ff14.org
Open in
urlscan Pro
2606:4700:3036::6815:20a6
Public Scan
Effective URL: https://ff14.org/
Submission: On January 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on January 4th 2024. Valid for: 3 months.
This is the only time ff14.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
code.bdstatic.com |
ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com | |
cloudflareinsights.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN13335 (CLOUDFLARENET, US)
as.ad4m.at | |
ad4m.at | |
assets.ad4m.at |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
prod-rtb.ad4mat.net |
ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
ff14.org
1 redirects
ff14.org |
1 MB |
14 |
ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 29340 ad4m.at — Cisco Umbrella Rank: 11475 assets.ad4m.at — Cisco Umbrella Rank: 41583 |
152 KB |
12 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 |
236 KB |
11 |
doubleclick.net
2 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 |
23 KB |
4 |
bdstatic.com
code.bdstatic.com — Cisco Umbrella Rank: 103646 |
95 KB |
3 |
baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10853 |
12 KB |
3 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811 cloudflareinsights.com — Cisco Umbrella Rank: 794 |
7 KB |
2 |
awin1.com
1 redirects
www.awin1.com — Cisco Umbrella Rank: 16092 |
1 KB |
2 |
ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 164401 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344 |
1012 B |
2 |
adform.net
2 redirects
c1.adform.net — Cisco Umbrella Rank: 583 |
1 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
1 |
congstar.de
banner.congstar.de — Cisco Umbrella Rank: 89383 |
549 B |
1 |
medialead.de
pv.medialead.de — Cisco Umbrella Rank: 41332 |
327 B |
1 |
onetag-sys.com
1 redirects
onetag-sys.com — Cisco Umbrella Rank: 707 |
387 B |
1 |
criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608 |
363 B |
1 |
yahoo.com
1 redirects
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495 |
714 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357 |
149 B |
1 |
simpli.fi
1 redirects
um.simpli.fi — Cisco Umbrella Rank: 856 |
713 B |
1 |
quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764 |
463 B |
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230 |
66 KB |
1 |
wakingsands.com
map-cdn.wakingsands.com |
15 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
342 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
886 B |
95 | 24 |
Domain | Requested by | |
---|---|---|
35 | ff14.org |
1 redirects
ff14.org
|
7 | pagead2.googlesyndication.com |
ff14.org
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com |
6 | assets.ad4m.at |
as.ad4m.at
|
5 | cm.g.doubleclick.net |
googleads.g.doubleclick.net
|
5 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
4 | ad4m.at |
as.ad4m.at
ad4m.at |
4 | as.ad4m.at |
googleads.g.doubleclick.net
as.ad4m.at ad4m.at |
4 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
4 | code.bdstatic.com |
ff14.org
|
3 | hm.baidu.com |
ff14.org
|
2 | cloudflareinsights.com |
static.cloudflareinsights.com
|
2 | ad.doubleclick.net | 2 redirects |
2 | www.awin1.com |
1 redirects
as.ad4m.at
|
2 | c1.adform.net | 2 redirects |
2 | www.google.com |
googleads.g.doubleclick.net
tpc.googlesyndication.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | banner.congstar.de |
as.ad4m.at
|
1 | pv.medialead.de |
as.ad4m.at
|
1 | prod-rtb.ad4mat.net |
googleads.g.doubleclick.net
|
1 | static-de.ad4mat.net |
as.ad4m.at
|
1 | onetag-sys.com | 1 redirects |
1 | dis.criteo.com |
googleads.g.doubleclick.net
|
1 | pr-bh.ybp.yahoo.com | 1 redirects |
1 | match.adsrvr.org |
googleads.g.doubleclick.net
|
1 | um.simpli.fi | 1 redirects |
1 | cms.quantserve.com |
googleads.g.doubleclick.net
|
1 | www.googletagservices.com |
googleads.g.doubleclick.net
|
1 | map-cdn.wakingsands.com |
code.bdstatic.com
|
1 | www.google-analytics.com |
