wheel-monkey-ua.pu020ev.com
Open in
urlscan Pro
2606:4700:20::ac43:4670
Public Scan
Effective URL: https://wheel-monkey-ua.pu020ev.com/
Submission: On October 16 via manual from UA — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2023. Valid for: a year.
This is the only time wheel-monkey-ua.pu020ev.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-5-115.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com |
ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-44-146.eu-central-1.compute.amazonaws.com
match.sharethrough.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv |
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-219-8.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-92-83.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-192-150.eu-west-1.compute.amazonaws.com
ad.360yield.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-114-228.eu-central-1.compute.amazonaws.com
exchange.mediavine.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-44-193.compute-1.amazonaws.com
jadserve.postrelease.com |
ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com
ad.yieldlab.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-73-161.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-106-121.eu-central-1.compute.amazonaws.com
e1.emxdgt.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-67.eu-west-1.compute.amazonaws.com
beacon.krxd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-229-41.us-east-2.compute.amazonaws.com
s.thebrighttag.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
pu020ev.com
1 redirects
wheel-monkey-ua.pu020ev.com |
1 MB |
10 |
criteo.com
4 redirects
dynamic.criteo.com — Cisco Umbrella Rank: 4198 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 sslwidget.criteo.com — Cisco Umbrella Rank: 2408 dis.criteo.com — Cisco Umbrella Rank: 648 |
33 KB |
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
428 KB |
3 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 261 |
2 KB |
3 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
35 KB |
2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 242 |
2 KB |
2 |
casalemedia.com
1 redirects
r.casalemedia.com — Cisco Umbrella Rank: 1837 |
1 KB |
2 |
yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363 |
140 B |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 255 |
1 KB |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250 |
317 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
150 KB |
1 |
thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2648 |
268 B |
1 |
krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 903 |
338 B |
1 |
emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2433 |
44 B |
1 |
yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2848 |
38 B |
1 |
yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4701 |
400 B |
1 |
tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2985 |
399 B |
1 |
pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 959 |
581 B |
1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 900 |
145 B |
1 |
postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1252 |
423 B |
1 |
mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1304 |
883 B |
1 |
ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10624 |
274 B |
1 |
360yield.com
ad.360yield.com — Cisco Umbrella Rank: 761 |
199 B |
1 |
id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470 |
921 B |
1 |
omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 773 |
386 B |
1 |
adform.net
cm.adform.net — Cisco Umbrella Rank: 1279 |
164 B |
1 |
3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434 |
140 B |
1 |
teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2637 |
163 B |
1 |
taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1598 |
99 B |
1 |
smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898 |
163 B |
1 |
sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621 |
35 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 409 |
239 B |
1 |
media.net
contextual.media.net — Cisco Umbrella Rank: 780 |
786 B |
1 |
bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387 |
146 B |
66 | 34 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-09 - 2024-07-08 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2023-12-23 |
3 months | crt.sh |
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2023-03-23 - 2024-03-23 |
a year | crt.sh |
*.media.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-02-18 |
a year | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-05 - 2024-04-03 |
a year | crt.sh |
*.sharethrough.com Amazon RSA 2048 M01 |
2023-06-14 - 2024-07-12 |
a year | crt.sh |
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-21 - 2024-01-23 |
a year | crt.sh |
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-12-08 - 2023-12-31 |
a year | crt.sh |
teads.tv R3 |
2023-10-09 - 2024-01-07 |
3 months | crt.sh |
*.3lift.com Amazon RSA 2048 M02 |
2023-04-13 - 2024-05-11 |
a year | crt.sh |
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2023-08-03 - 2024-01-24 |
6 months | crt.sh |
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-25 - 2024-06-18 |
a year | crt.sh |
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA |
2023-06-23 - 2024-07-22 |
a year | crt.sh |
*.id5-sync.com R3 |
2023-09-01 - 2023-11-30 |
3 months | crt.sh |
*.360yield.com Amazon RSA 2048 M01 |
2023-05-29 - 2024-06-26 |
a year | crt.sh |
itm.ivitrack.com R3 |
2023-10-15 - 2024-01-13 |
3 months | crt.sh |
exchange.mediavine.com Amazon RSA 2048 M02 |
2023-06-06 - 2024-07-04 |
a year | crt.sh |
*.postrelease.com Amazon RSA 2048 M01 |
2023-03-01 - 2023-12-25 |
10 months | crt.sh |
*.outbrain.com Thawte RSA CA 2018 |
2022-11-06 - 2023-11-28 |
a year | crt.sh |
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2023-04-20 - 2024-05-20 |
a year | crt.sh |
*.tremorhub.com Amazon RSA 2048 M01 |
2023-02-22 - 2024-03-23 |
a year | crt.sh |
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-17 - 2024-09-17 |
a year | crt.sh |
*.ads.yieldmo.com Amazon RSA 2048 M01 |
2023-04-04 - 2024-05-02 |
a year | crt.sh |
*.emxdgt.com Amazon RSA 2048 M01 |
2023-05-03 - 2024-05-31 |
a year | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2023-02-13 - 2024-03-15 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://wheel-monkey-ua.pu020ev.com/
Frame ID: 8E55F786015BF2E36EF630923926AE0B
Requests: 27 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly93aGVlbC1tb25rZXktdWEucHUwMjBldi5jb206NDQz&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=invisible&cb=k3bplf8knpks
Frame ID: 5D991C82D40A04AF0C956C1B1880D607
Requests: 7 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=wheel-monkey-ua.pu020ev.com&origin=onetag
Frame ID: E47FA6FEEBAA27E869CF1EA114C366D5
Requests: 2 HTTP requests in this frame
Frame:
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zIiC2EtfU-f2j5PZVCftNwTnDwWMQ4WQ9VZ86g&google_gid=CAESEEReldGtAUTOfq19sPZIpFs&google_cver=1&google_ula=913071,0
Frame ID: D91FB4B1DCC8B272256C308A4BDC301C
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
Крути колесо! Отримуй подарунки!Page URL History Show full URLs
-
http://wheel-monkey-ua.pu020ev.com/
HTTP 301
https://wheel-monkey-ua.pu020ev.com/ Page URL
Detected technologies
AppNexus (Advertising Networks) ExpandDetected patterns
- adnxs\.(?:net|com)
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: з правилами та умовами
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wheel-monkey-ua.pu020ev.com/
HTTP 301
https://wheel-monkey-ua.pu020ev.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://gum.criteo.com/sid/json?origin=onetag&domain=pu020ev.com&sn=ChromeSyncframe&so=0&topUrl=wheel-monkey-ua.pu020ev.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=Bm-1IXxpL1MrQ2lLNGJSejRkK1hENWsrWitJSVR0UlEwalNTc2xHdm9BZUkzL21pcHQvZEREUW5KTnp3eHp6TWJKckxCWDJYZG5zOEdJTjVzbncyVzNUOStreFFpZDQ4SnZKZytyTFNEcmZZYjloL2d3R09UVnVjbTQzSmRzb0llRkkybWdtN3o4NGJsNDN2YzJuNklzYjYzVHFQSnZnbnkvSFRUclJHSTZXdEU2ZEVmaG9hTFhTVXQ3K1AvZXhnZk5EejRMV0xGM0NGQ0pjM0Z2T0lya2d5VWQ5K2tmNllKQWFITUZaWXkvQ0ZWcExXeGpIUmF3ZnozQ3ZMYWdqd2NiT0g0T0tVc29FSCtTTU55TjY1alFNN1F5dz09fA&cppv=2
- https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-zIiC2EtfU-f2j5PZVCftNwTnDwWMQ4WQ9VZ86g&google_cm&google_hm=ay16SWlDMkV0ZlUtZjJqNVBaVkNmdE53VG5Ed1dNUTRXUTlWWjg2Zw HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-zIiC2EtfU-f2j5PZVCftNwTnDwWMQ4WQ9VZ86g&google_cm=&google_hm=ay16SWlDMkV0ZlUtZjJqNVBaVkNmdE53VG5Ed1dNUTRXUTlWWjg2Zw&google_tc= HTTP 302
- https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zIiC2EtfU-f2j5PZVCftNwTnDwWMQ4WQ9VZ86g&google_gid=CAESEEReldGtAUTOfq19sPZIpFs&google_cver=1&google_ula=913071,0
- https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
- https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=230069611948503078
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-lfISRUtfU-f2j5PZVCftNwTnDwVqmfwlRVmqNg HTTP 302
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-lfISRUtfU-f2j5PZVCftNwTnDwVqmfwlRVmqNg&C=1
- https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
- https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nCNVOvBdl8RaB63jp2F3dHWKTdIbuc_H HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nCNVOvBdl8RaB63jp2F3dHWKTdIbuc_H
- https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=BV-WyjbQfosVoKOFaxa6w96Q2WZIAoRK
- https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
- https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=YZJJIcNjH6YGup-URIPNXoqK8Rs2ZwnR
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
wheel-monkey-ua.pu020ev.com/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
wheel-monkey-ua.pu020ev.com/ |
38 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_casino_ua.svg
wheel-monkey-ua.pu020ev.com/img/logo/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-age.svg
wheel-monkey-ua.pu020ev.com/img/other/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enterprise.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
wheel-monkey-ua.pu020ev.com/ |
69 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
187 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
wheel-monkey-ua.pu020ev.com/img/ |
135 KB 136 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coins.png
wheel-monkey-ua.pu020ev.com/img/ |
47 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wheel-holder-girl.png
wheel-monkey-ua.pu020ev.com/img/ |
288 KB 289 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
subwheel.png
wheel-monkey-ua.pu020ev.com/img/ |
92 KB 93 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wheel-lamps-active.png
wheel-monkey-ua.pu020ev.com/img/ |
61 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wheel-ua.png
wheel-monkey-ua.pu020ev.com/img/ |
167 KB 168 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wheel-center-girl.png
wheel-monkey-ua.pu020ev.com/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wheel-win-frame-girl.png
wheel-monkey-ua.pu020ev.com/img/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.png
wheel-monkey-ua.pu020ev.com/img/ |
649 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
monkey.png
wheel-monkey-ua.pu020ev.com/img/ |
61 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pinup-Black.woff
wheel-monkey-ua.pu020ev.com/fonts/src/fonts/Pinup-Black/ |
100 KB 100 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff2
wheel-monkey-ua.pu020ev.com/fonts/src/fonts/Roboto-Regular/ |
64 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pinup-Regular.ttf
wheel-monkey-ua.pu020ev.com/fonts/src/fonts/Pinup-Regular/ |
274 KB 275 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ |
463 KB 186 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ukraine.png
wheel-monkey-ua.pu020ev.com/img/country/ |
103 B 444 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
243 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/enterprise/ Frame 5D99 |
59 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 263 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame 5D99 |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame 5D99 |
463 KB 185 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5D99 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5D99 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5D99 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/enterprise/ Frame 5D99 |
102 B 135 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.js
dynamic.criteo.com/js/ld/ |
46 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame E47F |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Frame E47F Redirect Chain
|
428 B 655 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
sslwidget.criteo.com/ |
10 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D91F Redirect Chain
|
43 B 369 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
x.bidswitch.net/ Frame D91F |
43 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D91F Redirect Chain
|
43 B 369 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cksync.php
contextual.media.net/ Frame D91F |
53 B 786 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame D91F |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
match.sharethrough.com/sync/ Frame D91F |
0 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
