ch.fidanto.com
Open in
urlscan Pro
34.142.63.26
Public Scan
Submission: On March 15 via manual from US — Scanned from GB
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 8th 2022. Valid for: a year.
This is the only time ch.fidanto.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: mail-eu.fidanto.com
ch.fidanto.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
s.clickiocdn.com |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
clickiocdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-31-77.cdg3.r.cloudfront.net
c.amazon-adsystem.com |
ASN15169 (GOOGLE, US)
adservice.google.ca | |
adservice.google.de |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com |
ASN15169 (GOOGLE, US)
11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com |
Domain | Requested by | |
---|---|---|
16 | ch.fidanto.com |
ch.fidanto.com
|
14 | fundingchoicesmessages.google.com |
ch.fidanto.com
|
9 | clickiocdn.com |
s.clickiocdn.com
|
7 | pagead2.googlesyndication.com |
ch.fidanto.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
4 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
3 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net |
3 | c.amazon-adsystem.com |
s.clickiocdn.com
c.amazon-adsystem.com |
2 | adservice.google.com |
pagead2.googlesyndication.com
securepubads.g.doubleclick.net |
2 | partner.googleadservices.com |
www.google.com
pagead2.googlesyndication.com |
2 | www.google.com |
ch.fidanto.com
tpc.googlesyndication.com |
1 | 11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.de |
securepubads.g.doubleclick.net
|
1 | aax-dtb-cf.amazon-adsystem.com |
c.amazon-adsystem.com
|
1 | adservice.google.ca |
pagead2.googlesyndication.com
|
1 | www.googletagservices.com |
s.clickiocdn.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | s.clickiocdn.com |
ch.fidanto.com
|
1 | www.googletagmanager.com |
ch.fidanto.com
|
73 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
fidanto.com |
www.facebook.com |
www.linkedin.com |
clickio.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.fidanto.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-08 - 2023-08-08 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
s.clickiocdn.com R3 |
2023-01-22 - 2023-04-22 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
adlmerge.com R3 |
2023-02-21 - 2023-05-22 |
3 months | crt.sh |
c.amazon-adsystem.com Amazon |
2022-05-09 - 2023-04-18 |
a year | crt.sh |
*.google.ca GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
aax-dtb-mobile-cf.amazon-adsystem.com Amazon |
2022-06-15 - 2023-06-15 |
a year | crt.sh |
*.google.de GTS CA 1C3 |
2023-03-02 - 2023-05-25 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Frame ID: 6487D3A8ADDFC74150539F89D87A2987
Requests: 64 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/zrt_lookup.html
Frame ID: A403FE3E8E4936E49ABBBBD65BECA6F2
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&adk=1812271804&adf=3025194257&lmt=1678919848&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848050&bpp=5&bdt=372&idt=322&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8394675603344&frm=20&pv=2&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=343
Frame ID: CB591A5F92431F85821D72995E077446
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&h=280&slotname=6420452047&adk=304266974&adf=4106258812&pi=t.ma~as.6420452047&w=413&fwrn=4&fwrnh=100&lmt=1678919848&rafmt=1&format=413x280&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848055&bpp=2&bdt=376&idt=345&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8394675603344&frm=20&pv=1&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=156&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IYSW85mNuJ&p=https%3A//ch.fidanto.com&dtd=351
Frame ID: CBBB6D47347ACE6572794F6BE8F895CD
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&h=280&slotname=8998475933&adk=916995485&adf=175616407&pi=t.ma~as.8998475933&w=817&fwrn=4&fwrnh=100&lmt=1678919848&rafmt=1&format=817x280&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848057&bpp=1&bdt=378&idt=362&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C413x280&nras=1&correlator=8394675603344&frm=20&pv=1&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1JSQqyvOGx&p=https%3A//ch.fidanto.com&dtd=366
Frame ID: 84C1BD04316F8A59F85F65103F1DCA77
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6AAAA5D6824A10802F2D25B0C25DD43
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 557BE88D6EA9341F46858E71A7117339
Requests: 2 HTTP requests in this frame
Frame:
https://11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB816357594D418AC2B251E04B438088