ff14.org
|
1 | fonts.googleapis.com |
ff14.org
|
1 | static.cloudflareinsights.com |
ff14.org
|
95 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
ff.web.sdo.com |
bbs.nga.cn |
www.ffxiv.cn |
ff14.huijiwiki.com |
garlandtools.cn |
github.com |
i.duotai.net |
www.ffcafe.cn |
ff.sdo.com |
riesa.gitee.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ff14.org GTS CA 1P5 |
2024-01-04 - 2024-04-03 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
baidu.com GlobalSign RSA OV SSL CA 2018 |
2023-07-06 - 2024-08-06 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
ffcafe.org GTS CA 1P5 |
2024-01-22 - 2024-04-21 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
quantserve.com R3 |
2023-12-27 - 2024-03-26 |
3 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-01 - 2024-03-01 |
3 months | crt.sh |
ad4mat.net GTS CA 1P5 |
2024-01-16 - 2024-04-15 |
3 months | crt.sh |
prod-rtb.ad4mat.net GTS CA 1D4 |
2024-01-18 - 2024-04-17 |
3 months | crt.sh |
pv.medialead.de R3 |
2023-12-04 - 2024-03-03 |
3 months | crt.sh |
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1 |
2024-01-10 - 2025-01-10 |
a year | crt.sh |
This page contains 10 frames:
Primary Page:
https://ff14.org/
Frame ID: 011506B6D1E015731C2E1470F154F191
Requests: 57 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 8F8B9B6206463A6DE9286138E073394B
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8304225030161579&output=html&adk=1812271804&adf=3025194257&lmt=1704628917&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fff14.org%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706009200043&bpp=3&bdt=166&idt=166&shv=r20240118&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4240001649365&frm=20&pv=2&ga_vid=1279834977.1706009200&ga_sid=1706009200&ga_hid=1476337472&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C31080409%2C42532523%2C44809530%2C31080602%2C95322180%2C95320890%2C95321626%2C95322163%2C21065724&oid=2&pvsid=989503404526284&tmod=1326084606&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=175
Frame ID: 743D8552C8F99CF770FCEED576D31B04
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8304225030161579&output=html&h=90&slotname=3871755301&adk=1632239767&adf=3225769954&pi=t.ma~as.3871755301&w=728&lmt=1704628917&rafmt=12&format=728x90&url=https%3A%2F%2Fff14.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706009203376&bpp=1&bdt=3499&idt=1&shv=r20240118&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4240001649365&frm=20&pv=1&ga_vid=1279834977.1706009200&ga_sid=1706009200&ga_hid=1476337472&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=576&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080333%2C31080409%2C42532523%2C44809530%2C31080602%2C95322180%2C95320890%2C95321626%2C95322163%2C21065724&oid=2&pvsid=989503404526284&tmod=1326084606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Frame ID: 98AEEFF6FD1A2FB03AB9FA9204E19490
Requests: 8 HTTP requests in this frame
Frame:
https://as.ad4m.at/ad/dr?ed=1j17yck3w1t19rzp905tstzdgn5g4843tj3r6y11d9fn26mjmbtah1xrz453w5b56zf8fcnrn3d9h1pr6ashqfsryw71kx60wkeax4eysez8xj9ntj5hrh2cv7c13rh6xn2gdpt7kqtmq52kmg7fvjyqrby316g095skj83mw5mnmxbw6rvwa32552afa2h9zeh6v0vm9nk2dn5rz5sf3cmnetq74d5j7awwmd89hjcs7hdz73f29tn9f008zn654t1mwhfjtw6qfe32q28hyxp29s7wbam9c017gceys4wvy0se318wv3q8684sg6tn1t44y64tkwmw796y2vkj11fqjdt309n7xrn7d4fns7keftb0gpbjwxmk7zqgqsnqxbdzt4ppe1mp03fbxe6h9maz0hhsnraw3fh4acve314gre0224tdxctw79szxhzcas5xjpb1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZBEGc6KvZZqkGbvb1fAPjsuc2AeQ4YGEXLaoworwAsCNtwEQASAAYJWikoKgB4IBF2NhLXB1Yi04MzA0MjI1MDMwMTYxNTc5yAEJqQLOrsnOhk6yPqgDAcgDAqoEuQFP0PjlH-pUoV_XI9_DQg6kCyO4BUltxnwT81skiyURiOn-yutY6IHmA-6LTSQxpk0J_yTGk5iPJ6CrI0zyp66EVm_9tEROAuDPD6LtCPwKegA7D1t4w4N3_O6sNo1uHmTMXgKFK6CyfE4Ni4pF9DxYxmJGBxddlPB-9vGP8dMGPP1nWN4m_W8xumHBdHTPz9nvCcr4vPK4flnxOtW3eSP42Us90Fy1vXpdTLQeQAolHVzeP66rHEgQx4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliSyrXEs_ODA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0SO656BsdxLtG7RbU85SM_iooJfQ%26client%3Dca-pub-8304225030161579%26adurl%3D
