fdown.net
Open in
urlscan Pro
172.67.70.216
Public Scan
Effective URL: https://fdown.net/
Submission: On June 26 via manual from NZ — Scanned from NZ
Summary
TLS certificate: Issued by E1 on May 29th 2024. Valid for: 3 months.
This is the only time fdown.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 33 | 172.67.70.216 172.67.70.216 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2404:6800:400... 2404:6800:4006:814::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 104.17.3.184 104.17.3.184 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 142.251.221.66 142.251.221.66 | 15169 (GOOGLE) (GOOGLE) | |
5 | 142.250.76.98 142.250.76.98 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4860:480... 2001:4860:4802:38::181 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4003:c1c::9d | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.221.67 142.251.221.67 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:400... 2404:6800:4006:810::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:400... 2404:6800:4006:810::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4006:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
11 | 142.250.67.14 142.250.67.14 | 15169 (GOOGLE) (GOOGLE) | |
65 | 13 |
ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
www.google.co.nz |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f14.1e100.net
fundingchoicesmessages.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
fdown.net
1 redirects
fdown.net — Cisco Umbrella Rank: 33221 |
261 KB |
16 |
google.com
analytics.google.com — Cisco Umbrella Rank: 174 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744 www.google.com — Cisco Umbrella Rank: 5 |
77 KB |
7 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 tpc.googlesyndication.com — Cisco Umbrella Rank: 177 |
297 KB |
6 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 |
250 B |
2 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 4311 |
14 KB |
1 |
google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 28952 |
63 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
97 KB |
65 | 7 |
Domain | Requested by | |
---|---|---|
33 | fdown.net |
1 redirects
fdown.net
|
13 | fundingchoicesmessages.google.com |
pagead2.googlesyndication.com
|
5 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
5 | pagead2.googlesyndication.com |
fdown.net
pagead2.googlesyndication.com |
2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
2 | analytics.google.com |
www.googletagmanager.com
|
2 | challenges.cloudflare.com | 1 redirects |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | www.google.co.nz | |
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
fdown.net
|
65 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
downvideo.net |
twdown.net |
chrome.google.com |
fbdown.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fdown.net E1 |
2024-05-29 - 2024-08-27 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google.co.nz WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
tpc.googlesyndication.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
www.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
https://fdown.net/
Frame ID: 82E2C9243B9D9225C94D912A8B1299BE
Requests: 55 HTTP requests in this frame
Frame:
https://fdown.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: 7DE5347A13303533B0E7D1B42B9AF8F3
Requests: 3 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 406908AFB6B9FA8C34412BDDC1284079
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719375456&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffdown.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_7~30_23~27_9~29_18&aiixl=32_9~30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719375456353&bpp=5&bdt=1063&idt=457&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=572433593814&frm=20&pv=2&ga_vid=930942720.1719375457&ga_sid=1719375457&ga_hid=327177565&ga_fc=0&u_tz=720&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C31084689%2C95334509%2C95334526%2C95334564%2C95334571%2C95334830%2C95335897%2C31084857%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2276278143285918&tmod=2031597782&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=476
Frame ID: 9CD3AF610640780CDA60DF86E9C127D1
