fileforum.com
Open in
urlscan Pro
108.44.238.29
Public Scan
Submission: On November 08 via manual from US — Scanned from CH
Summary
TLS certificate: Issued by R3 on November 4th 2023. Valid for: 3 months.
This is the only time fileforum.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN701 (UUNET, US)
PTR: phoenix.betanews.com
fileforum.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com |
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net |
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 |
374 KB |
16 |
adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 17389 ad4.adfarm1.adition.com — Cisco Umbrella Rank: 51140 ad2.adfarm1.adition.com — Cisco Umbrella Rank: 48092 |
60 KB |
11 |
betanews.com
images.betanews.com |
87 KB |
10 |
doubleclick.net
2 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 |
47 KB |
4 |
casalemedia.com
2 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
140 KB |
1 |
createjs.com
code.createjs.com — Cisco Umbrella Rank: 1549 |
63 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212 |
60 KB |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181 |
604 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462 |
253 B |
1 |
gravatar.com
www.gravatar.com — Cisco Umbrella Rank: 3795 |
5 KB |
1 |
fileforum.com
fileforum.com |
3 KB |
70 | 13 |
Domain | Requested by | |
---|---|---|
17 | pagead2.googlesyndication.com |
fileforum.com
pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com |
12 | imagesrv.adition.com |
fileforum.com
googleads.g.doubleclick.net imagesrv.adition.com |
11 | images.betanews.com |
fileforum.com
images.betanews.com |
7 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
fileforum.com tpc.googlesyndication.com googleads.g.doubleclick.net |
6 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
fileforum.com |
4 | dsum-sec.casalemedia.com |
2 redirects
googleads.g.doubleclick.net
|
3 | cm.g.doubleclick.net |
2 redirects
googleads.g.doubleclick.net
|
2 | ad2.adfarm1.adition.com |
ad4.adfarm1.adition.com
ad2.adfarm1.adition.com |
2 | ad4.adfarm1.adition.com |
fileforum.com
ad4.adfarm1.adition.com |
2 | www.googletagmanager.com |
fileforum.com
www.googletagmanager.com |
1 | code.createjs.com |
imagesrv.adition.com
|
1 | ad.doubleclick.net |
googleads.g.doubleclick.net
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | www.googletagservices.com |
fileforum.com
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.gravatar.com |
fileforum.com
|
1 | fileforum.com | |
70 | 18 |
This site contains links to these domains. Also see Links.
Domain |
---|
betanews.com |
fileforum.betanews.com |
store.fileforum.com |
twitter.com |
www.facebook.com |
demo.sngine.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
admin.betanews.com R3 |
2023-11-04 - 2024-02-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-28 - 2024-04-27 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA |
2022-11-23 - 2023-12-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.adition.com AlphaSSL CA - SHA256 - G4 |
2023-05-08 - 2024-06-08 |
a year | crt.sh |
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4 |
2023-05-08 - 2024-06-08 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-08 - 2024-03-10 |
a year | crt.sh |
This page contains 11 frames:
Primary Page:
https://fileforum.com/profile/limittoad8/
Frame ID: CF1D79BD5B8B5D3CFA6D6DB809E4C42B
Requests: 23 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Frame ID: 842AD3706920905A8B44E113A64D0200
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&lmt=1699472395&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Flimittoad8%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699472395677&bpp=16&bdt=421&idt=272&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7377467222305&frm=20&pv=2&ga_vid=1235627937.1699472396&ga_sid=1699472396&ga_hid=781028500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44801485%2C44807454%2C44807463%2C31078297%2C44806139%2C44808148&oid=2&pvsid=1270744657566567&tmod=979287157&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: 91D578A19A6D6D9D3F61A0055C9064D8
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&fwrn=4&fwrnh=100&lmt=1699472395&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Flimittoad8%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699472395693&bpp=1&bdt=438&idt=280&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7377467222305&frm=20&pv=1&ga_vid=1235627937.1699472396&ga_sid=1699472396&ga_hid=781028500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44801485%2C44807454%2C44807463%2C31078297%2C44806139%2C44808148&oid=2&pvsid=1270744657566567&tmod=979287157&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dfbkIO0UyQ&p=https%3A//fileforum.com&dtd=283
Frame ID: 8C3AD3FD0A36D79CD81661B29F912632
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1B5DE0C67BF4F82787398E65BFF20E30
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNUgDVs-3aaAmPulwB7DxmUjyL2YDmxfUoa4VKYud2u4O3_-qc_rHSzoXv-ipthly-tmRAGQXWEp7RsXoaqQ95PPxsvYNw
Frame ID: 2477F7163B14AA8C201D1B873A91057A
Requests: 4 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: BD287C4EB111D528A415A53E4FE41D32
Requests: 24 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FD0CBC785D038856E458D82E934578E0
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 68606DA2DDEDD8373AFBED7285540255
Requests: 2 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ED9D006FC9AF0C1B4E263205767528FE
Requests: 3 HTTP requests in this frame