Frame ID: A8DBDD871F56E143D4D236BB36C38870
Requests: 5 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 23BE9B0EFF895066EA80DC6EA1EEAE58
Requests: 9 HTTP requests in this frame
Frame:
https://ad4m.at/cookie-frame.html
Frame ID: 2BEF78DDB799E7D7225AB500FA1710BF
Requests: 1 HTTP requests in this frame
Frame:
https://as.ad4m.at/ad/rar?a=34719%2C117569%2C196438&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6&c=728&d=90&e=&g=35ebfa2d4895622811c547bb985ce946%2F8053290324057541866&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1706009204106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbrakdzyvj6tnf7w42rv40z0ss3ajhh5rt32wdb6j4pt3yq3v4xkzgvbvbxxp0ffz129d9brah6v63hecw8zt5yryvkhbqh887mcj1qp9st8kkc7y2fd20rc7aw0ph9betqp9g01vsxrr472e0nrqkxrs26r08j6c2g8bvjsxae4x0v72gwae11wphsmy023t8an54rqv4m8zna5wzxq8m0sb3qspd9fja2042ct8egaj2s60eh8x2dvrez0t12npj05abkp2ymyx1pkm4yzsb7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZBEGc6KvZZqkGbvb1fAPjsuc2AeQ4YGEXLaoworwAsCNtwEQASAAYJWikoKgB4IBF2NhLXB1Yi04MzA0MjI1MDMwMTYxNTc5yAEJqQLOrsnOhk6yPqgDAcgDAqoEuQFP0PjlH-pUoV_XI9_DQg6kCyO4BUltxnwT81skiyURiOn-yutY6IHmA-6LTSQxpk0J_yTGk5iPJ6CrI0zyp66EVm_9tEROAuDPD6LtCPwKegA7D1t4w4N3_O6sNo1uHmTMXgKFK6CyfE4Ni4pF9DxYxmJGBxddlPB-9vGP8dMGPP1nWN4m_W8xumHBdHTPz9nvCcr4vPK4flnxOtW3eSP42Us90Fy1vXpdTLQeQAolHVzeP66rHEgQx4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliSyrXEs_ODA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0SO656BsdxLtG7RbU85SM_iooJfQ%2526client%253Dca-pub-8304225030161579%2526adurl%253D&y=1&s=&z=0
Frame ID: 3ECCB18080B3F88E0F961696C40062A7
Requests: 11 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F541C9BB9723D527AD31EB964612C74
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 2559368FF34913B6727AE617ED80079F
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
新大陆见闻录 | 新大陆见闻录 - 最终幻想14新手入坑指南手册Page URL History Show full URLs
-
http://ff14.org/
HTTP 301
https://ff14.org/ Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Baidu Analytics (百度统计) (Analytics) Expand
Detected patterns
- hm\.baidu\.com/hm\.js
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: 最终幻想14国服官网
Search URL Search Domain Scan URL
Title: NGA最终幻想14版
Search URL Search Domain Scan URL
Title: 素素攻略站
Search URL Search Domain Scan URL
Title: 最终幻想XIV中文维基
Search URL Search Domain Scan URL
Title: 加兰德数据库(中文版)
Search URL Search Domain Scan URL
Title: 修订历史
Search URL Search Domain Scan URL
Title: 编辑本页
Search URL Search Domain Scan URL
Title: 反馈问题
Search URL Search Domain Scan URL
Title: 肥肥咖啡
Search URL Search Domain Scan URL
Title: 加入我们
Search URL Search Domain Scan URL
Title: 最终幻想14国服官网
Search URL Search Domain Scan URL
Title: 素素攻略站
Search URL Search Domain Scan URL
Title: 水晶驿站
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ff14.org/
HTTP 301
https://ff14.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 59- https://um.simpli.fi/gp_match?google_gid=CAESEDSgsjxZ5oS8h-KUsu6h8kE&google_cver=1&google_push=AXcoOmR67mKoLUia-fdM_62PgPTMoyoVO0EEEKQrbZOhP8SRPBk2hKvvQwKErwEjg2ud8PgB7DUS8BI5GUtW_rgAKIuOcp7v4t62Hg HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=380F1DA19CBC459E94A1082380BA1D6A&google_push=AXcoOmR67mKoLUia-fdM_62PgPTMoyoVO0EEEKQrbZOhP8SRPBk2hKvvQwKErwEjg2ud8PgB7DUS8BI5GUtW_rgAKIuOcp7v4t62Hg
- https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHYro9aeVxuwYTZS3fPJhU8&google_cver=1&google_push=AXcoOmR1LEZwu0LblNqVN5brB-_MAS8qvG4skT_NMKxu7oFS2ij9DenjDvDi436F_E4EL082Zqf-i8nH2_0n41wixh4Ns6SMdgQC9Sk HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR1LEZwu0LblNqVN5brB-_MAS8qvG4skT_NMKxu7oFS2ij9DenjDvDi436F_E4EL082Zqf-i8nH2_0n41wixh4Ns6SMdgQC9Sk&google_hm=eS1ONEV3UjRWRTJwRTU3UEhCcWk2Xzd6d01nRHVKN01uc35B
- https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKZIUBaLsfL2aPnPmGOgRm8&google_cver=1&google_push=AXcoOmTjqVV7W3Be2EcKwRig8uTeeGqksi25Gnv-69V_hNl-vrLJEmdVuH2B2kFRvqNBXwXVv5EXYRSsZX2-BtRuwpoD5euctsAMGw HTTP 302
- https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKZIUBaLsfL2aPnPmGOgRm8&google_cver=1&google_push=AXcoOmTjqVV7W3Be2EcKwRig8uTeeGqksi25Gnv-69V_hNl-vrLJEmdVuH2B2kFRvqNBXwXVv5EXYRSsZX2-BtRuwpoD5euctsAMGw HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQzNzI5MTYyNTQ2NjAxNTkxMQ&google_push=AXcoOmTjqVV7W3Be2EcKwRig8uTeeGqksi25Gnv-69V_hNl-vrLJEmdVuH2B2kFRvqNBXwXVv5EXYRSsZX2-BtRuwpoD5euctsAMGw
- https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO8hHmD7hwNLkhgxFFjbKXk&google_cver=1&google_push=AXcoOmR8q0FKZiBG-3z8td5k4pO2yug7nmNIYFqpCmx5Ldm3ycBc2HFLtLa3n_z7ZxFvpZ1KQ2BlZ6KdDJicJUD-IvD66UiJplYyJQ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR8q0FKZiBG-3z8td5k4pO2yug7nmNIYFqpCmx5Ldm3ycBc2HFLtLa3n_z7ZxFvpZ1KQ2BlZ6KdDJicJUD-IvD66UiJplYyJQ
- https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
- https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJnO6sSz84MDFfLtEQgdbBgM7w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
- https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
- https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1706009204_49ae2100-b9e2-11ee-b3cc-2233d0695e79
95 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ff14.org/ Redirect Chain
|
32 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
leaflet.css
code.bdstatic.com/npm/leaflet@1.5.1/dist/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
map.css
code.bdstatic.com/npm/@thewakingsands/eorzea-interactive-map@1.1.1/dist/ |
36 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.styles.68a6269a.css
ff14.org/assets/css/ |
616 KB 120 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.cc784840.js
ff14.org/assets/js/ |
423 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.6e2adee7.js
ff14.org/assets/js/ |
32 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
108.d47607d7.js
ff14.org/assets/js/ |
304 B 530 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53.a4836d62.js
ff14.org/assets/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
title.png
ff14.org/images/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paladin.png
ff14.org/images/jobs/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
warrior.png
ff14.org/images/jobs/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
darkknight.png
ff14.org/images/jobs/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gunbreaker.png
ff14.org/images/jobs/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
monk.png
ff14.org/images/jobs/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dragoon.png
ff14.org/images/jobs/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ninja.png
ff14.org/images/jobs/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
samurai.png
ff14.org/images/jobs/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reaper.png
ff14.org/images/jobs/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bard.png
ff14.org/images/jobs/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
machinist.png
ff14.org/images/jobs/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dancer.png
ff14.org/images/jobs/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blackmage.png
ff14.org/images/jobs/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
summoner.png
ff14.org/images/jobs/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redmage.png
ff14.org/images/jobs/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bluemage.png
ff14.org/images/jobs/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vvhit3mage.png
ff14.org/images/jobs/ |
22 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scholar.png
ff14.org/images/jobs/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
astrologian.png
ff14.org/images/jobs/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sage.png