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&slotname=3440549079&adk=4249367247&adf=1487462760&pi=t.ma~as.3440549079&w=730&abgtt=3&fwrn=4&fwrnh=100&lmt=1719375456&rafmt=1&format=730x280&url=https%3A%2F%2Ffdown.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719375456358&bpp=3&bdt=1068&idt=486&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=572433593814&frm=20&pv=1&ga_vid=930942720.1719375457&ga_sid=1719375457&ga_hid=327177565&ga_fc=0&u_tz=720&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C31084689%2C95334509%2C95334526%2C95334564%2C95334571%2C95334830%2C95335897%2C31084857%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2276278143285918&tmod=2031597782&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=497
Frame ID: F53AE369CFDBDD6529A6081576E12A9E
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 746AF786DEBAE9A32737D5E18D7CBD07
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 191C8EC6394747D938689A5188228FFA
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 03786604F2C3021613D81F4C29024A7C
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 854F7A701C731548E9955CF588F85CE2
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Facebook Video Downloader Online - Download Facebook VideosPage URL History Show full URLs
-
http://fdown.net/
HTTP 307
https://fdown.net/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Facebook Video Downloader (2nd Server)
Search URL Search Domain Scan URL
Title: Twitter Video Downloader
Search URL Search Domain Scan URL
Title: Chrome Extension
Search URL Search Domain Scan URL
Title: FBDOWN.COM
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fdown.net/
HTTP 307
https://fdown.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
- https://fdown.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://fdown.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
65 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
fdown.net/ Redirect Chain
|
36 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
fdown.net/css/ |
117 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
fdown.net/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-facebook-video-downloader.png
fdown.net/img/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chrome.png
fdown.net/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en.png
fdown.net/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
es.png
fdown.net/img/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pt.png
fdown.net/img/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
de.png
fdown.net/img/ |
312 B 819 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fr.png
fdown.net/img/ |
374 B 845 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
it.png
fdown.net/img/ |
288 B 787 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fbdown.png
fdown.net/img/ |
14 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontcc.css
fdown.net/css/ |
225 B 570 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
glyphicons-halflings-regular.woff2
fdown.net/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
RooneyBold.woff
fdown.net/css/fontcc/ |
55 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
RooneyRegular.woff
fdown.net/css/fontcc/ |
55 KB 56 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
windows.png
fdown.net/img/ |
152 B 666 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ios.png
fdown.net/img/ |
876 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
santa-claus.png
fdown.net/img/ |
886 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
br.png
fdown.net/img/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
apple.png
fdown.net/img/ |
284 B 793 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
android.png
fdown.net/img/ |
519 B 997 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firefox.png
fdown.net/img/ |
796 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rocket-loader.min.js
fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts.js
fdown.net/js/ |
0 433 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
fdown.net/js/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fbdown_home_min.js
fdown.net/js/ |
809 B 810 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
285 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/ Redirect Chain
|
42 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
159 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
fdown.net/js/ |
81 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
fdown.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame 7DE5 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.png
fdown.net/img/ |
1 KB 2 KB |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
899a636e8ec75d34