Frame:
https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: C7D528102B97CDD9046440419CDEAE57
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
limittoad8's Profile | FileForumDetected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Gravatar (Miscellaneous) Expand
Detected patterns
- <[^>]+gravatar\.com/avatar/
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: BetaNews
Search URL Search Domain Scan URL
Title: Downloads
Search URL Search Domain Scan URL
Title: Software Store
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: https://demo.sngine.com/...owth-with-Ecommerce-SEO
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1
- https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
- https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUvkDEBw7gdwwHj3HqBRZwAA HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
fileforum.com/profile/limittoad8/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
images.betanews.com/stylesheets/fileforum3/ |
886 B 907 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
images.betanews.com/stylesheets/fileforum3/ |
29 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ffsite.js
images.betanews.com/resources/ |
137 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
153 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
48a801b509b30b5d1e946e986716bcc2
www.gravatar.com/avatar/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
166 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navbar_active_gray.png
images.betanews.com/fileforum3/header/ |
1006 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ff_logo_gray.png
images.betanews.com/fileforum3/header/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ff_logo.png
images.betanews.com/fileforum3/header/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buttons.png
images.betanews.com/fileforum3/buttons/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialmedia_icons.png
images.betanews.com/fileforum3/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navbar_active.png
images.betanews.com/fileforum3/header/ |
192 B 644 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bgs.png
images.betanews.com/fileforum3/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons2.png
images.betanews.com/fileforum3/icons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ |
400 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 842A |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
227 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
393 B 604 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 91D5 |
48 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 8C3A |
721 B 574 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ |
160 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 1B5D |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2477 |
478 B 199 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BD28 |
89 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adition.js
imagesrv.adition.com/js/ Frame BD28 |
32 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
ad4.adfarm1.adition.com/ Frame BD28 |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame BD28 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame BD28 |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD28 |
190 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FD0C |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 6860 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 2477 |
170 B 244 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rum
dsum-sec.casalemedia.com/ Frame 2477 Redirect Chain
|
43 B 335 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame 2477 Redirect Chain
|
43 B 779 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 |
0 20 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 |
0 20 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ad
googleads.g.doubleclick.net/dbm/ Frame BD28 |
34 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame FD0C |
38 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 6860 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame FD0C |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame BD28 |
31 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BD28 |
41 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTQ3MjM5NjgzMjczMAogIHNlcnZlcl9pcDogMTM0MDU1ODQyCiAgcHJvY2Vzc19pZDogMzU5MDc0NjAzNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5OTE5NjYy...
ad.doubleclick.net/ddm/activity/ Frame BD28 |
0 853 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner
ad4.adfarm1.adition.com/ Frame BD28 |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame ED9D |
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
ad2.adfarm1.adition.com/ Frame BD28 |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame ED9D |
38 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner
ad2.adfarm1.adition.com/ Frame BD28 |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html
imagesrv.adition.com/banners/268/01/03/c1/27/ Frame C7D5 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame BD28 |
2 KB 667 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame BD28 |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame C7D5 |
753 B 407 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
createjs.min.js
code.createjs.com/1.0.0/ Frame C7D5 |
236 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Mueller_Parfuemerie_emotion_728x90_x_210928_sm.js
