![](/screenshots/93f2f141-bff0-4a17-9cf6-d5f1da27a62e.png)
pippaframe.site
Open in
urlscan Pro
162.144.14.33
Public Scan
Submission: On December 23 via api from US — Scanned from US
Summary
This is the only time pippaframe.site was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-14-33.unifiedlayer.com
pippaframe.site |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net | |
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-101-24.jfk50.r.cloudfront.net
c.amazon-adsystem.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-133-10.compute-1.amazonaws.com
play2048.co |
ASN16509 (AMAZON-02, US)
PTR: server-108-139-50-211.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com |
ASN14618 (AMAZON-AES, US)
edge.quantserve.com |
ASN15169 (GOOGLE, US)
8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN14618 (AMAZON-AES, US)
pixel.quantserve.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-108-47.compute-1.amazonaws.com
sync.ipredictive.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
play2048.co
play2048.co — Cisco Umbrella Rank: 56748 |
121 KB |
13 |
id5-sync.com
8 redirects
cdn.id5-sync.com — Cisco Umbrella Rank: 958 id5-sync.com — Cisco Umbrella Rank: 413 |
33 KB |
8 |
googlesyndication.com
8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139 |
42 KB |
7 |
doubleclick.net
1 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 |
158 KB |
7 |
pippaframe.site
pippaframe.site |
33 KB |
4 |
criteo.com
1 redirects
gum.criteo.com mug.criteo.com |
1 KB |
4 |
amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503 |
49 KB |
3 |
lijit.com
3 redirects
ce.lijit.com |
2 KB |
3 |
eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332 |
1 KB |
3 |
fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 9949 |
7 KB |
2 |
pubmatic.com
2 redirects
image6.pubmatic.com |
574 B |
2 |
bidr.io
2 redirects
match.prod.bidr.io |
1 KB |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 315 |
920 B |
2 |
quantcount.com
1 redirects
rules.quantcount.com — Cisco Umbrella Rank: 868 |
1 KB |
2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 72 www.google.com |
2 KB |
2 |
quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 15662 pixel.quantserve.com — Cisco Umbrella Rank: 666 |
10 KB |
2 |
btloader.com
1 redirects
btloader.com — Cisco Umbrella Rank: 897 |
57 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29 |
20 KB |
2 |
ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 8326 |
149 KB |
1 |
sonobi.com
1 redirects
sync.go.sonobi.com |
765 B |
1 |
mathtag.com
1 redirects
sync.mathtag.com |
656 B |
1 |
ipredictive.com
1 redirects
sync.ipredictive.com — Cisco Umbrella Rank: 846 |
485 B |
1 |
ezoic.net
go.ezoic.net — Cisco Umbrella Rank: 10311 |
2 KB |
1 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2008 |
437 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51 |
43 KB |
68 | 25 |
Domain | Requested by | |
---|---|---|
16 | play2048.co |
pippaframe.site
play2048.co |
12 | id5-sync.com |
8 redirects
cdn.id5-sync.com
go.ezodn.com |
7 | pippaframe.site |
pippaframe.site
|
6 | securepubads.g.doubleclick.net |
1 redirects
pippaframe.site
securepubads.g.doubleclick.net |
4 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
3 | ce.lijit.com | 3 redirects |
3 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
3 | api.fouanalytics.com |
pippaframe.site
api.fouanalytics.com |
3 | c.amazon-adsystem.com |
pippaframe.site
c.amazon-adsystem.com |
2 | mug.criteo.com | |
2 | gum.criteo.com | 1 redirects |
2 | image6.pubmatic.com | 2 redirects |
2 | match.prod.bidr.io | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
2 | lb.eu-1-id5-sync.com |
cdn.id5-sync.com
go.ezodn.com |
2 | rules.quantcount.com |
1 redirects
pippaframe.site
|
2 | btloader.com |
1 redirects
pippaframe.site
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | go.ezodn.com |
pippaframe.site
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | sync.go.sonobi.com | 1 redirects |
1 | sync.mathtag.com | 1 redirects |
1 | sync.ipredictive.com | 1 redirects |
1 | pixel.quantserve.com |
pippaframe.site
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | lbs.eu-1-id5-sync.com |
cdn.id5-sync.com
|
1 | 8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | edge.quantserve.com |
play2048.co
|
1 | cdn.id5-sync.com |
pippaframe.site
|
1 | aax-dtb-cf.amazon-adsystem.com |
c.amazon-adsystem.com
|
1 | go.ezoic.net |
pippaframe.site
|
1 | www.paypalobjects.com |
pippaframe.site
|
1 | www.googletagmanager.com |
pippaframe.site
|
68 | 34 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
play2048.co R3 |
2022-12-01 - 2023-03-01 |
3 months | crt.sh |
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA |
2022-10-13 - 2023-11-13 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-10-09 - 2023-10-09 |
a year | crt.sh |
*.ezoic.net Amazon |
2022-12-17 - 2024-01-15 |
a year | crt.sh |
c.amazon-adsystem.com Amazon |
2022-05-09 - 2023-04-18 |
a year | crt.sh |
aax-dtb-mobile-cf.amazon-adsystem.com Amazon |
2022-06-15 - 2023-06-15 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.eu-1-id5-sync.com R3 |
2022-11-09 - 2023-02-07 |
3 months | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-09-09 |
a year | crt.sh |
*.id5-sync.com R3 |
2022-11-09 - 2023-02-07 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-31 - 2023-01-26 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
http://pippaframe.site/
Frame ID: 25EC8EAF8F2E7925854CFAFFB4E533E6
Requests: 61 HTTP requests in this frame
Frame:
https://8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 480FA617068D0FCEC4E2768DDC2B5913
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 632C50DF7942EC9F5DCBB6DE9B1CAC25
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: F35F65E7707A87FEABBA6F7D6AB110FD
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
- https://securepubads.g.doubleclick.net/tag/js/gpt.js
- https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true HTTP 302
- https://btloader.com/tag?o=5112081056530432&upapi=true
- http://rules.quantcount.com/rules-p-31iz6hfFutd16.js HTTP 301
- https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
- https://id5-sync.com/i/457/8.gif?id5id=ID5*vj6OC9k2558qiFynwsPQKCilcSmTIT3PYoHhrWYl7tIxJTtvsrRYKbr5nM1X8RZ0&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
- https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
- https://id5-sync.com/c/457/796/7/2.gif?puid=f54cf5b9-6347-4bff-ac43-8dc7b46e2ed2&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
- https://id5-sync.com/k/264.gif?puid=a8fc6e5f-265f-48d6-8565-4653094efe91&ttl=%%TTL%% HTTP 302
- https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-16d9Vj4NraWAtpVNyzoap62bGxwp1_3tiQuf6S0E4A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
- https://id5-sync.com/c/457/3/5/4.gif?puid=fd5f63a5-cfda-4900-8ec0-250147381dbd&gdpr=0&gdpr_consent= HTTP 302
- https://ce.lijit.com/merge?pid=27&3pid=a8fc6e5f-265f-48d6-8565-4653094efe91&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1245%2F4%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
- https://ce.lijit.com/merge?pid=27&3pid=a8fc6e5f-265f-48d6-8565-4653094efe91&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1245%2F4%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
- https://id5-sync.com/c/457/1245/4/5.gif?puid=F3WdERZHfTdWPAJQRgqEN3i6&gdpr=0&gdpr_consent= HTTP 302
- https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
- https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
- https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACyy07HS6AAACR0YFkXaQ HTTP 302
- https://ce.lijit.com/merge?pid=85&3pid=AACyy07HS6AAACR0YFkXaQ&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1241%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
- https://id5-sync.com/c/457/1241/2/7.gif?puid=F3WdERZHfTdWPAJQRgqEN3i6&gdpr=0&gdpr_consent= HTTP 302
- https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
- https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1 HTTP 302
- https://id5-sync.com/c/457/429/1/8.gif?puid=B726CBBA-43A1-4DC3-AC7F-CCD8B5C18F88&gdpr=0&gdpr_consent= HTTP 302
- https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F434%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
- https://id5-sync.com/c/457/434/0/9.gif?puid=d3708463-5a54-4d00-8505-24d7a51a7deb&gdpr=0&gdpr_consent=
- https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplay2048.co%2F&domain=pippaframe.site&cw=1&lsw=1 HTTP 302
- https://mug.criteo.com/sid?cpp=T45zunxselcyaDNxMGREbS96NFAyL29iRTZDQnlZeGRZSy8yZTNQeUtCaExBRFBRaUNNR0FKUTV3NElZRFZ1ZndIcm90OUZLYU56ZDFCYU5Sa1FzZ01TZThMVXBCZXpFczhXdjVsYXUvaHQ4NXVoTWFBMDkyTnZhdWZzM0RmVit4bW83T1FSZS9TVHEvQlN1SHNzcWIxbkUrMWJ5MnNvS2dESXBReDY5MSt2TWlVaVU4WkkybVR1b1gxVkUwRlBxSEQ3RnFtZDVoUjBtY2QydG1KOW9aWHlRSkFXaUh6N0tzcXkyYWdRNCtiNmNyUjNucmlEZkhzajRoRy9vRjVrSjcybmY0fA&cppv=2