fdown.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7DE5 |
0 669 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
899a636e8ec75d34
fdown.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7DE5 |
0 666 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/ |
425 KB 143 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame 4069 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 9CD3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
17 KB 13 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame F53A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.co.nz/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/ |
169 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-9232253514792453
fundingchoicesmessages.google.com/i/ |
197 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 746A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 191C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxWHTTlPKO_49p9bIvGg0b5SgT9w2kA7sGKPwmjRBSLy8Ee1BVZNlabW9dMw9OyIYL-LAZkES0tolH7Tu7pXOJvnE3WfC8tlnEoHpl5IS4lNe4QP8K2IWlLUMVtO130h0jJZ9eJzjw==
fundingchoicesmessages.google.com/f/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame 0378 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame 854F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adnews.
fundingchoicesmessages.google.com/f/AGSKWxVpMA76-odUbv_v1GszGEbw40PdB4eUBXwgEJMbuBivYejma--8-q92bc5IZ4R8cJdsZtMzJI8mkgoCm1d-7Gbrzshn1YgyS2yJLz_AaX_YevcWRUzEwMxh-Bwp9-1iPiTNMkRI9buRN7mGjzNyFOKyolSHT... |
54 B 109 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum.js
pagead2.googlesyndication.com/pagead/js/ |
68 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxW48pZVAcxAsU_NZfXtLNT36OPV7Q7_73BeeOHCwQdU7FRlenJC1YVNcY0AOf0pxkfp6PX8A8Fvb7GqWRpR_Yi50bdzF0n2X6AMc-xhD5C6C6Lwcmb0dFu9NbxPbWjHDFfmjRPo0Q==
fundingchoicesmessages.google.com/f/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxVSa8sJgakKlGx7ADCYFcPWouQ5_UiP7cNnI4P9hdo34yxNQcAO1KVDZB5O2OpPCF1eKCBUDJE0PoFXASqTkxPs5XS9ZLMz34_0SBzmlq1weAUlUx9yDBrxHe1jxZhpF5bTcAGRWw==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxUUg8-NuzqzHKfyy73me-Ik6r-HGNvz9L5exqm3MRC5u0-ooY2paiS1ff5B15JtfSWUbdhunR1Ck4-qqlM5U06w-_u820IkHc7t9iGv1ohsr-v7A4nwToVxGLNku7VnwM_tumnKLw==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXT0na_td9zWd7RLrLNVwlW_CQvkU-jMpy0WIBgASGNdXIT3fkDxCcRPfhjoS9pdT-zBsPStjehyzIxaxoOPvqDTiUIDTSy25iPDDzFsTguyvzZYtOyOqUnfjUpdZFeXhHlm4jnbQ==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=2276278143285918&bg=!4eKl4q3NAAb64txl2uI7ADQBe5WfOKekPmDTsbcYYSblnlVAFJjUGUq1Owjk3hhA5r59X1PjoPPpZFmopaIgfR--ZOh3AgAAAEFSAAAABGgBB34ANpixZoPktb-t9w98-V-ehremNyM8JzjEacIMcTCb8B9YHXTgKyIM02rYh-IqaVDEFTww-lqtJZkC3t48w0cZJT-9uwsZAPD7zobbFyus53xJBQt2hhlhjuiPEPPCED8Id-9m_1qudsQ-B2W-RHsL04gRzEclAOqJECoO4vNjG9FNz2TbMZexjWDXvaXcDnjxRgxpiw_o9rC4wQsxFsV0S__0SpocssZiEMf1C4foKBonlwAmrUoShKuOP23HpKd9oPGZNCA_kJG8NB5ExOZqd8W2_vuZagZIDXZnJp1MSUlhlArPJN5RIosjfPO7FwNYGWc9NBQ2yDvLTr6Fsx0vulieIOwosBtwnjV9Kc1eBKtFQFT9wXrzUeaKcf3jIcQBByWjF0tAPddli-u-08JUXN6BR5Ocit2EpEqPhN1BXp1jnHhMUjxLafzZAkNot8kfcIs7McMBIo29CSkxX5LHiNXu586DFuJ5XYkRUT56qOQZgwbx8v-SxXMdE2hbNpOWdH8H8HhRUVQLMnThKB7hu6mV-fzG5llKlV3h1AfxMGqkIUWuIK0DP5H9pYlLsH6midqVePzsOUo1zQDvGzUY_gXstIG98As1V2NYu6-6FRqEYpZOV8BSRKsqIcXdc_QJXfYOBseroIZCqCvDMcNnni2JvaSVwagQtrlHe5Y8GSwg2i-3t-J0Rdtd6DCNhKEvt7sUUnXqeO6OfqgbtPp91c8lDv-_2jBiQ26v-j7UPweZnuo-jMC1kAgssCYUTaDYX_qlPt8qsKz9hE0RyxeVIlK79Rk_DRAQ9ZGhZ3pioeKxV_LwCYqUrposumtFTyK4ATOCP7pvEpFtM9DIuhI6l4zzCICispo9C6Rk8hvyv5srVl7mF8CIIAMzJVPgVjE4VGKEmNJy5F40S4xkMXCtp9nDpm_yt0n7PZQjjUV6gNMWhSdjfvEd1MxwlxeJ6qBWoaAbvkt8EuXCjt9D1QFaezMV8MTjGZ84oe9CbWawPwEu4Hbee70utcXvz-jPYOAlW1asnqZln029w4vNgHTZ-kNWZyTEW1fn
Verdicts & Comments Add Verdict or Comment
83 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 undefined| event object| fence object| sharedStorage object| __cfQR function| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle boolean| isIphone boolean| isIpod boolean| isIpad boolean| isIos function| progressShow boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| turnstile function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| googletag object| GoogleGcLKhOms object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NjFlNjEyYzMwZmU5NmQ0MWxvYWRlcl9qcw== string| NjFlNjEyYzMwZmU5NmQ0MWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_image_requests object| _google_rum_ns_ undefined| google_rum_values boolean| 4b3a516e-c0d0-4e67-8024-6f348582f69c16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fdown.net/ | Name: cf_clearance Value: 7jsHAgYMrFKrVj10d79wZumQ4f6FHVlDKmzi4TRMFEI-1719375456-1.0.1.1-C4y_XlaCkCEih5hSfQ0kYdlG9TImOBM6yg_ABJOj2V7tD7wy.AGUVZK03nti3NExNQQ4o8WwXYCS6_1TYP8AXA |
|
.fdown.net/ | Name: _ga Value: GA1.1.930942720.1719375457 |
|
.fdown.net/ | Name: __gads Value: ID=72fded3e39e21f78:T=1719375457:RT=1719375457:S=ALNI_MbnEOG0CkzcPYF4z2n1vcARRIVO7g |
|
.fdown.net/ | Name: __gpi Value: UID=00000e6485a4d2bb:T=1719375457:RT=1719375457:S=ALNI_MZNPHpbByIsO1W81o3OjFYTfOJIaQ |
|
.fdown.net/ | Name: __eoi Value: ID=73b11343383991a8:T=1719375457:RT=1719375457:S=AA-AfjajQ2stwjutPotGqlrI_Uud |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnGDV278JvbgvSTSlAz_75Tj1px_UgLreOpaTV35EAs4Cdr8LTfBmX4wmjqQYU |
|
.googleadservices.com/ | Name: ar_debug Value: 1 |
|
.fdown.net/ | Name: _ga_82ERN9JZD3 Value: GS1.1.1719375456.1.0.1719375459.57.0.0 |
|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.casalemedia.com/ | Name: CMID Value: ZnuWY4sFVpkAAB3KAa.aUwAA |
|
.casalemedia.com/ | Name: CMPS Value: 4683 |
|
.casalemedia.com/ | Name: CMPRO Value: 4683 |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.fdown.net/ | Name: FCNEC Value: %5B%5B%22AKsRol_KJP5_2c7ObQ1GWGK1CkKAtO09TMGV0AwDjGijav78HhI3TrPZ_RiI__PeYXX87B6VyhHCsIuaSFOnvI_1udD1O4mLMZTcqjeTZLoVvpfEXNZ-7oQnPs8ZtkVTA63IqdDOHlsD9ws7fop-298Jfq_ybD_a0A%3D%3D%22%5D%5D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
challenges.cloudflare.com
fdown.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.co.nz
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.3.184
142.250.67.14
142.250.76.98
142.251.221.66
142.251.221.67
172.67.70.216
2001:4860:4802:38::181
2404:6800:4003:c1c::9d
2404:6800:4006:80f::2004
2404:6800:4006:810::2001
2404:6800:4006:810::200e
2404:6800:4006:814::2008
044d43cacd75f8eb7c79dfdd513e260690513768722e4102bc4484f7908eb289
052acb754fd04e3ca5e968f4ad3f2bc8898416570bd3d51f6f2919c1611f0849
0627b0cc26e5de38fe74c194040ab7f6a8537ccee7e66f4930d40bdee9e0bd39
18a93befebedf6f0635dd4605dd5f8739a4065475eab759b90575bb8df33d466
1ccc48d1627f8d7fd534c6f3121c1aae100460b581bde8d46112c63823bee136
20d63dbcc126818e52bc87240fec52427040fce903d2a0dcf5ba3494ac8a5833
3165ad11e7c865da327622d80ea8eab00af22d9a589d9c4ab72f41fd2a0aba97
3197c28794bce0ca59f22e784c487d9924fb47124e27604380f7f3b0e1c11071
38252fd05e4ab4e2b556031127e6244477d680fe83de25a5b7ed2a5d1e2007b5
38ee3b27d322467736d77fb81e4e8d8ba84ce0f1dbb4b95ae2f97c67213e21ad
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639a221781d4b16685fdeece57014d6e9cd3ab5ece9e045da03dc411ee33c103
655b679e1bf8ecaa5dfba2ddcfe13104cf8f5ce725b4038162790726d5c38c5c
675bd22dfc27f7f5c76d796a5da6817cf577aaefb783d3dd1b2ed89ce47f7cd5
6f303d73059745e5512f2106dda0fdc74544d4f150df3504b664c456e7af8f58
6f41272e96dd3b140dab2d4180d027730fc95fd70a17821247906febce4ab717
7606e85408cc35686abd635f98ed668b36bc7c80b032a0d42b17ec3d9ed68de2
7710f82d194ccc075b7409bf620a35eeeba9de9f0de88c62888560675f28c820
78b9703e715697e2f2ab07665bda1e8c49e0f5c02b5c9ae09cbb72a25e52b8f8
7cca0e02267d9be3a57b5c8a646cf2d397f2d25e8618868212e16950b5254771
898ade2bd846c58229569d56643950af69f268acea4dfb8dbf9883e7f2b88104
8ee86a352602077cabc15bc2206f8a4e3dceb8066b626ba5a981b406f3d4f81a
90029b49c86cea2f8f1d3b563ed49a045a7e668e598d02f0b7530035a40467cd
9580922ee66f527c11a67dd812ee554bd0999c0bfc08d23e766f68c9756b3a82
9925542717338c39e0f70400dbe55cbac77bd451a67375f587b17c670ec532ba
9c2e76647d21e48b1293fc74fa9fd11644a1b9a614163cb475e2e880f85fa16c
9ffa908b53bcc0201ac9492bf1630082863fce1098dc7a41d7c529eab5cf8db0
a855d36181b222016564c919500aed943a3cd3766fe4907bf5d19d5ede93c46e
a8d08bd6524b6439c0c22a8bea2839a071267de4774132d2514544b5b4ace5b9
b96845c0eccb0e864e606db06ff08da281117359d9947310de93bcd52038a74e
c5b950ad159de13ec473984f63ad28362a67fa23a670836cafdd393016a88720
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce5732113fff99931a93b250f84626f735f9ffda33e0a0157ec55256b7c8e537
d37353e5e8c10a4e81392ed1b1ea608088709c38f2b1c217d8f5e3a18fe843a7
dc4c07949967cd563fb8521f9d3ca44eb4cf360f07cd44bcbcae9e1182ca97f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e448ba8d144bd89b890d6d8dd3ddf6034195558c3ddc1bb33b172b2cb4eefe98
ebabb707041a952a93bc1ba0f0dd46bf51c162057cf59a67354ff6ac9415cfe9
ec41a19d60bebd53e6b6d9f7d0ccb17e58498c7e9226ff9da7bb34b0a6e72765
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13a667dc62f7c88eb71bf252d7879beb20b50dc72f8f40948fbba45038cc1d6
f6a95e36f526475aeb4a0828792592ee43476d7e516bb777e23070cba401fde9
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c