ff14.org/images/jobs/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
ff14.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
code.bdstatic.com/npm/jquery@3.2.1/dist/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
map.js
code.bdstatic.com/npm/@thewakingsands/eorzea-interactive-map@1.1.1/dist/ |
160 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.min.js
static.cloudflareinsights.com/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/ |
403 KB 137 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 8F8B |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 743D |
0 188 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 886 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.png
ff14.org/images/ |
42 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bgmoon.jpg
ff14.org/images/bg/ |
207 KB 208 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.0ab54153.woff2
ff14.org/assets/fonts/ |
39 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/ |
35 B 342 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
108.d47607d7.js
ff14.org/assets/js/ |
304 B 796 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.65de4bbe.js
ff14.org/assets/js/ |
74 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
region.json
map-cdn.wakingsands.com/assets/data/ |
155 KB 15 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
105.ca8f1313.js
ff14.org/assets/js/ |
99 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 98AE |
39 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 98AE |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 98AE |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 98AE |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 98AE |
206 KB 66 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dr
as.ad4m.at/ad/ Frame A8DB |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 23BE |
1 KB 643 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpixel
cms.quantserve.com/ Frame 23BE |
35 B 463 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 23BE Redirect Chain
|
170 B 232 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google
match.adsrvr.org/track/cmf/ Frame 23BE |
70 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 23BE Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usersync.aspx
dis.criteo.com/dis/ Frame 23BE |
43 B 363 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 23BE Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 23BE Redirect Chain
|
170 B 329 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attr
cm.g.doubleclick.net/pixel/ Frame 23BE |
0 139 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 98AE |
217 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A8DB |
115 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r62eglto.js
ad4m.at/ Frame A8DB |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A8DB |
350 B 909 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie-frame.html
ad4m.at/ Frame 2BEF |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
rs
ad4m.at/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rs
ad4m.at/ Frame A8DB |
1 KB 2 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 98AE |
0 19 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
winResponse
prod-rtb.ad4mat.net/ Frame 98AE |
0 103 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rar
as.ad4m.at/ad/ Frame 3ECC |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 3ECC |
115 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 3ECC |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 3ECC |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 3ECC |
0 327 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 3ECC |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 3ECC |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cshow.php
www.awin1.com/ Frame 3ECC |
43 B 704 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 3ECC |