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
pippaframe.site/ |
84 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ Redirect Chain
|
80 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dall.js
go.ezodn.com/hb/ |
236 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apstag.js
c.amazon-adsystem.com/aax2/ |
178 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banger.js
pippaframe.site/porpoiseant/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
109 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
pippaframe.site/dist/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ClearSans-Regular-webfont.woff
pippaframe.site/style/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ClearSans-Bold-webfont.woff
pippaframe.site/style/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear-sans.css
pippaframe.site/style/fonts/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
pippaframe.site/style/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmbv2.js
play2048.co/detroitchicago/ |
168 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_pp.svg
play2048.co/meta/ |
768 B 1013 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
www.paypalobjects.com/en_US/i/scr/ |
42 B 437 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_bitcoin.svg
play2048.co/meta/ |
1 KB 983 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
play2048.co/dist/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ClearSans-Regular-webfont.woff
play2048.co/style/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ClearSans-Bold-webfont.woff
play2048.co/style/fonts/ |
26 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear-sans.css
play2048.co/style/fonts/ |
1 KB 723 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
play2048.co/style/ |
31 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init-1632lqsy2s4fklqsvsii.js
api.fouanalytics.com/api/ |
459 B 879 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ezoic.png
go.ezoic.net/utilcave_com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
houston.js
play2048.co/detroitchicago/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
825 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ |
23 B 460 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imp.gif
play2048.co/detroitchicago/ |
43 B 333 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmbdv2.js
play2048.co/detroitchicago/ |
45 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pp.js
api.fouanalytics.com/s/ |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ |
380 KB 129 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
37 B 64 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag
btloader.com/ Redirect Chain
|
447 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id5-api.js
cdn.id5-sync.com/api/1.0/ |
57 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quant.js
edge.quantserve.com/ |
25 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
x
api.fouanalytics.com/api/ |
0 458 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
4 KB 702 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 480F |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
1 KB 602 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dall.js
go.ezodn.com/hb/ |
236 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ Redirect Chain
|
160 B 633 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v1
lb.eu-1-id5-sync.com/lb/ |
33 B 401 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v1
lbs.eu-1-id5-sync.com/lbs/ |
74 B 249 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 438 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=1134638354;labels=Domain.play2048_co%2CDomainId.218709;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fpippaframe.site%2F;uht=2;fpan=1;fpa=P0-537863699-1671811030254;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc...
pixel.quantserve.com/ |
35 B 372 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
457.json
id5-sync.com/g/v2/ |
461 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
greenoaks.gif
play2048.co/detroitchicago/ |
0 69 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
greenoaks.gif
play2048.co/detroitchicago/ |
0 127 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
greenoaks.gif
play2048.co/detroitchicago/ |
0 16 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
14 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9.gif
id5-sync.com/c/457/434/0/ Redirect Chain
|
43 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 632C |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame F35F |
783 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
lcpel.go
play2048.co/cheetah/ |
0 103 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Redirect Chain
|
357 B 660 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
prebid
id5-sync.com/api/config/ |
135 B 543 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
json
gum.criteo.com/sid/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v1
lb.eu-1-id5-sync.com/lb/ |
33 B 401 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
sid
mug.criteo.com/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
457.json
id5-sync.com/g/v2/ |
455 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame F35F |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 632C |
36 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 632C |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
greenoaks.gif
play2048.co/detroitchicago/ |
0 62 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
38 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pippaframe.site/ | Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200 |
|
pippaframe.site/ | Name: ezohw Value: w%3D1600%2Ch%3D1200 |
|
.pippaframe.site/ | Name: _ga Value: GA1.2.310764543.1671811029 |
|
.pippaframe.site/ | Name: _gid Value: GA1.2.1614395517.1671811029 |
|
.pippaframe.site/ | Name: _gat_gtag_UA_42620757_2 Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.pippaframe.site/ | Name: __gads Value: ID=727c902ce0b92086:T=1671811030:S=ALNI_MbgeqrEUFhxIW0nSh6tIBlAs8Snsw |
|
.pippaframe.site/ | Name: __gpi Value: UID=000008e2dee3a425:T=1671811030:RT=1671811030:S=ALNI_MbfF2-joTQz8VDYARx6S3i-WkIHFQ |
|
pippaframe.site/ | Name: _pbjs_userid_consent_data Value: 3524755945110770 |
|
.quantserve.com/ | Name: mc Value: 63a5cfd7-1c1a8-b78a0-d83ea |
|
.pippaframe.site/ | Name: __qca Value: P0-537863699-1671811030254 |
|
pippaframe.site/ | Name: ezux_lpl_218709 Value: 1671811031389|8ba86898-1d87-4d76-4783-dc28ece5a65e|false |
|
.id5-sync.com/ | Name: callback Value: |
|
.ipredictive.com/ | Name: cu Value: f54cf5b9-6347-4bff-ac43-8dc7b46e2ed2|1671811032130 |
|
.adsrvr.org/ | Name: TDID Value: a8fc6e5f-265f-48d6-8565-4653094efe91 |
|
.adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwjst4XfosKyOxAFOAE. |
|
.mathtag.com/ | Name: uuid Value: fd5f63a5-cfda-4900-8ec0-250147381dbd |
|
.id5-sync.com/ | Name: id5 Value: 91d96a51-a676-7ec7-932d-42045ed9f9d9#1671811031830#3 |
|
.pippaframe.site/ | Name: cto_bundle Value: eexNXl9OdndsVmV6d3RKa0d5Z29zTk1aUmVSZ2w4QWRrbFpGdVM4TFdNM2RQTWVQekxNeHI1NGZrQzlRNXRRbjNrR0Y3WUZsRWVQVjJkWThFWGRCNWQlMkZCJTJGaE56Nm8xMTFkbEhreDlQYmhHOGp0b1FHZEdmMkNBZXpKeU9iSm91TWd2Z2M |
|
.pippaframe.site/ | Name: cto_bidid Value: zRdw219EckRZaDF1bHV2UVFjVmNKMXdRQVVKdCUyRmtzOXR5bFRQbGMwc3BtRzNHV2k2JTJGNkdyZk11emx6amRJemN2NVNOU0NVd0xnTjBKU0YlMkZNWnVVZWI4WU40USUzRCUzRA |
|
pippaframe.site/ | Name: id5id.1st Value: %7B%22created_at%22%3A%222022-12-23T15%3A57%3A11.83Z%22%2C%22id5_consent%22%3Atrue%2C%22original_uid%22%3A%22ID5*EY_qbuEADNOzgDf4dlN6TeTzeVV4rdMDaqJJPfbHXvcxJX6iR5QRLXtK92qtuM5u%22%2C%22universal_uid%22%3A%22ID5*07scgLSzdRRHDc4sr0ZCo0Ug46L-pK9EDwRzJgugfFkxJZDZmflvpXKrhcn8t53H%22%2C%22signature%22%3A%22ID5_AhHWziIKXW4bAC8AzXmlhAOHAdEB6TFAreCadeTBmMO0CNzizKKeTQf2W7wVYmwk-oi_62KzNH3kuhy1RzQPWSvXYCWK%22%2C%22link_type%22%3A2%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22other%22%2C%22id5_consent%22%3Atrue%7D%7D |
|
pippaframe.site/ | Name: id5id.1st_last Value: Fri%2C%2023%20Dec%202022%2015%3A57%3A15%20GMT |
|
.lijit.com/ | Name: ljt_reader Value: F3WdERZHfTdWPAJQRgqEN3i6 |
|
.lijit.com/ | Name: _ljtrtb_27 Value: a8fc6e5f-265f-48d6-8565-4653094efe91 |
|
.bidr.io/ | Name: bito Value: AACyy07HS6AAACR0YFkXaQ |
|
.bidr.io/ | Name: bitoIsSecure Value: ok |
|
.id5-sync.com/ | Name: cf Value: |
|
.id5-sync.com/ | Name: cip Value: |
|
.id5-sync.com/ | Name: cnac Value: |
|
.id5-sync.com/ | Name: car Value: |
|
.id5-sync.com/ | Name: gdpr Value: |
|
.lijit.com/ | Name: ljtrtb Value: eJyrVjIyV7JSSrRISzZLNU3TNTIDEiYWKWa6FqZmpromZqbGBpYmqWmploZKtQAEggta |
|
.lijit.com/ | Name: _ljtrtb_85 Value: AACyy07HS6AAACR0YFkXaQ |
|
.pubmatic.com/ | Name: KTPCACOOKIE Value: YES |
|
.pubmatic.com/ | Name: KADUSERCOOKIE Value: B726CBBA-43A1-4DC3-AC7F-CCD8B5C18F88 |
|
.go.sonobi.com/ | Name: __uis Value: d3708463-5a54-4d00-8505-24d7a51a7deb |
|
.go.sonobi.com/ | Name: HAPLB8S Value: s85185|Y6XP3 |
|
.id5-sync.com/ | Name: 3pi Value: 434#1671811036293#-467840249|3#1671811034694#241912780#fd5f63a5-cfda-4900-8ec0-250147381dbd|264#1671811032396#284374794#a8fc6e5f-265f-48d6-8565-4653094efe91|1241#1671811035789#587693289|155#1671811035607#-486134901#AACyy07HS6AAACR0YFkXaQ|796#1671811032197#-2003062285|1245#1671811035343#587693289|429#1671811035998#1079463994#B726CBBA-43A1-4DC3-AC7F-CCD8B5C18F88 |
27 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
adservice.google.com
api.fouanalytics.com
btloader.com
c.amazon-adsystem.com
cdn.id5-sync.com
ce.lijit.com
edge.quantserve.com
go.ezodn.com
go.ezoic.net
gum.criteo.com
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
pagead2.googlesyndication.com
pippaframe.site
pixel.quantserve.com
play2048.co
rules.quantcount.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypalobjects.com
104.36.115.113
108.139.50.211
13.35.101.24
141.95.98.64
15.197.193.217
151.101.194.133
162.144.14.33
162.19.138.117
2001:41d0:701:1000::96f
209.191.163.210
2600:9000:21dd:9600:6:44e3:f8c0:93a1
2600:9000:21dd:fc00:6:44e3:f8c0:93a1
2600:9000:2510:dc00:2:cb38:840:93a1
2606:4700:10::6816:3556
2606:4700:20::ac43:4686
2606:4700:e4::ac40:a821
2606:4700:e6::ac40:ca05
2606:4700:e6::ac40:cb05
2607:f8b0:4004:c08::9d
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2008
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80b::2004
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:822::2002
2620:100:a001::c
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:116:800b:21:f059:4f7e:28a9:1588
34.204.163.217
34.233.108.47
52.86.133.10
69.166.1.10
74.119.119.139
74.121.140.14
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0743c1f900776fbc658d2c5115123a7ae1ba5fb23ed5d759804c029cd5c6425f
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
109df6c433ca8db661b7892b511360ab8371ef13082bcc0405804561f1ed1181
16596639aaf7c7f4ca870a71f5083ced88e25000ad6da72f9dfd69cd9ba080cf
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
28d1f90a7e8a781528ba4125e74cba711c96b2aa1aa3b06c40df1899a66832db
290cd873fad51c8af7d59545b2507277c6e63404183d9cf2e43696768dd1fb6f
2db364591994c4fb2da18489bf8d4547fac6f633bcea1169e7c68519b47109ff
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
4519fe034201cde5e41e3c91f141eb7b8487073c9739c6d68c39b765ba52f067
4607719e4358074067b6f0eb236c54679dd0cdc166091bb0bde0ed9d5cb55a89
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
480720b09587576115146f868da9364a94f650e00b513f95a84f46a424eca0f0
487ac086695bed211be6e371cde44484af1315bf65e56437084e4b2c0b5cdafd
5deb0ab2a11739a6ff26e05ca87c57bad1d3159a2b6f058fa75c1265ddd40cba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63521ee4dd7f5f42d2474dd5eefb3793739674c81a5d508f9be216688d3ff0e0
6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fbe16f15a6683220c91a2e61180c71f3c5089ac3db7d7a6850019c43673319d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7f30f101e9c54f1f2ea28ee28eb181bce3461165b595631b212b5cd63d054dda
8a22eb57594c8ae9cda85eea283246ef0acf4e1ebee49ce2cabff2969c9e5951
8c94cd2fdc93f5a86f1761c0ce14bb695f20e16dc1a585ccad7f0289bd3dbc76
99590cf2d4be0ce982d1178d9f2877619670c4ecccd4dfd89fb50544a6b5a148
9a949a8bd438328185a17d9cb2250e8644f4dbfcfba00d88d6898bbed1dd412f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b16e36cc53aa72023c67ab31c38290de77905dd2285f331189b2236100b8f849
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cda3688d66efcd9227d4bdc04472b134e614d6609c362875370ba4fb52104a2a
d76428a7b34b4a9fe1b49a89ce3b6303efe18eaf7215b6370118a70590234d26
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e25edc55897dbee0133c37fddba6252d01cc71ab93bc60cb6353f0f17a1b8772
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fc449647f3e112d03582a8ea0e845f4fa90d9942249be04055b4bd5483baf6
e9e81efc856f66a33ff45c199b47b90901d3257c7fad177816870c892e7acc1a
f48e4475a7f454b20229e6a76804195582f63b4b47147455403fd45cdd472247