imagesrv.adition.com/banners/268/01/03/c1/27/ Frame C7D5 |
30 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adplayer_privacy.sjs
imagesrv.adition.com/js/adplayer/ Frame BD28 |
20 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED9D |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame BD28 |
3 KB 1006 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame BD28 |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_728_1.jpg
imagesrv.adition.com/banners/268/01/03/c1/27/images/ Frame C7D5 |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_728_2.jpg
imagesrv.adition.com/banners/268/01/03/c1/27/images/ Frame C7D5 |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_728_3.jpg
imagesrv.adition.com/banners/268/01/03/c1/27/images/ Frame C7D5 |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_img.png
imagesrv.adition.com/banners/268/01/03/c1/27/images/ Frame C7D5 |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame BD28 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 |
0 20 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| BN function| changeBrowseSort function| suggestfile function| popwin function| downloadNow function| toggleChanges function| $ function| jQuery object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag object| gaGlobal function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| google_image_requests13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fileforum.com/ | Name: sixsession Value: knocmgvedl3jq6ffd0qc0v9goo3q6fmd |
|
.fileforum.com/ | Name: _ga Value: GA1.1.1235627937.1699472396 |
|
.fileforum.com/ | Name: __gads Value: ID=3260258c659d8ef1:T=1699472396:RT=1699472396:S=ALNI_MY5TV_QeaXWMr9JHRJYktC6jKCiBw |
|
.fileforum.com/ | Name: __gpi Value: UID=00000ccc4264f923:T=1699472396:RT=1699472396:S=ALNI_Mbaj5vEgfL77sBJ50Dop3wmZ79JpQ |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkOpbZ2lYFw7e5X2ViRWVO3KKZehDKIlewnguNQn3qmfhMNwbZf62B0P4sp |
|
.adfarm1.adition.com/ | Name: UserID1 Value: 7299178361292325222 |
|
.casalemedia.com/ | Name: CMID Value: ZUvkDEBw7gdwwHj3HqBRZwAA |
|
.casalemedia.com/ | Name: CMPS Value: 5267 |
|
.casalemedia.com/ | Name: CMPRO Value: 5267 |
|
.adfarm1.adition.com/ | Name: lv_5626024 Value: w=4787112|t=1699472397 |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.adfarm1.adition.com/ | Name: lv_5609187 Value: w=4389191|t=1699472396 |
|
.fileforum.com/ | Name: _ga_H9SLV28721 Value: GS1.1.1699472395.1.0.1699472397.0.0.0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
fileforum.com
googleads.g.doubleclick.net
images.betanews.com
imagesrv.adition.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gravatar.com
104.18.36.155
108.44.238.29
142.250.185.194
142.250.185.70
2001:4860:4802:34::36
217.79.188.10
217.79.188.21
217.79.188.46
2606:4700:20::ac43:4a9a
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:26f0:e600::687c:b20
2a04:fa87:fffe::c000:4902
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1102de7853348ed8ff7c6bafa7b5aa738e3e4d79957769e0b2e9f76086280e5d
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f
166a209acbde6e54cdb515c7ca4fb7dc67a1c54e725e3b45a17df3c03b73d8df
1cf56f2b1e386417e5b424806ea2c2c51e4625f7b59cd84555b4467164b3228c
2b903bf843c553f3bca4f1fe7fa9fbaa3198f4276fd07f509239543963223997
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f69f77c0a1f23a7910ac5a348efac89fa905db86751fe119111ecf49bb30be9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89
3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848
3b4cdcf6af9ce83815c1833e7e92d9931d0ff301d8ee18e674174bb287c160dc
3ddef050c86e4649d6dd4c738fa529f2a5ab14d07e16f50fa5ffecce6510f35b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4628ca1abf06698cf554b814ebc10c99f3211ee67e4d4f6337b75168b4fd530e
48b3106c8ae345b5296203c10a13f543a83d8aeff1afef883be2976a31684bde
529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281
54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5916e0b240cb97c609bce4253569ab210ddd5f3569b61d2c6ed8efe310844dc8
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
605ff8b94000a08f220e5bf9c4994d3bea1baacd49ad805252a4face2d004287
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
62c8cbe4f09297e5258b5e791dcec63a896556b0835f68474b3031ea1062e655
647dfc5e3595ce089fb8f85e52b9d461d82b4c3329e58e65f5b464aee252f0c6
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a
722e3ea66c971551f17e8a246a066e6246832107da139f9b82cc9c2b63946af5
7b5738605cd2cd3b8f1b8722625473f7376cdf907fe9b79f32c00ea096bf3320
87391d2ee51716bf33aed0b2b515033866a6ab16ddf3712dfbc82c6e6572b30c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf53f2156589ab61d24698ecf925bbdbf2fccb615b69cacdc290938305349a43
c87e6cfa96f6c410884a070a7522dc93004151c48636dd9e385b755892898729
c8b09c6bbbc315b2605f546f3738f4100237418285d218ca3f07dbd35182d8d0
cce5bec418d49e66720b68cb29ade9f49a4c36001f59161ffbc313c4a934d1ac
cf48fc9ce7e98d18205909b7a03ee18697200532239cf9eb37503f72b1ceca02
d044bf06dd6cd2d0bc44db373bef31d5cf036bb33dafd35d7c75ca820d2d425c
d3aa9f9a05e24ce6cbcbb5942e65533ddd7eebeee930d0066e57ab3d03d9fb4e
d7c94053a53a49905f28e73feb467bb8404863df6209d1ed3481bcbad273f87f
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dd0b46d5b79ef40b86c04d942558894f745a78c14c68a69cf35f92f4eef67ae5
deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed80ffdd5f0f687b2c5deb49162d1c19e2ba9fcba5f130bffd0f0853a759d04c
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab
fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab