0d6df399e6edb458f718291b99c5c847c9f64244c4d2
50f8759314185c00f8982df20afc6fcebb7cf422890209eb9c19971e5121c8a2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a4c7a219afd706285884c6ccf2ea6e5e45334c11110fa00867a0401ac328147
5d15d797a944132c825a29ee8119ae1ddc689d61c7e3b403120bdd50a491a875
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6428b680837816cbb3954287724675edfde76653d3350727610fcd5b6029f824
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
869246663501d0710d7030f02477319274620428972ea00980724dad23034c6e
8c1ba420e96dd7abff572237007a5847813312e8da1f410f5f3bf5ace97f0131
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99675572a0bb1f5585ae398920febd785d578836c923f434e227b5f91530d4ab
9b1da7aa3e086b063e3bca928262ea8a69ba4fd26b5be2d414b4b862ddeb847b
9c16ec2dafac365b4f2b524340270b9ed11a8bfa52d7016086c99146e0d4e717
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
ad22a226db701c2dfb8c5e2e9b663c8bd00f4bf1cd1f3298ab603ecacc52d48b
b1b7ae4449251b4bf04eba749a38af8f654c9fc4c49c7e08fced36e97ca13c74
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c696e0b058138e41157ab0a7fdea44a11fddfa5235c6ac81a84aaf4ed931b1d8
c742aff416f5e72b2caeb48fb4e07788a46b1a1180382976bb6ff004488090c2
d6fc04ca30e860c73b8207220bdf0757c08de38ad5f84ffa9662bf24e5392292
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f
dbac2a5ad948f75c32e9746d7f255ad642c471f1f2c1fb48e74404fd150f7213
dd82f6fc030a4b38eca7176b079619808ba33965e942cf6273c18dac1ddb39c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ebef25158705a9df7c028dab4b93f8881e4efb5323ccace6f8e40a6b50fd1891
ef464c0022d74bfd9d6348b1835c9618169e3f7357c5e441e0db10d2e8b7e124
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
fd82ec70abb7875f5d55abe7e41e250c0f9600652303a38d38969f2c4f35cccf