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Manpower - BauführerIn / technische LeiterIn 80–100% (w/m) in BernDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutzrichtlinien
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Ads by
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/ |
107 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
242 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
ch.fidanto.com/libraries/bootstrap-5.2.2-dist/css/ |
190 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
ch.fidanto.com/resources/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub-0395552592979143
fundingchoicesmessages.google.com/b/ |
10 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads.js
www.google.com/adsense/search/ |
140 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fidanto_logo.webp
ch.fidanto.com/resources/images/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo100x100.png
ch.fidanto.com/resources/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_facebook.webp
ch.fidanto.com/resources/images/ |
422 B 493 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_twitter.webp
ch.fidanto.com/resources/images/ |
266 B 338 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_linkedin.webp
ch.fidanto.com/resources/images/ |
200 B 270 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.webp
ch.fidanto.com/resources/images/ |
354 B 426 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-footer.webp
ch.fidanto.com/resources/images/ |
100 B 147 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin-footer.webp
ch.fidanto.com/resources/images/ |
152 B 199 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
142 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
360_light.js
s.clickiocdn.com/t/227250/ |
441 KB 167 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub-0395552592979143
fundingchoicesmessages.google.com/i/ |
126 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
ch.fidanto.com/resources/ |
27 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
ch.fidanto.com/libraries/bootstrap-5.2.2-dist/js/ |
79 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
job-detail.js
ch.fidanto.com/resources/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Nunito-VariableFont_wght.ttf
ch.fidanto.com/resources/fonts/Nunito/ |
269 KB 271 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
281 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxX-aTuiuIvyaIUaoftnaMZ2865hg2K1a4ThpH8-klH1QEa1Ed3Rv6trC4IcOnC6011glvV8bz30GJBficn06Va4hg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
362 B 591 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxW1GgyF1ryzTW9GvMm_8CbNcoDWk8AKruoxscLmMPN9atTjg9mBy5HC5COxb4og4K-9GhV_p3rtrSxtJMlPdl8=
fundingchoicesmessages.google.com/f/ |
13 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/ |
365 KB 121 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/ Frame A403 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
79 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/hbadx/ |
46 B 175 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
222 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/clickiotag_log/ |
83 B 210 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/clickiotag_log/ |
83 B 209 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
389 B 323 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.ca/adsid/ |
107 B 531 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame CB59 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame CBBB |
436 B 377 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2023030901.js
securepubads.g.doubleclick.net/gpt/ |
395 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
111 B 620 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 84C1 |
436 B 380 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
0 308 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
profileMessages.php
ch.fidanto.com/api/ |
47 B 115 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6AA |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 557B |
783 B 957 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame A6AA |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
px.gif
fundingchoicesmessages.google.com/img/ |
43 B 69 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
px.gif
fundingchoicesmessages.google.com/img/ |
43 B 68 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 557B |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame A6AA |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/utr/logst_st/c2lkPX4yMjcyNTAmYWN0PTM2MGx+Y21ufnNfY2RuXzEmdXJsPX5jaC5maWRhbnRvLmNvbSZ2Y250PTMmX2Y9X19seEdfXy50bXAubG9nc3RfdG43cDB4eHMza25uemFxOA/ |
38 B 206 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/utr/logst_sa/c2FpZD03MDIwODh+NzA0Mzk1fjcxMDUyN343MTA1MjZ+NzEwNTI1fjcwMzEzNH43MDMxMzN+Njk3OTA1fjY5NzkwNH42OTc5MTF+Njk3OTA5fjY5NzkxMH42OTc5MDh+NzAyMDkxfjcwMjQxNX4tfjY5Nzg5OH42OTc4OTZ+N... |
38 B 206 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adv
fundingchoicesmessages.google.com/f/AGSKWxVCoL5igZV3jo8vmZG0mpfNQj6AQioxzoOakx-B7boIGEtJDGQ3QIlzKyKApuR2OtBDHUL6bAkO9PBc9Z3PU1LpJ2YIaZ3fcSmO-ptuWrxAFIaAoyh1Npi_1tac9NN-AJd78YuU28iqzdxdGZRRByzVbUhEy... |
54 B 109 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ |
47 B 67 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==
fundingchoicesmessages.google.com/el/ |
0 29 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxVAEFSr48yMeJD5ALdlQKxxgbxZhV7oT0x-vJXToZuKyg8F2LSdfj4UvmofFSK_e7sI-jj9FfYbtYtEQ34WN8xkrY6YcAkdInOoliV3WYbSkCQ1LBeUcypKeSgS_hDYLVyTlR4Rnw==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxU0sbmo1NC8-WWlziICdadrsjtxEks6A2KLfByNoCzIbWxVajjM1wJOWtwTrAZgA6JD0zYB9uMNbu6rQjRSQKD5_6iT80f3OUruL1H3Vh3-M0aact5gChyqt9hBQYs0rvL8qhIEvw==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ |
23 B 463 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 531 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 165 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
510 B 873 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB81 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/clickiotag_log/ |
83 B 210 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/utr/logst_sa/c2FpZD1+NzAyNDE1JnNzaWQ9fjEmYWN0PWR5bl9wZ19wb3NfZnN+Z19ldl9zcmVuZH5nX2V2X3NyZW5kX2V+Z19ldl9zcmVuZF9lX2xsdl80MDB4MzAwZH5nX2V2X3NyZW5kX2xsdl80MDB4MzAwZH5nX2V2X3NyZXF+Z19ld... |
38 B 206 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/utr/logst_hb/c2lkPTIyNzI1MCZ1cmw9Y2guZmlkYW50by5jb20mcmVxPWFtYXpvbjo3MDI0MTUsMTo6cnViaWNvbjo3MDI0MTUsMTo6b3Blbng6NzAyNDE1LDE6OmNyaXRlbzo3MDI0MTUsMTo6aW1wcm92ZWRpZ2l0YWw6NzAyNDE1LDE6O... |
38 B 206 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
clickiocdn.com/utr/scmps/ |
42 B 158 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
132 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless function| getUrlVars object| urlVars function| gtag object| dataLayer function| __h82AlnkH6D91__ function| _googCsa object| adsbygoogle object| __lxGc__ object| pageOptions object| adblock1 object| adblock2 function| sendReport function| pushErrorText function| checkReportOptions function| applyJobV4 function| SendApply function| applyJob function| displayAd function| showFull function| getNumberMessages function| postData function| getTalentJobs function| onFacebookSignIn function| statusChangeCallback function| GetDataFace function| facebookSignOut function| onGoogleSignIn function| onGoogleSignInv4 function| googleSignOut function| loadGapi function| returnPage function| createUser function| createUserv4 function| logout function| StartLogin function| shareFacebook function| shareTwitter function| shareLinkedin function| isMobile function| applyToJob function| openAd function| getPage function| removeErrorText function| addErrorText function| checkReportOption function| showAlertReport function| CreateAlert function| DrawFrase function| SetAlert function| notificationSwitch function| privacySwitch function| setCompanyAdmin function| reportCompany function| acceptCookies function| checkCookie function| loadJS function| fbAsyncInit number| uidEvent object| bootstrap function| jspbGetTypeName function| __p4qa8r1lb17__ string| cHViLTAzOTU1NTI1OTI5NzkxNDM= object| google_tag_manager object| google_tag_data object| gaGlobal number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| OTlkYmIzMWZmZDUwZTFlY2xvYWRlcl9qcw== string| OTlkYmIzMWZmZDUwZTFlY2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| __lxG__ object| __lxGr__ object| __lxGp__ object| __lxG227250__ object| pbjs object| lxpbjsdfp object| googletag object| apstag function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| apstagLOADED object| apscustom object| _aps object| GoogleGcLKhOms object| google_image_requests boolean| google_empty_script_included boolean| 53ec0e9f-ec55-4295-a501-d26494007c7b object| clickio_pbjsChunk7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fidanto.com/ | Name: _ga_XBG0V08G1N Value: GS1.1.1678919848.1.0.1678919848.0.0.0 |
|
.fidanto.com/ | Name: _ga Value: GA1.1.2113481275.1678919848 |
|
.fidanto.com/ | Name: __gsas Value: ID=6ba8d55cd717986e:T=1678919848:S=ALNI_Mb813tdSZA0KyFNGATqd9-TI4ItHw |
