m.cortesia.tim.it
Open in
urlscan Pro
31.199.53.11
Public Scan
Effective URL: http://m.cortesia.tim.it/
Submission: On March 09 via manual from IT
Summary
This is the only time m.cortesia.tim.it was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN3269 (ASN-IBSNAZ, IT)
PTR: host-31-199-53-10.business.telecomitalia.it
31.199.53.10 |
ASN3269 (ASN-IBSNAZ, IT)
PTR: host-31-199-53-11.business.telecomitalia.it
m.cortesia.tim.it | |
track.dnserror.tim.it |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
adservice.google.de | |
www.googletagservices.com | |
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-114.fra6.r.cloudfront.net
cdn.fanplayr.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-70.fra53.r.cloudfront.net
d62mrph0xm5hi.cloudfront.net |
ASN16509 (AMAZON-02, US)
dvagh3p3rk8xj.cloudfront.net |
ASN16509 (AMAZON-02, US)
currency.prebid.org |
ASN29990 (ASN-APPNEX, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-144-135.compute-1.amazonaws.com
e1.fanplayr.com |
ASN16509 (AMAZON-02, US)
d1sdsscio5ia8n.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-177-237.compute-1.amazonaws.com
my.fanplayr.com |
ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com
us-u.openx.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com
eus.rubiconproject.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-174.eu-central-1.compute.amazonaws.com
pixel.advertising.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-147.eu-west-1.compute.amazonaws.com
match.adsrvr.org |
Domain | Requested by | |
---|---|---|
10 | m.cortesia.tim.it |
m.cortesia.tim.it
|
6 | www.google.com |
cse.google.com
www.google.com m.cortesia.tim.it |
5 | adserver-eu.adtech.advertising.com |
2 redirects
m.cortesia.tim.it
|
4 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net m.cortesia.tim.it |
4 | track.adform.net |
m.cortesia.tim.it
track.adform.net |
3 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
3 | cdn.fanplayr.com |
track.adform.net
cdn.fanplayr.com |
3 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
3 | www.googletagservices.com |
m.cortesia.tim.it
securepubads.g.doubleclick.net |
2 | pixel.advertising.com | |
2 | us-u.openx.net |
1 redirects
dvagh3p3rk8xj.cloudfront.net
|
2 | d1sdsscio5ia8n.cloudfront.net |
dvagh3p3rk8xj.cloudfront.net
d1sdsscio5ia8n.cloudfront.net |
2 | e1.fanplayr.com |
cdn.fanplayr.com
|
2 | dvagh3p3rk8xj.cloudfront.net |
d62mrph0xm5hi.cloudfront.net
|
2 | dmp.adform.net |
track.adform.net
dmp.adform.net |
2 | cse.google.com |
m.cortesia.tim.it
www.google.com |
1 | aol-match.dotomi.com | |
1 | match.adsrvr.org | |
1 | pixel.quantserve.com | 1 redirects |
1 | acdn.adnxs.com |
dvagh3p3rk8xj.cloudfront.net
|
1 | eus.rubiconproject.com |
dvagh3p3rk8xj.cloudfront.net
|
1 | my.fanplayr.com | 1 redirects |
1 | track.dnserror.tim.it |
m.cortesia.tim.it
|
1 | fastlane.rubiconproject.com |
dvagh3p3rk8xj.cloudfront.net
|
1 | ib.adnxs.com |
dvagh3p3rk8xj.cloudfront.net
|
1 | currency.prebid.org |
dvagh3p3rk8xj.cloudfront.net
|
1 | d62mrph0xm5hi.cloudfront.net |
securepubads.g.doubleclick.net
|
1 | clients1.google.com |
m.cortesia.tim.it
|
1 | www.googleapis.com |
m.cortesia.tim.it
|
1 | adservice.google.com |
www.googletagservices.com
|
1 | adservice.google.de |
www.googletagservices.com
|
1 | img.tim.it |
m.cortesia.tim.it
|
66 | 32 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.tim.it |
site.adform.com |
www.amazon.it |
www.google.com |
www.zalando.it |
du.ilsole24ore.com |
www.telecomitalia.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
img.tim.it Trust Technologies Global CA |
2018-07-23 - 2020-07-27 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
track.adform.net DigiCert SHA2 Secure Server CA |
2019-09-16 - 2021-09-20 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2019-01-10 - 2021-01-14 |
