![](/screenshots/a1b68b9a-b5cd-4401-932f-5a7b9eb27f49.png)
www.needcoolshoes.com
Open in
urlscan Pro
54.236.206.131
Public Scan
Submission: On May 12 via manual from ZA
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 26th 2021. Valid for: a year.
This is the only time www.needcoolshoes.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-206-131.compute-1.amazonaws.com
www.needcoolshoes.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
fonts.gstatic.com | |
www.gstatic.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net | |
adservice.google.de |
ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-184-113.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
272 KB |
16 |
needcoolshoes.com
www.needcoolshoes.com |
267 KB |
13 |
doubleclick.net
googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net |
203 KB |
12 |
cpmstar.com
ssl.cdne.cpmstar.com server.cpmstar.com |
364 KB |
5 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
115 KB |
3 |
googletagservices.com
www.googletagservices.com |
98 KB |
3 |
google.com
1 redirects
adservice.google.com www.google.com |
971 B |
3 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
34 KB |
2 |
justpremium.com
pre.ads.justpremium.com |
5 KB |
2 |
google.de
adservice.google.de |
921 B |
2 |
google-analytics.com
www.google-analytics.com |
20 KB |
1 |
googleadservices.com
partner.googleadservices.com |
643 B |
83 | 12 |
Domain | Requested by | |
---|---|---|
16 | www.needcoolshoes.com |
www.needcoolshoes.com
|
13 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
9 | pagead2.googlesyndication.com |
www.needcoolshoes.com
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com |
8 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
7 | ssl.cdne.cpmstar.com |
www.needcoolshoes.com
server.cpmstar.com ssl.cdne.cpmstar.com |
5 | server.cpmstar.com |
ssl.cdne.cpmstar.com
|
4 | static.doubleclick.net |
googleads.g.doubleclick.net
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.googletagservices.com |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
2 | pre.ads.justpremium.com |
ssl.cdne.cpmstar.com
|
2 | adservice.google.com |
pagead2.googlesyndication.com
|
2 | adservice.google.de |
pagead2.googlesyndication.com
|
2 | www.google-analytics.com |
www.needcoolshoes.com
www.google-analytics.com |
2 | fonts.googleapis.com |
www.needcoolshoes.com
googleads.g.doubleclick.net |
1 | www.google.com | 1 redirects |
1 | www.gstatic.com |
googleads.g.doubleclick.net
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | ajax.googleapis.com |
www.needcoolshoes.com
|
83 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
server.cpmstar.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
needcoolshoes.com Sectigo RSA Domain Validation Secure Server CA |
2021-01-26 - 2022-02-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
ssl.cdne.cpmstar.com Go Daddy Secure Certificate Authority - G2 |
2021-02-24 - 2022-03-28 |
a year | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
server.cpmstar.com Go Daddy Secure Certificate Authority - G2 |
2020-06-30 - 2022-09-18 |
2 years | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2021-04-13 - 2021-07-06 |
3 months | crt.sh |
tracking.justpremium.com Amazon |
2021-03-01 - 2022-03-30 |
a year | crt.sh |
This page contains 10 frames:
Primary Page:
https://www.needcoolshoes.com/banner?=paaE
Frame ID: 28EFFB618CA7389093CE1DECB3B8895F
Requests: 48 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Frame ID: 812E65DA84A5F096747C5EF8E943CC97
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Frame ID: 68D28F5962D78EDCA57D6008C9AD5CC0
Requests: 16 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Frame ID: D85CF7D1448DEA3466FC105C1369247A
Requests: 13 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&adk=2724206178&adf=234374453&lmt=1620800770&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770991&bpp=1&bdt=532&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x280&nras=1&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10
Frame ID: BE610CE42A1CF98F27DF63953B3F15D7
Requests: 1 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: E4BC2A5099F31BF8491E1B7B6A53C4F6
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 85BF36D8BAFAB4D26DB025CFDFD4188E
Requests: 2 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: B0316E51CE98351C84C993B5D98A6DF2
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FE1EEE6C939BB3CB74E5615C375B05EC
Requests: 2 HTTP requests in this frame
Frame:
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ambxis1620800775313
Frame ID: 035BEC4D113E5E924050ADD95ED58493
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/a1b68b9a-b5cd-4401-932f-5a7b9eb27f49.png)
Detected technologies
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 69- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si
83 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
banner
www.needcoolshoes.com/ |
17 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner.css
www.needcoolshoes.com/assets/css/ |
53 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.png
www.needcoolshoes.com/assets/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
142 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner.js
www.needcoolshoes.com/assets/js/ |
79 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-top-tile.jpg
www.needcoolshoes.com/assets/img/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-tile.jpg
www.needcoolshoes.com/assets/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flourish.png
www.needcoolshoes.com/assets/img/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bgdiags.png
www.needcoolshoes.com/assets/img/ |
279 B 532 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontello.woff
www.needcoolshoes.com/assets/vendor/fonts/icon/ |
10 KB 10 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/ |
223 KB 82 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
white.png
www.needcoolshoes.com/assets/img/bnnr/ |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_base.png
www.needcoolshoes.com/assets/img/bnnr/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
www.needcoolshoes.com/assets/img/bnnr/ |
196 B 448 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
white.png
www.needcoolshoes.com/assets/img/bnnr/sm/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_base_sm.png
www.needcoolshoes.com/assets/img/bnnr/ |
782 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
black.png
www.needcoolshoes.com/assets/img/bnnr/sm/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ |
39 KB 39 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/ Frame 812E |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteskin_v100.pack.js
ssl.cdne.cpmstar.com/cached/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grid.png
www.needcoolshoes.com/assets/img/ |
335 B 588 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
207 B 643 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 799 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 553 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame 68D2 |
64 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 447 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame D85C |
80 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
integrator.js
adservice.google.de/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
integrator.js
adservice.google.com/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame BE61 |
0 19 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.aspx
server.cpmstar.com/ |
544 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
css
fonts.googleapis.com/ Frame 68D2 |
3 KB 578 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/spam_signals/ Frame 68D2 |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 68D2 |
1 KB 909 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 68D2 |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 68D2 |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 68D2 |
116 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 68D2 |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame 68D2 |
25 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
adview
googleads.g.doubleclick.net/pagead/ Frame 68D2 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
downsize_200k_v1
tpc.googlesyndication.com/simgad/4361255965671060488/ Frame 68D2 |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 68D2 |
209 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 68D2 |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 68D2 |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 68D2 |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
pagead2.googlesyndication.com/bg/ Frame E4BC |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
411_13092_.js
server.cpmstar.com/cached/zonefiles/ |
16 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobilemodules.js
ssl.cdne.cpmstar.com/cached/zonemasters/ |
206 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ssrh.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D85C |
84 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame D85C |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame D85C |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D85C |
116 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame D85C |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8586376228262762721_16570956410356558606.png
static.doubleclick.net/dynamic/5/247142224/ Frame D85C |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9160096684491102062_10052290979494134617.jpeg
static.doubleclick.net/dynamic/5/247142224/ Frame D85C |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16466927413957423521_4909806980399958227.png
static.doubleclick.net/dynamic/5/247142224/ Frame D85C |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17581137712802720474_9450736852085163677.png
static.doubleclick.net/dynamic/5/247142224/ Frame D85C |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
2205244873892788939
tpc.googlesyndication.com/simgad/ Frame D85C |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
adview
googleads.g.doubleclick.net/pagead/ Frame D85C |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
country.aspx
server.cpmstar.com/ |
157 B 539 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteskin.js
ssl.cdne.cpmstar.com/cached/zonemasters/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame 85BF |
143 B 163 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D85C |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame 85BF Redirect Chain
|
0 16 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
pagead2.googlesyndication.com/bg/ Frame B031 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lib.js
ssl.cdne.cpmstar.com/cached/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
starprebid.js
ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/ |
336 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sodar
pagead2.googlesyndication.com/getconfig/ |
10 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.aspx
server.cpmstar.com/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FE1E |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
pagead2.googlesyndication.com/bg/ Frame FE1E |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 121 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 68D2 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.aspx
server.cpmstar.com/ |
0 494 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Dark_Knight_EN_336x768_Left.jpg
ssl.cdne.cpmstar.com/cached/creatives/1209330/ |
91 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Dark_Knight_EN_336x768_Right.jpg
ssl.cdne.cpmstar.com/cached/creatives/1209330/ |
87 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
xhr
pre.ads.justpremium.com/v/2.0/t/ |
44 B 682 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 035B |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
184 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| cpmstar_siteskin_settings string| google_user_agent_client_hint object| App function| $ function| jQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| init function| newPattern function| updateLayer function| updSortableLayers function| patternsHandler function| showPreview function| hidePreview function| colorsHandler function| layerHandler function| layerMoveRedraw function| getNBT function| jsonOutput function| jsonInput function| clearAll function| updateTip function| updateTotals function| updateOutput function| setUrlGal function| readUrl function| chaosInt function| chaos function| craftPattern function| screenshot function| savedGalHandler function| loadLocal function| newSaved function| addLocal function| delLocal function| savedHandler function| clearSaved function| exportChest function| encPair function| decPair function| compact function| epic function| donatePopup function| halp function| supports_html5_storage undefined| _canvas undefined| _layers undefined| _preview undefined| _url undefined| _code undefined| _craft undefined| _jsonMode object| _saved object| _savedTemp undefined| _total object| _totals string| base64dict string| _color object| _patterns object| _colors object| _colorsInv object| _crafting string| _scrlazy function| html2canvas string| base string| bl string| bo string| br string| bri string| bs string| bt string| bts string| cbo string| cr string| cre string| cs string| dls string| drs string| flo string| gra string| hh string| ld string| ls string| mc string| moj string| mr string| ms string| rd string| rs string| sc string| sku string| ss string| tl string| tr string| ts string| tt string| tts string| vh string| lud string| rud string| gru string| hhb string| vhr function| Sortable object| google_image_requests object| $container object| $single object| $el function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| create_cpmstar_siteskin object| cpmstar_siteskin string| rand function| gk97sf object| cpmstarx object| $jscomp function| nfhq9f function| siteSkinReady function| __cmp object| progskin object| starpbjs object| rhp24o7 object| cpmsx function| starpbjsChunk object| _pbjsGlobals object| GoogleGcLKhOms function| u14mbyd function| u1l7kk57 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.needcoolshoes.com/ | Name: _ga Value: GA1.2.2035555741.1620800771 |
|
.needcoolshoes.com/ | Name: __gads Value: ID=c4f0794492ca91dd-22ab650011c8006d:T=1620800771:RT=1620800771:S=ALNI_MYTYI6sejd1E4YLUyaOP_wN5PdZTA |
|
.needcoolshoes.com/ | Name: _gid Value: GA1.2.1848788780.1620800771 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnrLqSZO_FXmNqgwU8L0ARNZZYpQb7Seb3DEWJ9q7G1dvBYInxKohj5FqssEZ0 |
|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.needcoolshoes.com/ | Name: _gat Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pre.ads.justpremium.com
server.cpmstar.com
ssl.cdne.cpmstar.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.needcoolshoes.com
152.199.21.117
18.195.184.113
216.58.212.130
23.235.251.211
2a00:1450:4001:802::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9c
54.236.206.131
03bef40f774dc227be80de9052bd4c0940073205041545ce2e36e960cc9bd348
0c3f8c971306eb98dbc271c6d36058f7b421e04b2bb1c03ad093dc1daedc5347
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
0ee2fdca9b00e3dd008b67cff8077d2ad0c710598b230bb66557baae2b392e58
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186bc50b815d8d3e04fd5f51fb354f398d70f86a487376d01ff671d07a72d456
1a6bb5880ed2cf0042a280df210a2766d78af044859740eab23277f53c217939
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
25bbd9e1bf7e90508af553d13dbca7531168cd41725dc2a14818b0e799bf4e8d
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
30a068e4fb4cb2faa71b8e613d047c02cc7fd691d937e34c8cbcb82dc1fa301d
3131bce444adea5e7ce020f0c0d0d778cb3f4140f9706d8db1ccbf576a32ae47
3320f52d68d27590415808e51326b1553d18bb515cd1d14d04646fb193e2de76
35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72
3b0fc877763d6652ad1957931e9a93eab9c563e2d821e4d27e39c6d8f7bd8c9e
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
43f7a4a500f7e7c72d9ba1760b24e651490b30aefb8bcae8d3f10b43e5259a91
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
4f80aeec95436750dc7632e50e36c5f82ae35ec807f0945035a11780bf35d747
54446b2fb72588e7442e3a65ff9bc1d09b98cfc3164d355d718137b3618f5a55
587e6fab88606dd71c1090fab7a280c38634d54edc72ca4da97e327a7bb8f1ef
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5df0f937f9a5c90461cb5e8f99d50cc1cbb978b6383aaa0287e9c2082acfb1c9
6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b
6410c37ef7a19d049c96aef9600957a6edb8c4ab6c30f235423f7821dee640c8
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
6ce8cb1461f940641cf5409d4946dcbb72d356ad1ce5d913f583a1a7f5b78017
7214a095fd4f7e9a82b8af39b62c3541dc1aac985a6d0afe54402e9f70834763
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
76993d466842e3b40c57bcede8a572699973ff5921dc469b3d3c89651c4ed00e
7c0c64dd3ebd0301f6970e85cac5656838a6250c95567781828cdaac3e37994a
83a6d8ea48a2394fd9a357f8903510f3fcd962a837f6d8e623b0f7183b37143a
876a4fe5aff2bd7035c1ec6ff645b592aeebb2ea9b579ae8f065e011ed3440e4
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8df9592e56bd0616ed6af91c1e33f2d72ea33fe73ae2dea4a5d6dcf382c3e775
923d63425036abff56d79d6e39e3878bf4854c39831744c7019bd796000a9a36
9477acfdf5a80747604538b3a09e170ae4b6a3c7801710dc52973fb66010d37e
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a61f6eec20bf9e92e932b4e0e49850941066c5ca2a163a1050420d03fdc2627d
aa2d25309f6f2f59715a0c32c2eb35105d2aee3e9ba13af7a226f5ef7707eeb4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
b1823c0feb42b393ef6db408c045d04f28d172c7bd582835c237a54a1d2fd085
b39f453bf8f6d91f551a1306f02bb9d3d05e441bd0a121bf635ce57e2ad613ba
b70ba927283001f284c5183bc150ea769dd15a901dd31875ab371b25194b6535
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5e5c9500099641f50775e72c449a319437c25b4f29d6681d35c48f9365ec5ee
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c88c4ff8324d3b18c5784f759de1bc4bc1e64b65d1f3f419d46ccf9ae88b56b4
ce6e37d7be30341e88c39e32a15c0274cba12fa24ef9a2158d96835ea87c64eb
d5e4db82b5272ab8f9f185a23eca6cbddc446363eee542c72099226b933a60a7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d77e2c19e27490536566641587046a54e2df07ee75026662abd8cb546ba3f38b
d883df57bb893370d709d8474d8268444a7636f75908cbf583b56b0556c1ba50
d949ae51099d029b266fbcb868316ec7386ca5284000e5f1fb0bbbac81efa5a1
db74696d286086332e5edd1cfafeba7121af63cf343431286e9c690a9c2efe5e
e11f24cbc5a08c34d9baf1d8f0b3db5771256d6e99c4dd1b525bae30c411af27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac5c50a09bc54f3114788c089f6a048fbfd0be7b64f56d1e135a8817e33a004
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3d32f0e25437c6995f4ed984f3dca542b130b847af8ecc84fda4b9e528fd065