rtb-csync.smartadserver.com/redir/ Frame D91F |
43 B 163 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D91F |
0 99 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
um
criteo-sync.teads.tv/ Frame D91F |
23 B 163 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Frame D91F |
37 B 140 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/58301/ Frame D91F |
0 125 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.adform.net/ Frame D91F |
43 B 164 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Frame D91F |
49 B 386 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rum
r.casalemedia.com/ Frame D91F Redirect Chain
|
43 B 325 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame D91F Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.gif
id5-sync.com/s/966/ Frame D91F |
43 B 921 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match
ad.360yield.com/ Frame D91F |
43 B 199 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
matching.ivitrack.com/ Frame D91F |
42 B 274 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push
exchange.mediavine.com/usersync/ Frame D91F |
0 883 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1017
jadserve.postrelease.com/suid/ Frame D91F |
43 B 423 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Frame D91F |
0 145 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
simage2.pubmatic.com/AdServer/ Frame D91F |
42 B 581 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
criteo-partners.tremorhub.com/ Frame D91F |
43 B 399 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m
ad.yieldlab.net/ Frame D91F |
0 400 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
sync-criteo.ads.yieldmo.com/ Frame D91F |
0 38 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
put
e1.emxdgt.com/ Frame D91F |
0 44 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/58301/ Frame D91F |
0 15 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
ib.adnxs.com/ Frame D91F |
43 B 845 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame D91F Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs
s.thebrighttag.com/ Frame D91F Redirect Chain
|
35 B 268 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| landingConfig object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| siteLink object| phonePattern object| links object| pageState object| formNotif object| google_tag_manager object| google_tag_data object| recaptcha object| closure_lm_762213 function| onYouTubeIframeAPIReady object| gaGlobal object| criteo_q object| Criteo28 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.pu020ev.com/ | Name: __cf_bm Value: pMO5MqwueoZeK3h9NLLNFGgZCe8Z86X7KBwmrnpu244-1697457342-0-Af45fcRZbBBIYaGWY8oRUxnRfGsDfZ714YILGJB4LDdYQ5SyvUKf15X+lsKFNU0xtKYoop33ZbfqQo4ScC3LYIk= |
|
.pu020ev.com/ | Name: _ga Value: GA1.1.711110296.1697457342 |
|
.pu020ev.com/ | Name: _ga_ZEMNLVRX5B Value: GS1.1.1697457342.1.0.1697457342.0.0.0 |
|
.criteo.com/ | Name: uid Value: a74b6bcd-aa94-48e3-9e03-f8a42d09d767 |
|
.pu020ev.com/ | Name: cto_bundle Value: 6UDu9V9mYmlNR0VwSkFYWm4lMkZSYnFnQkx5OVp6NTNyQnpzaEI1aGViZ05ZV0JXbkhMckpyRURNJTJCMTZLZmQwMUpkTHVHRGs1TDBXTWloaEczUnE0UWM3VW12JTJGWG1obXlFT1dtRkV4U2FXVWhEUWNub3BqTk1SR3NTeUZBRlBHbUJBazlUaCUyRkVyalhnWFRBV1lGUHBVa3NjYm9iZyUzRCUzRA |
|
.adnxs.com/ | Name: uuid2 Value: 230069611948503078 |
|
.media.net/ | Name: visitor-id Value: 3404589448173186000V10 |
|
.media.net/ | Name: data-c-ts Value: 1697457344 |
|
.media.net/ | Name: data-c Value: k-qS0biUtfU-f2j5PZVCftNwTnDwVsGGNN4Lcp2A~~3 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUma8rzzolAHjztfXt8AR8jTDTp0FxiwdG0aGk38SAdpoPR0nR_hekYmOXvQD9k |
|
.demdex.net/ | Name: demdex Value: 14747992187145586751643063778337051458 |
|
.casalemedia.com/ | Name: CMID Value: ZS0kwNupOyLPW-FyFq2P8gAA |
|
.casalemedia.com/ | Name: CMPS Value: 2132 |
|
.casalemedia.com/ | Name: CMPRO Value: 2132 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/rCxrEQF']wIg2H`bv?nsH!@wnfH1YdP.dEXlSkg+sWAEr*B-=_%VvDrw+E!^KW9#[R-l8af-t_Iz(srj9*$sEJ2tbg3UFh<!%nugO%v4VB%npFa+QN1p |
|
.dpm.demdex.net/ | Name: dpm Value: 14747992187145586751643063778337051458 |
|
exchange.mediavine.com/ | Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22efbeea40-6c1a-11ee-9443-bf67729ce699%22%2C%22version%22%3A%22eu-v1%22%7D |
|
exchange.mediavine.com/ | Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22efbeea40-6c1a-11ee-9443-bf67729ce699%22%2C%22version%22%3A%22eu-v1%22%7D |