2 years | crt.sh |
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA |
2018-05-22 - 2020-05-26 |
2 years | crt.sh |
*.fanplayr.com Amazon |
2020-02-23 - 2021-03-23 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2018-01-04 - 2020-07-09 |
3 years | crt.sh |
pixel.advertising.com DigiCert SHA2 High Assurance Server CA |
2017-06-14 - 2020-06-18 |
3 years | crt.sh |
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
*.dotomi.com GlobalSign RSA OV SSL CA 2018 |
2019-06-19 - 2021-08-31 |
2 years | crt.sh |
This page contains 9 frames:
Primary Page:
http://m.cortesia.tim.it/
Frame ID: AFAD95A418E86575B08D5F1B5EEFCF2F
Requests: 42 HTTP requests in this frame
Frame:
https://track.adform.net/serving/container/?pm=307530&lid=14523578&ctype=0&media=0&PageName=DNS+error+MOBILE&rnd=1365903729&cpref=&loc=http%3a%2f%2fm.cortesia.tim.it%2f
Frame ID: 8FCCC66A645951756557180F715A517A
Requests: 1 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgSWEQHkJY-1zRT2xkCs7YY-37oJp8F2KW29--tg5L2GeM2EImSjWe9u1ukXnJRAXox2Bw6-1HMM65Qm2SmdCw1HERRf6y3Opp7AqaJRPFLIudm8jvoO8OkN8o6hh-v2KTu6VS7bV2cof-HVipT1P1Aiukn3O0MtlIL1fgIae-DBbKVxMMhXoukp8FNrnc29ga3LG-DszgnFNouMR8La5AnsC7kCuc2A5Oe8Oz1mPRE7zURSDtGpz7bdIBLqntvNzCmNs_NQeltWldw8vWJqzgQqMGqr03jX-EDueaF6A&sai=AMfl-YRggIIeQdmKUMUwr4vSyXmeFBJ-AFR3rSXIZE2Bh-N9bpmu19j3SYN5_eYkS8QcIpwlB-hQZSjETeSmYQq0YwG8jUULZ4Cgix-K8ARj&sig=Cg0ArKJSzAHqy1YMUuiVEAE&urlfix=1&adurl=
Frame ID: FE2A2E563CA4C43C88B1FF0815CFB2AC
Requests: 17 HTTP requests in this frame
Frame:
https://e1.fanplayr.com/tunnel.html?v8
Frame ID: D1B50655D9CDF5C297BB4C758C8C995C
Requests: 1 HTTP requests in this frame
Frame:
https://d1sdsscio5ia8n.cloudfront.net/pl_dc_bridge_ssl/42697
Frame ID: 329BBF65564BA6A165CA2901FC1D5AFF
Requests: 2 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 1B8876560FA119FF29C35E45FEBD89F4
Requests: 1 HTTP requests in this frame
Frame:
https://us-u.openx.net/w/1.0/cm?cc=1&id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&ph=e1e12abf-0bb5-47ee-ae31-55f011a265d0&&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55981%2Fsync%3F_origin%3D0%26uid%3D%26gdpr%3D1%26gdpr_consent%3D
Frame ID: FE9931140D57C5A658F30C59E7E47F3F
Requests: 1 HTTP requests in this frame
Frame:
https://eus.rubiconproject.com/usync.html
Frame ID: 93EAEF537A945B444FEF8DD5FC28839F
Requests: 1 HTTP requests in this frame
Frame:
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 761643B6AEA77EF8D8DE2E8B17C045B9
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://31.199.53.10/
HTTP 302
http://m.cortesia.tim.it/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Note Legali
Search URL Search Domain Scan URL
Title: http://site.adform.com/privacy-policy/en/
Search URL Search Domain Scan URL
Title: http://www.amazon.it/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=200545460
Search URL Search Domain Scan URL
Title: http://www.google.com/policies/technologies/cookies/
Search URL Search Domain Scan URL
Title: https://www.zalando.it/zalando-informativa-sulla-privacy/
Search URL Search Domain Scan URL
Title: http://du.ilsole24ore.com/utenti/privacyfiles/informativa_cookies.html
Search URL Search Domain Scan URL
Title: http://www.telecomitalia.com/tit/it/footer/Privacy.html
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://31.199.53.10/
HTTP 302
http://m.cortesia.tim.it/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- http://track.adform.net/Serving/TrackPoint/?pm=307530&ADFPageName=DNS%20error%20MOBILE&ADFdivider=%7C&ord=669567055717&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fm.cortesia.tim.it%2F HTTP 307
- https://track.adform.net/Serving/TrackPoint/?pm=307530&ADFPageName=DNS%20error%20MOBILE&ADFdivider=%7C&ord=669567055717&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fm.cortesia.tim.it%2F
