www.baseturf.com
Open in
urlscan Pro
109.234.164.103
Public Scan
URL:
https://www.baseturf.com/ticket-flash/quinte.php
Submission: On February 10 via manual from MA — Scanned from FR
Submission: On February 10 via manual from MA — Scanned from FR
Summary
This website contacted 31 IPs
in 7 countries
across 28 domains to perform 61 HTTP transactions.
The main IP is 109.234.164.103, located in
France and
belongs to O2SWITCH, FR.
The main domain is www.baseturf.com.
TLS certificate: Issued by R3 on December 25th 2022. Valid for: 3 months.
This is the only time www.baseturf.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on December 25th 2022. Valid for: 3 months.
This is the only time www.baseturf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
7
109.234.164.103
(France)
ASN50474 (O2SWITCH, FR)
PTR: 109-234-164-103.reverse.odns.fr
ASN50474 (O2SWITCH, FR)
PTR: 109-234-164-103.reverse.odns.fr
| www.baseturf.com |
2
13.225.78.28
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net
| sb.scorecardresearch.com |
1
2.18.79.133
(Vienna, Austria)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-133.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-133.deploy.static.akamaitechnologies.com
| ced.sascdn.com |
3
2606:4700:10::6816:1957
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| spl.zeotap.com | |
| mwzeom.zeotap.com |
1
2620:116:800d:21:b314:a0ef:ab7c:d546
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| secure.quantserve.com |
1
18.203.96.189
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-189.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-189.eu-west-1.compute.amazonaws.com
| p.cpx.to |
1
65.9.58.132
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-132.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-132.fra56.r.cloudfront.net
| d2zur9cc2gf1tx.cloudfront.net |
1
2600:9000:20eb:6000:6:44e3:f8c0:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| rules.quantcount.com |
2
142.250.185.162
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
| cm.g.doubleclick.net |
1
2600:9000:2304:6e00:3:a4cd:8380:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| test.cmp.quantcast.com |
1
54.154.10.160
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-10-160.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-10-160.eu-west-1.compute.amazonaws.com
| adtrack.adleadevent.com |
1
3.69.215.96
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-215-96.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-215-96.eu-central-1.compute.amazonaws.com
| audit-tcfv2.cmp.quantcast.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 32760 |
279 KB |
| 7 |
quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 2773 test.cmp.quantcast.com — Cisco Umbrella Rank: 10795 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12609 |
182 KB |
| 7 |
baseturf.com
1 redirects
www.baseturf.com |
73 KB |
| 4 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 898 trc-events.taboola.com — Cisco Umbrella Rank: 1633 |
241 KB |
| 3 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 207 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 |
1 KB |
| 3 |
zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2502 mwzeom.zeotap.com — Cisco Umbrella Rank: 2465 |
21 KB |
| 3 |
tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 30914 |
812 B |
| 2 |
confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1393 |
103 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 23 |
20 KB |
| 2 |
criteo.com
gum.criteo.com — Cisco Umbrella Rank: 393 |
579 B |
| 2 |
scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 150 |
2 KB |
| 2 |
espace-turf.com
1 redirects
www.espace-turf.com |
2 KB |
| 2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196 |
42 KB |
| 2 |
o2swit.ch
o2swit.ch |
24 KB |
| 1 |
adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 36163 |
527 B |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 298 |
30 KB |
| 1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 896 |
1 KB |
| 1 |
id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 399 |
1 KB |
| 1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 |
49 KB |
| 1 |
cloudfront.net
d2zur9cc2gf1tx.cloudfront.net |
26 KB |
| 1 |
cpx.to
p.cpx.to — Cisco Umbrella Rank: 9307 |
2 KB |
| 1 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 963 |
10 KB |
| 1 |
onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 722 |
|
| 1 |
leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 33935 |
6 KB |
| 1 |
sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10090 |
33 KB |
| 1 |
unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 19572 |
32 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 687 |
34 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41 |
43 KB |
| 61 | 28 |
| Domain | Requested by | |
|---|---|---|
| 10 | ads.themoneytizer.com |
www.baseturf.com
ads.themoneytizer.com |
| 7 | www.baseturf.com |
1 redirects
cdnjs.cloudflare.com
www.baseturf.com |
| 5 | cmp.quantcast.com |
www.baseturf.com
cmp.quantcast.com |
| 3 | c.tmyzer.com |
ads.themoneytizer.com
|
| 3 | cdn.taboola.com |
www.baseturf.com
cdn.taboola.com |
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | cdn.confiant-integrations.net |
ads.themoneytizer.com
cdn.confiant-integrations.net |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | spl.zeotap.com |
ads.themoneytizer.com
spl.zeotap.com |
| 2 | gum.criteo.com |
ads.themoneytizer.com
cdn.taboola.com |
| 2 | sb.scorecardresearch.com |
cdn.taboola.com
www.baseturf.com |
| 2 | www.espace-turf.com |
1 redirects
www.baseturf.com
|
| 2 | cdnjs.cloudflare.com |
www.baseturf.com
|
| 2 | o2swit.ch |
www.baseturf.com
|
| 1 | trc-events.taboola.com |
www.baseturf.com
|
| 1 | audit-tcfv2.cmp.quantcast.com |
cmp.quantcast.com
|
| 1 | adtrack.adleadevent.com |
ajax.googleapis.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | test.cmp.quantcast.com |
cmp.quantcast.com
|
| 1 | mwzeom.zeotap.com |
www.baseturf.com
|
| 1 | ajax.googleapis.com |
d2zur9cc2gf1tx.cloudfront.net
|
| 1 | rules.quantcount.com |
secure.quantserve.com
|
| 1 | id5-sync.com |
www.baseturf.com
|
| 1 | pagead2.googlesyndication.com |
cdn.unblockia.com
|
| 1 | d2zur9cc2gf1tx.cloudfront.net |
ads.themoneytizer.com
|
| 1 | p.cpx.to |
ads.themoneytizer.com
|
| 1 | secure.quantserve.com |
ads.themoneytizer.com
|
| 1 | onetag-sys.com |
ads.themoneytizer.com
|
| 1 | tag.leadplace.fr |
ads.themoneytizer.com
|
| 1 | ced.sascdn.com |
ads.themoneytizer.com
|
| 1 | cdn.unblockia.com |
www.baseturf.com
|
| 1 | code.jquery.com |
www.baseturf.com
|
| 1 | www.googletagmanager.com |
www.baseturf.com
|
| 61 | 33 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.awin1.com |
| www.turfoo.fr |
| www.pronostic-facile.fr |
| www.turfomania.fr |
| www.espace-turf.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| baseturf.com R3 |
2022-12-25 - 2023-03-25 |
3 months | crt.sh |
| o2swit.ch R3 |
2023-01-25 - 2023-04-25 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
| 1266287590.rsc.cdn77.org R3 |
2022-12-21 - 2023-03-21 |
3 months | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
| *.unblockia.com Amazon |
2022-03-23 - 2023-04-21 |
a year | crt.sh |
| *.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-08 - 2023-12-31 |
a year | crt.sh |
| *.scorecardresearch.com Amazon |
2022-12-30 - 2024-01-28 |
a year | crt.sh |
| c.tmyzer.com R3 |
2023-01-25 - 2023-04-25 |
3 months | crt.sh |
| *.sascdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-08 - 2023-09-11 |
a year | crt.sh |
| *.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-04 - 2023-03-31 |
3 months | crt.sh |
| *.leadplace.fr Gandi Standard SSL CA 2 |
2022-09-13 - 2023-09-13 |
a year | crt.sh |
| *.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-12-28 - 2024-01-28 |
a year | crt.sh |
| *.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-09-09 |
a year | crt.sh |
| *.cpx.to R3 |
2022-11-28 - 2023-02-26 |
3 months | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
| cmp.quantcast.com R3 |
2023-01-08 - 2023-04-08 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
| *.id5-sync.com R3 |
2023-01-25 - 2023-04-25 |
3 months | crt.sh |
| *.confiant-integrations.net GTS CA 1P5 |
2023-01-27 - 2023-04-27 |
3 months | crt.sh |
| quantserve.com R3 |
2023-01-10 - 2023-04-10 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
| adtrack.adleadevent.com Amazon RSA 2048 M02 |
2023-02-10 - 2023-07-12 |
5 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.baseturf.com/ticket-flash/quinte.php
Frame ID: DA2474B4147DEFE261F6BF264B3723B0
Requests: 60 HTTP requests in this frame
Frame:
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676029653152
Frame ID: 75BF3E9877D13C8239DF02D838866E5D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Quinté flash, tirage de votre quinté spotPage URL History Show full URLs
- https://www.baseturf.com/ticket-flash/quinte.php Page URL
-
https://www.baseturf.com/o2s-cgi/security-challenge?a=verify-response
HTTP 302
https://www.baseturf.com/ticket-flash/quinte.php Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Prebid
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /prebid\.js
Quantcast Measure
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.quantserve\.com/quant\.js
comScore
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
- \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://www.awin1.com/awclick.php?gid=311287&mid=7307&awinaffid=560353&linkid=2321492&clickref=
Title: PMU - Bonus 275€
Title: PMU - Bonus 275€
Search URL Search Domain Scan URL
URL: https://www.turfoo.fr/
Title: Turfoo.fr
Title: Turfoo.fr
Search URL Search Domain Scan URL
URL: https://www.pronostic-facile.fr/quinte-du-jour
Title: Quinté du jour
Title: Quinté du jour
Search URL Search Domain Scan URL
URL: https://www.turfomania.fr/
Title: Turfomania.fr
Title: Turfomania.fr
Search URL Search Domain Scan URL
URL: https://www.espace-turf.com/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.baseturf.com/ticket-flash/quinte.php Page URL
-
https://www.baseturf.com/o2s-cgi/security-challenge?a=verify-response
HTTP 302
https://www.baseturf.com/ticket-flash/quinte.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://www.espace-turf.com/button.php?u=baseturfcom HTTP 302
- https://www.espace-turf.com/images/2.png
- https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=17b47217-76f4-44e0-6fdc-065fb13b0bef&reqId=67147c92-c921-480e-6b84-90ae85706c4c&zdid=1258 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=17b47217-76f4-44e0-6fdc-065fb13b0bef&reqId=67147c92-c921-480e-6b84-90ae85706c4c&zdid=1258&google_tc= HTTP 302
- https://mwzeom.zeotap.com/mw?google_gid=CAESEK46PUPZVQ-AJQq1QVRT10o&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=17b47217-76f4-44e0-6fdc-065fb13b0bef&reqId=67147c92-c921-480e-6b84-90ae85706c4c&zdid=1258
61 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
quinte.php
www.baseturf.com/ticket-flash/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
o2swit.ch/assets/ |
3 KB 817 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tiger.svg
o2swit.ch/assets/ |
53 KB 24 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ |
88 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ |
47 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
security-challenge
www.baseturf.com/o2s-cgi/ |
30 KB 30 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
quinte.php
www.baseturf.com/ticket-flash/ Redirect Chain
|
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
www.baseturf.com/include/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen.js
ads.themoneytizer.com/s/ |
5 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
requestform.js
ads.themoneytizer.com/s/ |
175 KB 22 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base-turf.jpg
www.baseturf.com/images/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen.js
ads.themoneytizer.com/s/ |
5 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
requestform.js
ads.themoneytizer.com/s/ |
175 KB 22 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.png
www.espace-turf.com/images/ Redirect Chain
|
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.12.0.min.js
code.jquery.com/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
www.baseturf.com/include/ |
244 B 407 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen.js
ads.themoneytizer.com/s/ |
5 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
requestform.js
ads.themoneytizer.com/s/ |
168 KB 21 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
h.js
cdn.unblockia.com/ |
152 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.js
cdn.taboola.com/libtrc/baseturf/ |
553 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
impl.20230130-10-RELEASE.js
cdn.taboola.com/libtrc/ |
728 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
beacon.js
sb.scorecardresearch.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tr5
cdn.taboola.com/libtrc/ |
3 B 78 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moneybile.js
ads.themoneytizer.com/ |
38 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
c.tmyzer.com/c/ |
0 271 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lib_fs_close.js
ads.themoneytizer.com/ |
667 B 765 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
smart.js
ced.sascdn.com/tag/1097/ |
97 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
gum.criteo.com/ |
49 B 292 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mapper.js
spl.zeotap.com/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
libJsLP.js
tag.leadplace.fr/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
onetag-sys.com/usync/ Frame 75BF |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
quant.js
secure.quantserve.com/ |
25 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
px.js
p.cpx.to/p/12777/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ |
25 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prebid.js
ads.themoneytizer.com/moneybid7_35/build/dist/ |
587 KB 185 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
choice.js
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
c.tmyzer.com/c/ |
0 270 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
c.tmyzer.com/c/ |
0 271 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moneyskin.js
ads.themoneytizer.com/ |
14 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
144 KB 49 KB |
Fetch
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9.gif
id5-sync.com/i/12/ |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config.js
cdn.confiant-integrations.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/ |
159 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
spl.zeotap.com/ |
429 B 621 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmp2.js
cmp.quantcast.com/tcfv2/42/ |
177 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mw
mwzeom.zeotap.com/ Redirect Chain
|
95 B 163 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/ |
216 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ |
10 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 347 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
notifyme.php
adtrack.adleadevent.com/ |
0 527 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmp2ui-en.js
cmp.quantcast.com/tcfv2/42/ |
230 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ |
350 KB 43 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b2
sb.scorecardresearch.com/ |
0 189 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google-atp-list.json
cmp.quantcast.com/tcfv2/ |
151 KB 36 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
audit-tcfv2.cmp.quantcast.com/ |
2 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
gum.criteo.com/ |
46 B 287 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
debug
trc-events.taboola.com/baseturf/log/2/ |
0 90 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
195 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 boolean| credentialless object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| _taboola object| TRC object| _tblConsole undefined| msg object| _comscore function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| ab_test_iiq number| random_cent_iiq undefined| s undefined| x number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26328 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText number| nugg_iiq string| pubstack_ab function| whatToLoad object| sublime object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26328 function| __tcfapi function| __uspapi function| refreshVisibility26322 function| Adcall_26322 function| $ function| jQuery function| refreshVisibility26325 object| skinjs object| sc string| TMSkin_CustomCode string| TMSkin_CustomVar function| Adcall_26325 function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| google_tag_manager function| a0_0x2c88 function| a0_0x5074 object| jQuery1120082339765608643 function| MobileDetect object| md function| verbose object| google_tag_data string| GoogleAnalyticsObject function| ga object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_video object| pubstack_publica number| bidder_geo object| confiant object| COMSCORE function| udm_ function| mapperjs object| __core-js_shared__ object| libJsLeadPlace function| quantserve function| __qc object| ezt object| _qoptions function| findGetConfig number| windowWidth function| tmzSkinSetup boolean| TMSkin_enclosedIframe boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime function| __tcfapiui object| googletag object| ns_p14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .baseturf.com/ | Name: o2s-chl Value: 9c9fa63c807a88640b17c4edc90c057a |
|
| www.baseturf.com/ | Name: PHPSESSID Value: b9619cffe980bd9a01ccf7b3011ede26 |
|
| .id5-sync.com/ | Name: cf Value: |
|
| .id5-sync.com/ | Name: cip Value: |
|
| .id5-sync.com/ | Name: cnac Value: |
|
| .id5-sync.com/ | Name: car Value: |
|
| .id5-sync.com/ | Name: gdpr Value: |
|
| .id5-sync.com/ | Name: callback Value: |
|
| .zeotap.com/ | Name: zc Value: 17b47217-76f4-44e0-6fdc-065fb13b0bef |
|
| .zeotap.com/ | Name: zsc Value: %B6%7B%B5%E6%C1%A5%BD%E3u%A6%89%86%2B%BF%90%0F%13W%3A%95%1A%CC%0F%ED%D1%BE%B2%9A%2B%DAR%2B%EC%16X%B3%FC%FFZ%D9z%14%B6%1Bf%95LX%B0%03%95%A8%9C%C6%CC%BCe%B06%FB%3F%87%8C%24%EA%B0w%98%9C%EC%3F%EB%BEw%87%87%CE%C9i~%DFn%05 |
|
| .baseturf.com/ | Name: _ga Value: GA1.2.623691618.1676029653 |
|
| .baseturf.com/ | Name: _gid Value: GA1.2.393055254.1676029653 |
|
| .baseturf.com/ | Name: _gat_gtag_UA_41255149_1 Value: 1 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUmIvNH6fePpkQfZ8pJzsYOI8H7YDrYtrnvExFqAktpHgmX56YxSgqpxXWOPF8s |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
audit-tcfv2.cmp.quantcast.com
c.tmyzer.com
cdn.confiant-integrations.net
cdn.taboola.com
cdn.unblockia.com
cdnjs.cloudflare.com
ced.sascdn.com
cm.g.doubleclick.net
cmp.quantcast.com
code.jquery.com
d2zur9cc2gf1tx.cloudfront.net
gum.criteo.com
id5-sync.com
mwzeom.zeotap.com
o2swit.ch
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
spl.zeotap.com
stats.g.doubleclick.net
tag.leadplace.fr
test.cmp.quantcast.com
trc-events.taboola.com
www.baseturf.com
www.espace-turf.com
www.google-analytics.com
www.googletagmanager.com
109.234.160.39
109.234.164.103
13.225.78.28
141.226.228.48
142.250.185.162
145.239.192.166
151.101.129.44
162.19.138.82
18.203.96.189
2.18.79.133
2001:4de0:ac18::1:a:1a
213.186.33.2
2600:9000:20eb:6000:6:44e3:f8c0:93a1
2600:9000:21f3:4800:12:abfb:9280:93a1
2600:9000:21f3:8200:9:46dc:4700:93a1
2600:9000:2304:6e00:3:a4cd:8380:93a1
2606:4700:10::6816:1957
2606:4700::6811:180e
2606:4700::6812:116b
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:400d:806::2008
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:807::200a
2a00:1450:4025:401::9d
2a02:2638::1c
2a02:6ea0:c700::18
3.69.215.96
51.89.9.253
54.154.10.160
54.38.64.100
65.9.58.132
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
09ab2981de63b16b358e77913dc4fed90a5ed74ba4dfb45d5521bff2440f7205
10c138dc5811754b41f49fdd06142b46084115ab86cb0725c7a43b04d7ab7ac0
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1ba55bbf60da5a88ca00883e3ad2bebdf82495cba202e79505da0cda09e9655c
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1fea1394b1ad6577b49aa7cd793948c8537677642d41733aa0e93c56a1b81425
20cb4041bd17f3ff36a3f2eeb0dfacc5e3c2432949f4c02982ac566401e4c47c
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c
2a3907dfeb9234765d0deed7b0eeafe47c4a37978ba77d37ae47aeadd10f7c40
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
36376e3f4b36edf2f141d02054d26f2454ec997a9878d4fc9296a278ac0a1b03
3857863bdefe47bd17e08af40faa7d44cadc417819984ffe6f907d6fe3bf8cc1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
61d82e0ae62e9f2a7d724c3a6fa22cb30ddfc4d8f8ec91de31580c3d8ff06fa8
6203ec17b2a10e63541e73eeddf2da10413697b45cbe1c1581e17914dbf3c4ed
6214ff96de6a65b0a9109d7b239ee5bbc398ef1f76e25f0333f50bd25758fcd5
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
64e65bb65089bd028c62652ea894fd4eb67d6867c2126bc22e03c4180e7ab06d
653727d52b5f75064e7bf9c261fdc703593d351147fb5c876179dd7640d9572d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7fb3d57f74d1f23239953438de8f0bcd288941786bf03987604815077f2066cd
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
876626ded6c9d01e8764f738775f4c00a85312a5a63959ef7547cc6d1af5c506
8b34f594a73eb80b300251a9616460566df1a88a58e175e02cbeeea5b0b77fc5
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
94b81dcbf9ccf4165c89915419d341397f0fe40a95a95f8932078fcf5c5b4f18
9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a89b1ed35786b4f7dc5fa44cf9a8110fa01011d8df55bd9a250d21bb29abdf06
a8efe51cbecdad4bc99bcab6208c535224c81077f92247249f93ce079be3b4a7
ab19d04f2cb2e5f89f4d1d3735b463a5c7b9e778cf679fe7907ac633d20c2cee
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
bf71e8da72ce50998655064904df19b5b1bcda04ce8ad9c30cf0ecc6b636c002
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3840b8189842553b99af167bcb3ed1e8b14882129dda257d680ffde1d24c71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e7bd8423073d8944be1474bb7bdeb9f63a7089145d95277486fb8e59235c7328
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
fc2295d04a7efae9b2b118e0e75fd53980723615fabbca648f7257fa6890cdf1