9 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
assets.ad4m.at/ Frame 3ECC |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
banner.congstar.de/cookie/ Frame 3ECC Redirect Chain
|
0 549 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
rum
cloudflareinsights.com/cdn-cgi/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
cloudflareinsights.com/cdn-cgi/ |
0 37 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F54 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 2559 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 8F54 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
337 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 2559 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 8F54 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery object| YZWF object| webpackJsonp object| __VUEPRESS__ object| ma object| _hmt object| __cfBeacon object| _leaflet_events object| googletag boolean| _bdhm_loaded_215a46d31e2c4aaa8e1cdd94fcfe8aa4 object| mini_tangram_log_4q91if object| mini_tangram_log_7p7w44 object| GoogleGcLKhOms object| google_image_requests18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ad4m.at/cookie-frame.html | Name: userId Value: 6OMbnAu5zhQq2bMbrL0sL13WPSVvmsXK |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlBPRZi8nUAuyjVtERZt3wV2VcTlca7UIcG7m446SCD0GPjwUm90mDlt4kUdW0 |
|
.ff14.org/ | Name: __gads Value: ID=1ed123a0ffc64057:T=1706009203:RT=1706009203:S=ALNI_MaZpyls13Jfmhq3b99ijPlIX6IL7Q |
|
.ff14.org/ | Name: __gpi Value: UID=00000d47d2b19007:T=1706009203:RT=1706009203:S=ALNI_Majn_2-L0siSYifcHDRbMCIS22OIw |
|
.quantserve.com/ | Name: d Value: EE4BCQH8KoEA |
|
.quantserve.com/ | Name: mc Value: 65afa273-dbc68-27289-0d3f0 |
|
.simpli.fi/ | Name: suid Value: 380F1DA19CBC459E94A1082380BA1D6A |
|
.adform.net/ | Name: C Value: 1 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBHOir2UCEHMI2MaXUnc33-waGWz9uRIFEgEBAQHzsGW5ZQAAAAAA_eMAAA&S=AQAAAiuhjaFM7GVy1jZuAWQsnWE |
|
.hm.baidu.com/ | Name: HMACCOUNT_BFESS Value: 2E0E53DE52BEA35B |
|
.adform.net/ | Name: uid Value: 3437291625466015911 |
|
.doubleclick.net/ | Name: APC Value: AfxxVi6OcSYgBcQI9AzrpZoNls3JQLPIe4Fehh2p-4K3yctTavYmUQ |
|
.awin1.com/ | Name: awpv20044 Value: 412871|1706009204|499dcd50-b9e2-11ee-86b5-22356fe9f584 |
|
.awin1.com/ | Name: awpv11938 Value: 412871|1706009204|49ae2100-b9e2-11ee-b3cc-2233d0695e79 |
|
.awin1.com/ | Name: AWSESS Value: 367022:2542680 |
|
.ff14.org/ | Name: Hm_lvt_215a46d31e2c4aaa8e1cdd94fcfe8aa4 Value: 1706009205 |
|
.ff14.org/ | Name: Hm_lpvt_215a46d31e2c4aaa8e1cdd94fcfe8aa4 Value: 1706009205 |
|
.congstar.de/ | Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1706009204_49ae2100-b9e2-11ee-b3cc-2233d0695e79%22%2C%22sp%22%3A%22awin%22%7D |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
ad4m.at
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c1.adform.net
cloudflareinsights.com
cm.g.doubleclick.net
cms.quantserve.com
code.bdstatic.com
dis.criteo.com
ff14.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hm.baidu.com
map-cdn.wakingsands.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
static-de.ad4mat.net
static.cloudflareinsights.com
tpc.googlesyndication.com
um.simpli.fi
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
103.235.46.191
103.235.47.84
104.64.118.247
142.250.184.198
142.250.186.162
178.250.1.9
194.61.236.33
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::ac43:4a81
2606:4700:3035::ac43:9911
2606:4700:3036::6815:20a6
2606:4700::6810:3865
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a05:d018:d29:3602:5ae9:3b9c:4769:a477
34.91.62.186
37.157.6.243
51.89.9.254
52.223.40.198
87.118.116.9
91.121.248.44
013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f
03f65d69d149658a4d13269e0a01884d8543f022e4f45882b97cc91244b26c22
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
09f03dc337cbb067a87e3ffae351461fd51bd8087407a640801786c2de7bc9b5
0aa7c70a59a10ad03ba08392c304f510641897fd383cd75e43192199c25e5966
0b05084c3bc0752e28308dd7bf6586d5b76d8299fd20b3fa4fa592177d7f5841
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
15f6729a25a4eadda9c1b2b9a48f539121c8c58e870a466aea2435ff1a3f40ed
161b4481e889a226cbc3bc601fd0ddadca1b4c5f082f4a518f3873918aac3f41
168d325b9e94cecac804f05a2b2ad2759fe3e0dfe03a583b3b92b35b862528e4
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20fb282eb506b94fa9ded6d6c35bb4c3c7483a3f75b5268e8954dd009371531e
2557c370886933cfb9a3a5774f79c132bb627a5798500b19bde919bdc11a7b3e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27cb76c9051d712424bcf0b5a6773160aa05c3eee84ad4ed67fa3ff286c3e2ae
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
4165e4873ee5865fbe553282164f860d843aed9fc9a2a1dcec539049cf9b2939
416e601d8d0afb3711c52eee7c22636fcb11c87d15c9bcb58d19c7681279cb07
423f3206b5362ee639755cbf6d8cbd667326c1a22151c3c29e8c673be752f5cf
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
599f4fc8bf8e49681fde74fcc6b373cca8e3dd94c3ad7dccec1b0512f859aed6
59f80c0b1a9746d405511c684030b499b8ca476aee87f701ed0a00bed2e403a2
5c35f6016ef410adae47bb60c69750d72a8a7add85ff790d833faf19855f42cc
5f255179a60909a4557f55ea06c3669edfa0e2ef9778426c43cd6470fb47a71f
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6a4d383ce2d74a726a0dcd38087fda97d17ac475cd5822c61f43e77cac994b19
6fe03ef3be6ddb9c18b63cf317a98205552f60466f559537fed7488547af8b60
720402f6c69cd93aed75868d126902b7ed7c7259f6b08979c7e66b95b4d1164e
72796c1477165a9799ede3be628b2c0dfd916f72888990709172e5ca1041f1fd
747010096632af42bfc3f2fa16350b118767021a4caf13597adf4e1bd4bfb3d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8585b2a47bf2d69e4d5cbcc9c23726a389be627bf0a39b60488e419880110944
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
8b9e78eff8e0b84f049a690481e95b0954368ef59f60cb03c4501d25738feb2c
8c52439929465d0c9a3d88016f53d83e28fcc9d95721b0374ce305ea5e558837
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6fab671d317a3aad5bca67d1d70b2614fb136d2c126645db6bce0b7ecacf07
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91f249079eca001760af4469ad5ac17f0dbe7c63a6f81ce46c1f6995cb101735
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb63919f68ef3d461f07d3f6fc1b4c97eea6f484ae601f17ff6a815078c4196
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2d3a0acb3dea3b4b000e194876313341b2906739006cbae4122c560d1ed75d9
a78756d3ac208f9fbf0a260fe5e221fd881aace8ce184dcda9511479c677a9f5
abdf79e0fb8ee4f25e6c97d1436d238c8758d2c4895babf3f710af1245a3c732
ae188ba2b6590d00793550b85494cc6bd679e7390d4ab802b8ef93362fdd9d53
afafeb74820a92796eba3b2de15b409ad3ae3bd81acac78a14f9a52ef02153ec
b67af16a6420f08a5b00e096a87c9d56339a7048ccccba048c24f33ad3aa00b6
b761fea5054bdf13d3393976bcb032c132e6f9adf1eed2e49bdedad4aaa6a560
b9d9e3855a04ca75cf0a4bf923c6dfa40d4a4b4c069d83cf90a7454af9d2fc01
bdd0de82b0ce1e14aec39fbcff67231249f9d529e5c3f85793763902d6856adc
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c292459b5c9a1bc6cf0478ee7f21c3e471d6302ce85c6d31aaeafe377cd1e54a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5c3446b04b3933c570f7572f9808944028f585a233adfbb1af70c5edf77dbd4
c9d3cb18db5c974631f95f16d0ee733d429548326ae0ea1a122b44978f889571
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4d54315efbba957c2beee8773cee3be55865545b9877ba390ec251023fcc8c
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e21b6db73a2fa437156450af645705334305ad8de17d86e0e7ec8a9dbf3a9011
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
f1e25da360ab2ebf0be8e6b3c0829ce941b69f612b9af606491795da0adf8199
f1f2dfd5e9b5d5297af2555387f8cdb3efd592835b217a0bd5bef66db1a26166
f8d1c08961104c83f993be27eca0c7333a0e23096d7f26582ca716f6d852f0db
fc303d63d61a61734aed3a16707436d4c13bafb46154f78d3c0e539934494ac2
fdbd398b835137b985184d1642e3f692f49dd64d59e41f19e04d41ea2980dabf
fdefed3b11451a34ef8ed06709981b6a1aa55676cf347be203c1099fbd3c91ba