- https://adserver-eu.adtech.advertising.com/pubapi/3.0/4812.1/6575178/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=756e3e04d8b0fc;misc=1583795731097; HTTP 302
- https://adserver-eu.adtech.advertising.com/pubapi/3.0/4812.1/6575178/0/0/ADTECH;cfp=1;rndc=1583795731;v=2;cmd=bid;cors=yes;alias=756e3e04d8b0fc;misc=1583795731097
- https://adserver-eu.adtech.advertising.com/pubapi/3.0/4812.1/6575178/0/0/ADTECH;cfp=1;rndc=1583795731;v=2;cmd=bid;cors=yes;alias=756e3e04d8b0fc;misc=1583795731097 HTTP 302
- https://adserver-eu.adtech.advertising.com/pubapi/3.0/4812.1/6575178/0/0/ADTECH;apid=1Adf155386-625b-11ea-b367-025f923ce276;cfp=1;rndc=1583795731;v=2;cmd=bid;cors=yes;alias=756e3e04d8b0fc;misc=1583795731097
- http://my.fanplayr.com/external.Genius/?callback=jQuery111106496417708428355_1583795731163&a=init&uuid=1583795731744-297a8d8d47f62bc1bb3bbf16&user=0&session=0&url=http%3A%2F%2Fm.cortesia.tim.it%2F&store_domain=m.cortesia.tim.it&tz=-60&account=170dd2bf8f1c542041de86b004cfb979&store_data=shopType%3Dcustom%26pageType%3Dpage%26productPrice%3D0%26lineItemCount%3D0%26numItems%3D0%26discount%3D0%26total%3D0%26repeatCart%3Dfalse%26custom%3D1%26version%3D3&custom_data=&invocation=0&ref=&log_only=0&browser_language=en-US&widget_language=&push=&swv=u&gacid=&adaptor=1.0.1&_=1583795731164 HTTP 302
- http://e1.fanplayr.com/external.Genius/?callback=jQuery111106496417708428355_1583795731163&a=init&uuid=1583795731744-297a8d8d47f62bc1bb3bbf16&user=0&session=0&url=http%3A%2F%2Fm.cortesia.tim.it%2F&store_domain=m.cortesia.tim.it&tz=-60&account=170dd2bf8f1c542041de86b004cfb979&store_data=shopType%3Dcustom%26pageType%3Dpage%26productPrice%3D0%26lineItemCount%3D0%26numItems%3D0%26discount%3D0%26total%3D0%26repeatCart%3Dfalse%26custom%3D1%26version%3D3&custom_data=&invocation=0&ref=&log_only=0&browser_language=en-US&widget_language=&push=&swv=u&gacid=&adaptor=1.0.1&_=1583795731164
- https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&ph=e1e12abf-0bb5-47ee-ae31-55f011a265d0&&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55981%2Fsync%3F_origin%3D0%26uid%3D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
- https://us-u.openx.net/w/1.0/cm?cc=1&id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&ph=e1e12abf-0bb5-47ee-ae31-55f011a265d0&&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55981%2Fsync%3F_origin%3D0%26uid%3D%26gdpr%3D1%26gdpr_consent%3D
- https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
- https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=gZlNG9eZShuZyRgbjZhWS9KfT0yZyENJgcmcSnnP
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
m.cortesia.tim.it/ Redirect Chain
|
25 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dns.css
m.cortesia.tim.it/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
push.css
img.tim.it/sdr/push/ |
144 B 498 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dnslp-trkpxl.bmp
m.cortesia.tim.it/images/ |
58 B 362 B |
Image
image/x-ms-bmp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-tim.png
m.cortesia.tim.it/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smile.jpg
m.cortesia.tim.it/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ntrack-1.1-dnslp.js
m.cortesia.tim.it/ |
12 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dns.js
m.cortesia.tim.it/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gpt.js
www.googletagservices.com/tag/js/ |
43 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dnslp-pxlrand.bmp
m.cortesia.tim.it/images/ |
58 B 362 B |
Image
image/x-ms-bmp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse.js
cse.google.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/serving/scripts/trackpoint/async/ |
76 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie_info_icon.png
