fc.lc
Open in
urlscan Pro
2606:4700:3035::6815:4e94
Public Scan
Submitted URL: https://go.leechpremium.link/Next/?id=959a00d8bb0cc1626483432
Effective URL: https://fc.lc/1mGvRGW6
Submission: On July 17 via manual from NL
Effective URL: https://fc.lc/1mGvRGW6
Submission: On July 17 via manual from NL
Summary
This website contacted 24 IPs
in 7 countries
across 23 domains to perform 61 HTTP transactions.
The main IP is 2606:4700:3035::6815:4e94, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is fc.lc.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.
This is the only time fc.lc was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.
This is the only time fc.lc was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
95.217.129.163
(Helsinki, Finland)
ASN24940 (HETZNER-AS, DE)
PTR: static.163.129.217.95.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.163.129.217.95.clients.your-server.de
| go.leechpremium.link | |
| short.slink.bid |
7
2a00:1450:4001:82f::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
9
2a00:1450:4001:827::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
142.250.186.34
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
| partner.googleadservices.com |
2
2a00:1450:4001:831::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| adservice.google.de | |
| adservice.google.com |
2
2a00:1450:4001:813::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com |
7
2a00:1450:4001:809::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
1
2a00:1450:4001:830::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2a00:1450:4001:810::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Domain | Requested by | |
|---|---|---|
| 9 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
| 7 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
| 7 | pagead2.googlesyndication.com |
go.leechpremium.link
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com |
| 5 | fc.lc |
fc.lc
|
| 3 | in-page-push.com |
fc.lc
in-page-push.com |
| 2 | static.cdnativepush.com |
in-page-push.com
|
| 2 | my.rtmark.net |
phooreew.net
in-page-push.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | cdnjs.cloudflare.com |
fc.lc
|
| 2 | phooreew.net |
fc.lc
phooreew.net |
| 2 | www.google.com |
1 redirects
tpc.googlesyndication.com
|
| 2 | www.googletagservices.com |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | fonts.googleapis.com |
go.leechpremium.link
fc.lc |
| 1 | itgiblean.com | |
| 1 | toglooman.com |
phooreew.net
|
| 1 | gabblerpawners.com |
fc.lc
|
| 1 | www.googletagmanager.com |
fc.lc
|
| 1 | chirkacylal.com |
fc.lc
|
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
| 1 | leechpremium.link |
go.leechpremium.link
|
| 1 | short.slink.bid |
go.leechpremium.link
|
| 1 | ouo.io |
go.leechpremium.link
|
| 1 | go.leechpremium.link | |
| 61 | 26 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| go.leechpremium.link R3 |
2021-06-08 - 2021-09-06 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-17 - 2021-08-17 |
a year | crt.sh |
| short.slink.bid R3 |
2021-06-15 - 2021-09-13 |
3 months | crt.sh |
| leechpremium.link R3 |
2021-06-10 - 2021-09-08 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
| *.googleadservices.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
| *.google.de GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
| fc.lc Cloudflare Inc ECC CA-3 |
2021-06-08 - 2022-06-07 |
a year | crt.sh |
| chirkacylal.com R3 |
2021-05-19 - 2021-08-17 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
| phooreew.net R3 |
2021-06-29 - 2021-09-27 |
3 months | crt.sh |
| gabblerpawners.com R3 |
2021-05-12 - 2021-08-10 |
3 months | crt.sh |
| in-page-push.com R3 |
2021-05-22 - 2021-08-20 |
3 months | crt.sh |
| toglooman.com R3 |
2021-07-09 - 2021-10-07 |
3 months | crt.sh |
| *.rtmark.net Sectigo RSA Domain Validation Secure Server CA |
2020-10-27 - 2021-11-26 |
a year | crt.sh |
| cdnativepush.com R3 |
2021-07-14 - 2021-10-12 |
3 months | crt.sh |
| itgiblean.com R3 |
2021-05-17 - 2021-08-15 |
3 months | crt.sh |
This page contains 13 frames:
Primary Page:
https://fc.lc/1mGvRGW6
Frame ID: 76E507CA79BBF4FF10A4FDCC9E09CAEB
Requests: 36 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: AF449533AC222E87B0BE928F0832EEB4
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6024123809614566&output=html&h=90&slotname=8301374343&adk=2692090041&adf=548317953&pi=t.ma~as.8301374343&w=728&lmt=1626483763&psa=0&format=728x90&url=https%3A%2F%2Fgo.leechpremium.link%2FNext%2F%3Fid%3D959a00d8bb0cc1626483432&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626483763595&bpp=34&bdt=144&idt=94&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=1482795545452&frm=20&pv=2&ga_vid=1644364585.1626483764&ga_sid=1626483764&ga_hid=578694517&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=627&ady=25&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=120127827527552&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LwLx5BSxTS&p=https%3A//go.leechpremium.link&dtd=112
Frame ID: B91C6C82ADE917E112B4768AA9FFDF85
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6024123809614566&output=html&h=250&slotname=2465946931&adk=1696767751&adf=683863926&pi=t.ma~as.2465946931&w=306&fwrn=4&fwrnh=100&lmt=1626483763&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fgo.leechpremium.link%2FNext%2F%3Fid%3D959a00d8bb0cc1626483432&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626483763630&bpp=3&bdt=179&idt=83&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=1482795545452&frm=20&pv=1&ga_vid=1644364585.1626483764&ga_sid=1626483764&ga_hid=578694517&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=120127827527552&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Fwr5vE17eR&p=https%3A//go.leechpremium.link&dtd=85
Frame ID: 45215A5651B85841905B1F9E4C8E6A03
Requests: 11 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6024123809614566&output=html&h=280&slotname=6479546233&adk=2705649982&adf=3574913033&pi=t.ma~as.6479546233&w=735&fwrn=4&fwrnh=100&lmt=1626483763&rafmt=1&psa=0&format=735x280&url=https%3A%2F%2Fgo.leechpremium.link%2FNext%2F%3Fid%3D959a00d8bb0cc1626483432&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626483763633&bpp=2&bdt=181&idt=85&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C306x250&correlator=1482795545452&frm=20&pv=1&ga_vid=1644364585.1626483764&ga_sid=1626483764&ga_hid=578694517&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=451&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=120127827527552&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=R3bkvhnniA&p=https%3A//go.leechpremium.link&dtd=88
Frame ID: AEFC12D3805BCD75E802B75556497C5A
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6024123809614566&output=html&h=250&slotname=2465946931&adk=1696767751&adf=3175363789&pi=t.ma~as.2465946931&w=306&fwrn=4&fwrnh=100&lmt=1626483763&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fgo.leechpremium.link%2FNext%2F%3Fid%3D959a00d8bb0cc1626483432&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626483763635&bpp=22&bdt=184&idt=88&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C306x250%2C735x280&correlator=1482795545452&frm=20&pv=1&ga_vid=1644364585.1626483764&ga_sid=1626483764&ga_hid=578694517&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1251&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=120127827527552&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&fsb=1&xpc=KljZi2E4hk&p=https%3A//go.leechpremium.link&dtd=90
Frame ID: 3E3A8CF43F21E4911C58193A7B290591
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6024123809614566&output=html&adk=1812271804&adf=3025194257&lmt=1626483763&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgo.leechpremium.link%2FNext%2F%3Fid%3D959a00d8bb0cc1626483432&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626483763658&bpp=1&bdt=207&idt=69&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C306x250%2C735x280%2C306x250&nras=1&correlator=1482795545452&frm=20&pv=1&ga_vid=1644364585.1626483764&ga_sid=1626483764&ga_hid=578694517&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972&oid=3&pvsid=120127827527552&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=5&uci=a!5&fsb=1&dtd=73
Frame ID: 812E92CD7CE70657F647825E5163AACB
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 666BEC6522CF11C234D6951D8F55CEFD
Requests: 2 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js
Frame ID: 5EFECD34783DFAD591E43C38ADA5B7F0
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 503900DE593E67446E6A329D70CAB27E
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 75719217EBE3D553AD9DF721EE0D2C61
Requests: 1 HTTP requests in this frame
Frame:
https://phooreew.net/fac.php
Frame ID: E66EB6F09069F445029F8A9B6E5BB548
Requests: 2 HTTP requests in this frame
Frame:
https://static.cdnativepush.com/contents/s/48/15/4b/38ca44eafd323cd4fd273702f6/0625425773465.png
Frame ID: 038D34CD111D9BBD5B3892843272FB05
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://go.leechpremium.link/Next/?id=959a00d8bb0cc1626483432 Page URL
- https://fc.lc/1mGvRGW6 Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://go.leechpremium.link/Next/?id=959a00d8bb0cc1626483432 Page URL
- https://fc.lc/1mGvRGW6 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si
61 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
go.leechpremium.link/Next/ |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1020 B 511 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.css
ouo.io/css/ |
107 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
short.slink.bid/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
leechpremium.link/assets/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
134 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame AF44 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ |
244 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v13/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
207 B 661 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 570 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame B91C |
436 B 235 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame 4521 |
57 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame AEFC |
436 B 235 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame 3E3A |
436 B 235 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame 812E |
3 KB 617 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7150982879602357449
tpc.googlesyndication.com/daca_images/simgad/ Frame 4521 |
45 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 4521 |
18 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 4521 |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4521 |
124 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 4521 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 4521 |
26 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
adview
googleads.g.doubleclick.net/pagead/ Frame 4521 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame 666B |
143 B 163 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame 666B Redirect Chain
|
0 16 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4521 |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
sodar
pagead2.googlesyndication.com/getconfig/ |
11 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js
pagead2.googlesyndication.com/bg/ Frame 5EFE |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5039 |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
aframe
www.google.com/recaptcha/api2/ Frame 7571 |
783 B 531 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js
pagead2.googlesyndication.com/bg/ Frame 5039 |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 4521 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
1mGvRGW6
fc.lc/ |
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
activeview
pagead2.googlesyndication.com/pcs/ Frame 4521 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
10 KB 903 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
bootstrap.min.css
fc.lc/CustomTheme/css/ |
108 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
main.css
fc.lc/CustomTheme/css/ |
24 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
custom.css
fc.lc/CustomTheme/css/ |
47 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
modernizr.min.js
fc.lc/CustomTheme/js/vendor/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
34828
chirkacylal.com/1clkn/ |
0 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
js
www.googletagmanager.com/gtag/ |
98 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apu.php
phooreew.net/ |
53 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
32920
gabblerpawners.com/g0ifDEICMdEi6sh/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ |
86 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3072098
in-page-push.com/400/ |
83 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-29 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
toglooman.com/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fac.php
phooreew.net/ Frame E66E |
203 B 647 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
my.rtmark.net/ Frame E66E |
43 B 492 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
fuckadblock.min.js
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gid.js
my.rtmark.net/ |
65 B 537 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3072098
in-page-push.com/500/ |
4 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
3072098
in-page-push.com/500/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0625425773465.png
static.cdnativepush.com/contents/s/48/15/4b/38ca44eafd323cd4fd273702f6/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oWpJyfca_Ej4hAQ8hgJt34thOuAL9HASQ8IkkriPgRGm77jt_gLSQNfpFY7xA30D6hJhB_kbza3bcXdV7iVT3PJzc5KmTvUiMxY3plA4y3LG801NUF6IffVFIeVJ5PCbO0IxJXikJjEKz1-8H4zyCI7PrcMmEp9JipQ-VeiS93-6hV4QzKDZATBJZrcvYKX95sj-s...
itgiblean.com/impression/ |
43 B 326 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0625425773465.png
static.cdnativepush.com/contents/s/48/15/4b/38ca44eafd323cd4fd273702f6/ Frame 038D |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsWM5vVeef5F7VXDBZ9N4uKgq9O-JSgPB5NAR3OyruVmPqHgVBElqFHhnCkngqhlUSblwsuVpnAJiviiuo_eD1LkXifbAvouEdFo3tJfVJqYWvjNm3xr4BBIhAxQ&sai=AMfl-YR5bjMC0hOVoLmah2DqeOdRqRDEwrByPBP5h8oFGc5nBqkUh_V8uC8biQD8RzAxqCw8X_doDwTEDHgP&sig=Cg0ArKJSzILgDEdBbySVEAE&id=lidartos&mcvt=7385&p=150,48,400,348&mtos=7385,7385,7385,7385,7385&tos=7385,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1696767751&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosc=0&eosm=0&rst=1626483763717&dlt=344&rpt=50&isd=0&msd=0&r=u&ec=0
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Modernizr function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onClickTrigger object| j416x1ni5k object| zfgformats boolean| zfgloadedpopup object| webpushlogs function| $ function| jQuery object| today object| expiry function| setCookie function| adBlockDetected object| importFAB object| s65c function| FuckAdBlock object| fuckAdBlock8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| phooreew.net/ | Name: oaidts Value: 1626483771 |
|
| phooreew.net/ | Name: OAID Value: 1f1d02f5d98c4b1cbbd7a444891957f9 |
|
| .fc.lc/ | Name: _gid Value: GA1.2.6570696.1626483772 |
|
| fc.lc/ | Name: visitor_cookie Value: YToyOntzOjI6ImlwIjtzOjIwOiIyYTAxOjRmODoxOTI6NTQxNDo6MiI7czo0OiJkYXRlIjtzOjE5OiIyMDIxLTA3LTE3IDAxOjAyOjUxIjt9 |
|
| .fc.lc/ | Name: _gat_gtag_UA_90563943_1 Value: 1 |
|
| .fc.lc/ | Name: __PPU_BACKCLCK_3544249 Value: true |
|
| .fc.lc/ | Name: _ga Value: GA1.2.1686036725.1626483772 |
|
| fc.lc/ | Name: AppSession Value: rck0j9cbv7n2i8q1q79es8gvh5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
chirkacylal.com
fc.lc
fonts.googleapis.com
fonts.gstatic.com
gabblerpawners.com
go.leechpremium.link
googleads.g.doubleclick.net
in-page-push.com
itgiblean.com
leechpremium.link
my.rtmark.net
ouo.io
pagead2.googlesyndication.com
partner.googleadservices.com
phooreew.net
short.slink.bid
static.cdnativepush.com
toglooman.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
139.45.195.8
139.45.197.15
139.45.197.188
139.45.197.236
139.45.197.239
142.250.186.34
149.56.15.44
172.255.6.150
2606:4700:10::ac43:697
2606:4700:3035::6815:4e94
2606:4700::6810:135e
2a00:1450:4001:800::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
5.135.94.138
95.217.129.163
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bfa9b1629f8060bbddfae32fbd6dfd8b9b18c0d39ef5041b4ea12469712fff8
147b08aa6afaa0b704ebedb56d0b146a7e33600a971e5d20773b3371db70be11
177ee528fcc20d400db4259fad6c41ef58f4ed471857438b3997419af3c53a03
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
29668aa7f188f36995a10e199ab3049f2d9e9cf427201f10657ad5c599a3591d
2a324b929727cfcb4053b8d1f939a7831ba17d8a75760efd937b58bbe207e82a
2d60c95ac438e1d7847f13dfed8e079876d9d75999fadae39cebe4a7ed3f67a1
49a98b00729462b3c876cc32f056bbd51733a190c4fcb5a4a1658e9a6f1ccfa6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2
6b5b2f81a4b1c196b9c02b6c3044ff23b6e9e8eb9b0aed98c3b8e02c0a542825
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed1058fa9599babfa419bbbee2c283127e998f94580b5b4b1ad61291c4e1414
73ac15b16335c6b4f1e12b4b52b843077b8a0a36e3812f505b3f28e58ab13ff4
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
77a3d1637a30c2531b7a7a5f1f8fc069242a5e4a9d4ba3bc30bfcfb4f199263e
7a2149331be4d63738ffd1e3a24520c02599f50c5f5e4f8a43a2b7930325cf54
8083ccf1a360c84185bf8bd1894c4c69b5196659a3c57184551795d79f4ef86d
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
83521aad7c96625246ef4168f1d84d12b0652e8eb61ad0875066fee1fa797daf
89e38ae45e4ab6870530ad77bc793c32dcb03a600156b9930ffe3104f6702b25
8dbfb4c31866ed42aa4ea43b48cf04f4a0b1de6c36885a86c1f96469c9c83804
8f18cf892dcf9bee9190d075020a1640ce96f012d399790af20a7c0d8bddb072
8f51ecf45f47a048a73531b89661d33ef5a3953e0cf4c0a11457907475ecc152
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
9621a51624f328961da6e3e678864214c37532aee2f7585f654d16c625412c83
97bc2ba1760c19433112e19181da6584d22c3651e981dca37aeab704cd889038
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56c62be9652c7b6b85be1e24dab707f15623d73cde436958c4ef74e3b5b68d7
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a65e82bc53a78f177ecea2ba5e361c539e5f42262f1e0ca3ff94c38fdf53dca3
b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28
b62d3ff7ec9f5543b6d6a2429170ed375b550d869b90d9886464143cd89b83ef
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bcaccbe557369e39b6a7918837ff9bd82dc1a4108998320bf1dd6924363237f9
bef6c0a541d5e688a05cbcef6df9449126854f1f4f0cf84ff923bc9223bd11eb
bff7d7daab7b0e2e15cfb4777e0a550049554e9b391d519f9f2f3196275d5f34
c484670baf7864465e8032b6ea9b2f40880bba770c7f965e674ea14ac76bb21e
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
dc20ef219f193a7c741f5de1fa5e74a19e8a790527aec084c937b3a4e97411cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
ed1536d62fee5a13cbeb5c138af68eaeb8607dea18c40db59454a6d2745813cc
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629