|
exchange.mediavine.com/ | Name: am_tokens Value: %7B%22mv_uuid%22%3A%22efbeea40-6c1a-11ee-9443-bf67729ce699%22%2C%22version%22%3A%22eu-v1%22%7D |
|
exchange.mediavine.com/ | Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22efbeea40-6c1a-11ee-9443-bf67729ce699%22%2C%22version%22%3A%22eu-v1%22%7D |
|
exchange.mediavine.com/ | Name: criteo Value: %7B%22id%22%3A%22k-T9kjFktfU-f2j5PZVCftNwTnDwXEb8Ip-0TTTg%22%2C%22version%22%3A%22criteo%22%7D |
|
.pubmatic.com/ | Name: KRTBCOOKIE_97 Value: 3385-uid:k-e6KRsUtfU-f2j5PZVCftNwTnDwXSc7J8W26kUg&KRTB&23144-uid:k-e6KRsUtfU-f2j5PZVCftNwTnDwXSc7J8W26kUg&KRTB&23286-uid:k-e6KRsUtfU-f2j5PZVCftNwTnDwXSc7J8W26kUg&KRTB&23287-uid:k-e6KRsUtfU-f2j5PZVCftNwTnDwXSc7J8W26kUg |
|
.pubmatic.com/ | Name: PugT Value: 1697457344 |
|
.krxd.net/ | Name: _kuid_ Value: P27xuZWw |
|
.omnitagjs.com/ | Name: ayl_visitor Value: 59248a943e4cc5169ddef75898418a87 |
|
.postrelease.com/ | Name: opt_out Value: 1 |
|
.tremorhub.com/ | Name: tvid Value: 1cd1448359394b9b839d2515ee4ac70e |
|
.tremorhub.com/ | Name: tv_UICR Value: k-9d6QP0tfU-f2j5PZVCftNwTnDwUs-L4Q_lxHxQ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
wheel-monkey-ua.pu020ev.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.102.35.84
104.18.27.193
13.248.245.213
141.226.228.48
162.19.138.118
172.217.16.194
178.250.1.11
178.250.7.11
18.158.5.115
18.159.114.228
185.64.191.210
185.86.138.152
185.89.210.101
2001:4860:4802:32::36
23.32.185.192
2600:1f18:612b:4264:9ca0:e35:54d2:840d
2606:4700:20::681a:70
2606:4700:20::ac43:4670
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2003
2a02:2638:3::c
2a02:2638:d::10
3.13.229.41
3.75.62.37
34.117.157.22
34.243.192.150
34.246.73.161
34.255.92.83
37.157.6.237
52.210.15.67
52.59.106.121
54.146.44.193
54.216.219.8
54.93.44.146
64.202.112.159
69.173.144.165
95.101.148.20
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
19318d4dfef9ee4fc4c3643e240bc5b0bb34b128bcab9348686f069918992681
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
307089d062b718eff37c8da07c14adaa70c4610a6c58f55409cddaee3d25f153
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
348f68587ca13103b91047fb3352939f0984e4752b265f7982a07e68e38bccd2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44a3407fcb95b25e7e83dc24ec2be69681e202e8f5875b96f045b0f4bc82abd8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5683f372b6c9e745557b4a869bc3af385b0cd7d910656e2ee13a7dda938a841b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b27cb21ba619ce18df902c308446ee513e994d362463a72d33120c749d04c62
6ec00afe58c6f4ad8dbed3d3d4a695b921eb341dd2e3c2ddd08c11d1bfecc472
6f62f51295d471a285e41bf8063c23b6046ee2770a5c0baa55a5a7ed04251d22
71771627d8ada0ccb5a6879526033bb708b62009c1aa8cfb6de8140a6db50eda
73bf18711d82dd3ed73df628f2a2a34e960eb2808dbe3e306ee98027adb0d11c
769962ab7a07c4983d99a56f89f1b55e54dbeea7d50a24e796d42e4c02610a91
7857676d2ce89c1c210fc95d93c194d7057ecafbcee7fd4afcd365eb7f765416
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
80c8bb6bf66c46435df221886636eaaf7a09cbfcfc5a1eb9f151dab9ea500575
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88497b263709a9ee6e64ac2362a48fe1d814930ac07aee37e061f07084db8950
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9635b1681d35eda5f0da5f6c85938f1c4d458a4c214b1b25ef5430a04665b9cd
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a05f8d9acccee22afe3a1fa6f5a240c6e6780fd67f305b5bcb157e31fc1f1696
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a351ab4c734f69fcc4e1be4452c778cd77b71a49f6d7451e6b7c6f38da43e26b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c056dc7b16dcf412df595316cd04072a9e78282e44bc693ee0a7c6460f57a0e6
c0da822bb8b46abe6be1db3368c5f10c763d108231f03cd62607784f922638d0
c4958589eec00918eac9f4dad13664b4822a93ae1cf6d5871de94b1289cba614
c9c9971ba182f75861548dd6d5fbb0ec4363a2b554bd46dae22348b7ae0fc6bb
d0071e5cf68a74c19bd55355486916183bff7afa7f1d16aea03e04736aa621e3
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d20c46876d511930162cf573132a3f2bb0d12d59fb5e1aed89ecfac8f65636f4
d429a067d8872b5582e0b745e6c255f4675aeb70bc1dcc53fe5144dcf8679a7c
d954480ec88a282cf80ea90557fe0a50693c488f42a38d22ca57cb7ac0539f17
ddd26a96b8eb2a9204b4e825728f3b510d438488dca20b7f241788120b443690
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9609fd456f56abc101323bfb462aa60e0a6199599a14a4ea258645b875e2145
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629