|
.fidanto.com/ | Name: __gpi Value: UID=00000bc692d6efc0:T=1678919848:RT=1678919848:S=ALNI_MZRb9BpSHK2hLaPfwkEGzpAGVN7TA |
|
.fidanto.com/ | Name: FCNEC Value: %5B%5B%22AKsRol9O6Z-L80CZDjnk4hqrZW6AH2SF2P3goSLCNTUAx7iXT6f0XgeOBLA3kg3FI26-KM5S72SUxtWje4hUP3U7H9czrpams6XNHvEF3BGOCsNUlt0fVSLnYi5iZ7C190d_qWVQdBvg8QyQC5oK9uA5LOfRDsEl9Q%3D%3D%22%5D%2Cnull%2C%5B%5D%5D |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmm33j95t2gIj9lddihfPNRUsS93A2UAcHGe2mCNHfQVFACV-rLMTeRpCOn5iU |
|
.fidanto.com/ | Name: __gads Value: ID=c773ab5be3936c92-22485d5c55dd000f:T=1678919848:S=ALNI_MYOtb9lykSHYXhL-XNHTv88mkPlpw |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
adservice.google.ca
adservice.google.com
adservice.google.de
c.amazon-adsystem.com
ch.fidanto.com
clickiocdn.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s.clickiocdn.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.225.31.77
2001:4860:4802:32::36
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
34.142.63.26
52.222.247.205
95.211.66.34
95.211.66.35
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c123e00451e47e6fb5a431167e6808a8af22b4348757f4f1be7d907261af1ef
0cee20fd2a5e2f86f36423ce75f6070e825e28f798b0dc979a70f396c7893d9a
1398e06c1ab609631c9359ac9f18ec00e10395a4ffca32937073e1608a6794ba
1bffa4ca3450e2252481e59d9f5f8102be677c71bf34391bfd53dd146d88774a
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
22c04ff48a8428b045facfe740621b50f02a96009bec66f5eceb9217788f2cec
24a2bf35c3d7dab503c10c619d5849384772e5f935115e75530d1347b84e737d
24cc21ba185a9f21c395270b6d8ebb1787c8cc7cd71d7e689b37dabf1d9fc0bb
265d8f48c291907c63d7a0c25641638f64e405e0f03cc3e59b5976006bb5c24e
2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2
2cd0a4887dc265775f7b8f9ce799efea02df493104d659c6b213c694f7fb0eb9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10bc86eb0589ef26eb47d966ad7b9caa85b7eb5ace3bb013ebf2ed2cbd75f3
2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0
303232489ecefb0409266262349dd6b4f2afae412bb6a8eb970d771eb4c00da7
35dce9895c456bea83be2fb985a9baa444b975a71bce58d0887b7bafeac8710a
39ff1da361a42b3d750b4de7b8b288f374bef957a84f46dafdccd07e5da14234
3fdac90cedbae5028d4533aa75912b18fd84cf292a8ced03c67a2413364816d7
4548fb79ae67af4420e8da68f80c8973eccc7b49f167260b43e2ead39c6ca6df
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c39747cab4943179d2d9bcdf41e50df3e2df7bab112bbd70a8723a97c84a707
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645f2b6e237d2a8227136139f4b40b50a0867e96352c4254b3294fd302d8b8a7
67925ae4c202198a2210e24bb163a9a536f335b30212d96be2bf10aa276dbe29
6a0d547d5aa68f7daadf36ede5bde7e5193e9b2a519e947821b7be326638bd54
7093b09dc9ce5bbc1adf7e4cbbe1df2073d0ec34064d85f9be1391254ec1e7c1
72996357cf647d3e794d1c71ef61e68353ac0b1c1f29d20c4e237b4fea770200
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7513e90bb4f62623e0ab1b647bd50483bcdc772faa3e7c628b1fd9f85a85ec98
756b3ff75bbd23541534b5ab0922e5ca8116574b1f030ea410e097a3b4863f52
7d244994fc1ca485493697e19e0080de940283e457cfbbf094180848bb5f42a0
7e0ec89ff5d267f21441ad806b5bf885caf92e466c6b0f72d6924fcd9478f3e4
8aabba2532b07741f633d4af2996d99d9ee04905cb5192760f6536af1c36a1bc
8e0026163657cecc9718ff4a1e925a4d44f15f791013efbcc30a4e30b8c4ae3d
8febcb6d069d5a22f5bf9dfd271faedead308d9c118bbc71d0fb85fdfba2fa62
949aeae32555f7b3778cc85d65c4bf7b0135edd78f70bfb791efe6932276337d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51464dfe4b8e7a768c8e14bbfdd8dbbd20d403970827a5bfd4eed5ecf79b297
aa7e0cd9a7abec1001743525cb14d0509fa9af3904c1f64ba17c9dd20c1abe14
b8210134300377e56db7b3eb509bce67c45a0baab92c396b47b246d7232d92ae
ba1b3510f13b486e138ab1215ac4334a9da5e06584e69136a219317c54ab70d5
c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00
c721a466fc8bc97cf6db3fdac71584d63642bdf7de485c69815e64b25439d6eb
c7c13db18e003c4573e82b1e2a419a34ecb921ebe873cddc81aad7c53770c5f4
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cce8a4185030b0bbfbfa18cdcd4c28b3c74aee1335fff12eae018149a04f08ed
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed93bb876b8d90637836406cfd761d8c6e656a1bbb70eccd83c81a0332dc64da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f223e99e1685905fb8a4502d9d72c4870b24a568fef1c7dd51aeeee7fd6032f8
f31a961b8ca02898863723f115e7669100411be1a9e10c0a3e1926a39154cc26
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
f5b2f82490f24578dd392267b2b8a159baf146e93128d07d3f66f52263e60218
fa16b5d9d99736d81797ec7acb624eed8578e6bee226a21782df186db08e9562
fcc55a7337cb59740ca8f1634ff3ba3bd9f7f81bda1cd98c2cd39e0109df5b60
fe226c87aaa92b3dd532d54d0baf16df33b68924a8dd47e8458ab6f3be2b0fc4