m.cortesia.tim.it/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close_cookie_banner.png
m.cortesia.tim.it/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020030501.js
securepubads.g.doubleclick.net/gpt/ |
165 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse_element__it.js
www.google.com/cse/static/element/8b2252448421acb3/ |
257 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default+it.css
www.google.com/cse/static/element/8b2252448421acb3/ |
40 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
www.google.com/cse/static/style/look/v3/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
4 KB 3 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_rendering_2020030501.js
securepubads.g.doubleclick.net/gpt/ |
69 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
async-ads.js
cse.google.com/adsense/search/ |
166 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.png
www.google.com/cse/static/css/v2/ |
1018 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ |
551 B 884 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generate_204
www.googleapis.com/ |
0 187 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ |
919 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generate_204
clients1.google.com/ |
0 83 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/Serving/TrackPoint/ Redirect Chain
|
18 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/wpf/v2/7ta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... |
14 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/serving/container/ Frame 8FCC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adaptor.js
cdn.fanplayr.com/customers/tim/adaptor/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adformat.js
dmp.adform.net/audiencetag/ |
1 KB 1006 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
securepubads.g.doubleclick.net/pcs/ Frame FE2A |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
34054
d62mrph0xm5hi.cloudfront.net/ssl/ Frame FE2A |
2 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame FE2A |
73 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.js
cdn.fanplayr.com/client/production/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookiesegments
dmp.adform.net/audiencetag/ |
2 B 360 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prebid_2.44.3.js
dvagh3p3rk8xj.cloudfront.net/ Frame FE2A |
285 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zdk-postbid-body_0.1.2.min.js
dvagh3p3rk8xj.cloudfront.net/ Frame FE2A |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame FE2A |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
latest.json
currency.prebid.org/ Frame FE2A |
1 KB 2 KB |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ Frame FE2A |
8 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FE2A |
235 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ADTECH;cfp=1;rndc=1583795731;v=2;cmd=bid;cors=yes;alias=756e3e04d8b0fc;misc=1583795731097
adserver-eu.adtech.advertising.com/pubapi/3.0/4812.1/6575178/0/0/ Frame FE2A Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
platform.min.js
cdn.fanplayr.com/client/production/platform/releases/1.83.0/ |
171 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tunnel.html
e1.fanplayr.com/ Frame D1B5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ADTECH;apid=1Adf155386-625b-11ea-b367-025f923ce276;cfp=1;rndc=1583795731;v=2;cmd=bid;cors=yes;alias=756e3e04d8b0fc;misc=1583795731097
adserver-eu.adtech.advertising.com/pubapi/3.0/4812.1/6575178/0/0/ Frame FE2A Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ADTECH;apid=1Adf155386-625b-11ea-b367-025f923ce276;cfp=1;rndc=1583795731;v=2;cmd=bid;cors=yes;alias=756e3e04d8b0fc;misc=1583795731097
adserver-eu.adtech.advertising.com/pubapi/3.0/4812.1/6575178/0/0/ Frame FE2A |
2 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
42697
d1sdsscio5ia8n.cloudfront.net/pl_dc_bridge_ssl/ Frame 329B |
125 B 480 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21747
d1sdsscio5ia8n.cloudfront.net/dc_ssl/ Frame 329B |
2 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracer.php
track.dnserror.tim.it/ |
0 365 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
e1.fanplayr.com/external.Genius/ Redirect Chain
|
465 B 541 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 1B88 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 58 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame FE2A |
42 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cm
us-u.openx.net/w/1.0/ Frame FE99 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usync.html
eus.rubiconproject.com/ Frame 93EA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7616 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
pixel.advertising.com/ups/55965/ Frame FE2A Redirect Chain
|
0 124 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame FE2A |
70 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
current
aol-match.dotomi.com/match/bounce/ Frame FE2A |
0 104 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
pixel.advertising.com/ups/56465/ Frame FE2A |
0 124 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| googletag object| ntk object| device string| accessNetwork string| trackServerURL string| cookieDomain function| fadeOut function| fadeIn function| closest function| fntGestClick string| nameCookie function| dco_set_cookie function| dco_read_cookie function| closeInfoEstesa function| isShortEnough function| checkLength function| salvaCookieBanner function| closeOverlay function| saveAllTrue function| openInfoEstesa object| _adftrack object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| __gcse number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| google object| closure_lm_413858 function| _googCsa number| nextSearchboxId object| Adform object| KJUR object| adf function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googTcfApiTimeout number| _googUspApiTimeout number| googleAltLoader object| fortyone object| adf_order number| adf_sv4 object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| fanplayr object| fanplayr_api function| fanplayr_ready function| AdformAT function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb undefined| jQuery111106496417708428355_1583795731163 object| GoogleGcLKhOms object| google_image_requests17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.adform.net/ | Name: uid Value: -5167339605253591212 |
|
.adform.net/ | Name: cid Value: -5167339605253591212,0,0,0,0 |
|
.tim.it/ | Name: accessNetwork Value: Mobile |
|
.tim.it/ | Name: sessionID Value: aab513c7-1884-408d-a9ad-e2dd4fed19f0 |
|
.tim.it/ | Name: returningUser Value: newUser |
|
.tim.it/ | Name: timestamp Value: 2020-03-10 0:15:31 |
|
.tim.it/ | Name: event Value: load |
|
.tim.it/ | Name: deviceClass Value: desktop |
|
.tim.it/ | Name: screenWidth Value: 1600 |
|
.tim.it/ | Name: referrer Value: |
|
.tim.it/ | Name: screenHeight Value: 1200 |
|
.tim.it/ | Name: siteName Value: m.cortesia.tim.it |
|
.tim.it/ | Name: pageName Value: |
|
.tim.it/ | Name: pageSessionID Value: b8a14f40-9b09-4066-9a9b-84527ff842b5 |
|
.tim.it/ | Name: lang Value: en-US |
|
.tim.it/ | Name: __gads Value: ID=684e48e8a8b694b6:T=1583795730:S=ALNI_MZbmE_c-FaiJyM2YEMhQ1XEkCvVAg |
|
.tim.it/ | Name: fullPageName Value: / |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acdn.adnxs.com
adserver-eu.adtech.advertising.com
adservice.google.com
adservice.google.de
aol-match.dotomi.com
cdn.fanplayr.com
clients1.google.com
cse.google.com
currency.prebid.org
d1sdsscio5ia8n.cloudfront.net
d62mrph0xm5hi.cloudfront.net
dmp.adform.net
dvagh3p3rk8xj.cloudfront.net
e1.fanplayr.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ib.adnxs.com
img.tim.it
m.cortesia.tim.it
match.adsrvr.org
my.fanplayr.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
track.dnserror.tim.it
us-u.openx.net
www.google.com
www.googleapis.com
www.googletagservices.com
143.204.208.70
152.199.21.89
156.54.82.86
172.217.23.130
18.213.144.135
185.33.223.210
2.18.232.130
23.20.177.237
23.37.55.184
2600:9000:214f:6e00:3:f1a8:4dc0:21
2600:9000:214f:7e00:1e:70aa:55c0:21
2600:9000:214f:d200:19:2cf2:a900:93a1
2a00:1450:4001:800::2004
2a00:1450:4001:814::2002
2a00:1450:4001:815::2001
2a00:1450:4001:815::200a
2a00:1450:4001:816::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::200e
2a02:fa8:8806:16::1370
31.199.53.10
31.199.53.11
34.95.120.147
37.157.3.29
37.157.4.28
52.18.161.147
52.58.138.174
69.173.144.143
91.228.74.193
99.86.3.114
0478e7c9965ebcd54fc5d844e1bebd307cc216430da10b2865ae1ab1a09c41d7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
065c325389da0d4a250feff3f7ce767bb8ea6120f2e8ad127bf35b16361c6c92
10b67c504ece373b2ce00d09a225a1a7a75ff3aa8176174a2d18105ea72d5d6f
283e974bdbd35bc3435a4a64802e05915bec4dc4fb200c207af99b9a3c82cd12
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3b54f1bb39139f383692ac24b299af0b6c9ebf200544047542e00d1657a7aa0a
3cef258335149f1417554965c1d4434f404d8e0da7e72610fd85707d57a37265
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
426793f1e5e228a559dd012eef31287834e0e395dfea9658a073d949cac3b76c
44a160b7505f8fa006296f6a4e653819918a3c4ce134a4e76fec20d7d739b310
45afa2e68bc8972b793ff2d337d66385b294687914b569ab09ffa07fe38f0c03
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55b4032cee33ed22434b003e4c2382dd630feb1dbb0edf79b402198fb688f4fd
565f8eb931fad6416e49c443794feb3246498aee3062a6b9bd9169820ca01994
5d8d3dd3b4bcf60c39f3bb954f884540b538dd314fbde7147bf81c312475cf7d
613e6c69710d4917aea828acb94fabd4fab4e798e78ef57865038a83dbad121c
6540744576fd0642ea46bf4f2e567ea583d5974893093c05a9876467f2676621
6a33fddcd9ca0f76501495eeb00fb696e335b2f7cc7e32f2f5743eac785add81
81569aac6ee49b06af59973dea550eef1890c7c70830a74acb8d7b595a47b337
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55
927a6c9bcbb83663c7471a1bd8022813bd36e18ebb12bf490c90df1e3ee3e442
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
9d614633ff988a328f4cef62471e8576780189b0ed82e69630dfecf2c95608c6
a292c3af49568a498020caab16b2010f8dfad4ac19649094f6d9c85a206f9cd5
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
a7a62ef8526f89942caa4d4d9f864841c6ae07c08d34944186d82cf3735fe0c3
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
adb7e6990eded5ab31f3a9a9943b5cf2e60d68255abbb154ce43fe167b8bb640
b98613bf63c8e2f84acde8c8c8de598bc3ece8c15fc353f27c33f85f07074b76
b9b063fbe4c820d56723adb0faf2e7a16278544e78547d26667aa535de011539
bdab5a45cd656121670184c9dfb1375f4c34f0345ff3232c7ab1d4c4ff6e4ade
cd314aeb5ae20cff5b4f3c205ae67db140cd14dbc4f13529b906c671be89e7cb
d2bb60d52f74704fa2992749a4139440bf61e54d47c69295805be37182868907
d2ccd5167c702b43d4c6dfc47eb2503d3717ca59de8380628c01b646583564a5
d504cd42c12cd790ec6788b1a0b24ae5598f101652ef1717cbc7bf96a9b38a5f
d7d0b9e1661b76761e65b87ccfa1e5d0f6054dad970f2367f43c5df814200e4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e642c893270a85d182e583e3cf67978f583856e4c42d833e390e684914b4c8d4
ea7b831c3c0668e64aba989857f46adee0b396aae56017b7fe3a25513d7077a4
ebdc2a2615bcd328fa6b04129f5223325b4a2eec786b21387ec75a5974ccc867
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3099020f71eb82cbc1d80a1c49ecaf4a54a28e18c10e513cfffe0a62f088e4b
fa5590f4283f4db68480fb13a45d5e88a5d356a3328e8d63556efddf6ebbde67
fa7f5ffcdf8414ace14de4671147c67b777f921303b4a396072ea21d66ef11bc
ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc