gde-fon.com
Open in
urlscan Pro
94.130.4.246
Public Scan
Submitted URL: http://st-gdefon.gallery.world/
Effective URL: http://gde-fon.com/
Submission: On October 12 via manual from SI
Effective URL: http://gde-fon.com/
Submission: On October 12 via manual from SI
Summary
This website contacted 10 IPs
in 2 countries
across 11 domains to perform 64 HTTP transactions.
The main IP is 94.130.4.246, located in
Germany and
belongs to HETZNER-AS, DE.
The main domain is gde-fon.com.
This is the only time gde-fon.com was scanned on urlscan.io!
This is the only time gde-fon.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 10 | 148.251.23.198 148.251.23.198 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 2 36 | 94.130.4.246 94.130.4.246 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:815::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 81.19.89.18 81.19.89.18 | 24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:819::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 9 | 2a00:1450:400... 2a00:1450:4001:809::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 81.19.89.17 81.19.89.17 | 24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS) | |
| 1 4 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
| 2 3 | 88.212.201.198 88.212.201.198 | 39134 (UNITEDNET) (UNITEDNET) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:809::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 64 | 10 |
10
148.251.23.198
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.198.23.251.148.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.198.23.251.148.clients.your-server.de
| st-gdefon.gallery.world | |
| st.gde-fon.com |
36
94.130.4.246
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.246.4.130.94.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.246.4.130.94.clients.your-server.de
| www.gdefon.com | |
| gdefon.com | |
| gde-fon.com | |
| cdn.gde-fon.com |
3
2a00:1450:4001:815::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com | |
| adservice.google.de |
1
81.19.89.18
(Russian Federation)
ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
| counter.rambler.ru |
1
2a00:1450:4001:819::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
9
2a00:1450:4001:809::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| adservice.google.com | |
| googleads.g.doubleclick.net | |
| www.googletagservices.com | |
| pagead2.googlesyndication.com |
1
81.19.89.17
(Russian Federation)
ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
| kraken.rambler.ru |
2
2a00:1450:4001:809::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 43 |
gde-fon.com
gde-fon.com cdn.gde-fon.com st.gde-fon.com |
482 KB |
| 7 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
179 KB |
| 5 |
doubleclick.net
googleads.g.doubleclick.net |
|
| 4 |
yandex.ru
1 redirects
mc.yandex.ru |
45 KB |
| 3 |
yadro.ru
2 redirects
counter.yadro.ru |
2 KB |
| 2 |
rambler.ru
counter.rambler.ru kraken.rambler.ru |
62 KB |
| 2 |
gdefon.com
2 redirects
www.gdefon.com gdefon.com |
491 B |
| 1 |
googletagservices.com
www.googletagservices.com |
28 KB |
| 1 |
google.com
adservice.google.com |
890 B |
| 1 |
google.de
adservice.google.de |
890 B |
| 1 |
gallery.world
1 redirects
st-gdefon.gallery.world |
289 B |
| 64 | 11 |
| Domain | Requested by | |
|---|---|---|
| 31 | cdn.gde-fon.com |
gde-fon.com
|
| 9 | st.gde-fon.com |
gde-fon.com
|
| 5 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 5 | pagead2.googlesyndication.com |
gde-fon.com
pagead2.googlesyndication.com |
| 4 | mc.yandex.ru |
1 redirects
gde-fon.com
|
| 3 | counter.yadro.ru |
2 redirects
gde-fon.com
|
| 3 | gde-fon.com |
gde-fon.com
|
| 2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 1 | kraken.rambler.ru |
gde-fon.com
|
| 1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | counter.rambler.ru |
gde-fon.com
|
| 1 | gdefon.com | 1 redirects |
| 1 | www.gdefon.com | 1 redirects |
| 1 | st-gdefon.gallery.world | 1 redirects |
| 64 | 16 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| top100.rambler.ru |
| www.liveinternet.ru |
| vk.com |
| www.facebook.com |
| twitter.com |
| www.yandex.ru |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.g.doubleclick.net GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
| *.google.de GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
| mc.yandex.ru Yandex CA |
2020-09-29 - 2021-03-11 |
5 months | crt.sh |
| counter.yadro.ru GoGetSSL ECC DV CA |
2020-02-02 - 2022-05-02 |
2 years | crt.sh |
This page contains 7 frames:
Primary Page:
http://gde-fon.com/
Frame ID: C4FCFC9A56F7BFEA360FB0E23F82D9A2
Requests: 58 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Frame ID: F9AB29828702C13273759F45EAF7A8C3
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4030154701217591&output=html&h=90&slotname=6907362197&adk=4136724255&adf=3729691381&w=728&lmt=1602497280&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fgde-fon.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602497280308&bpp=16&bdt=109&idt=93&shv=r20201007&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8194248361518&frm=20&pv=2&ga_vid=1693569632.1602497280&ga_sid=1602497280&ga_hid=1009301497&ga_fc=0&iag=0&icsg=10912&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=264&ady=312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067494&oid=3&pvsid=2123715741541123&pem=881&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iqlKkXhy9L&p=http%3A//gde-fon.com&dtd=113
Frame ID: 1BEA9F4231EC644A86706C3D6DC047C8
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4030154701217591&output=html&h=90&slotname=6907362197&adk=4136724255&adf=2997414175&w=728&lmt=1602497280&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fgde-fon.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602497280350&bpp=4&bdt=151&idt=82&shv=r20201007&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=6907362197&correlator=8194248361518&frm=20&pv=1&ga_vid=1693569632.1602497280&ga_sid=1602497280&ga_hid=1009301497&ga_fc=0&iag=0&icsg=43680&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=1313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067494&oid=3&pvsid=2123715741541123&pem=881&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=EmHgBgEoJF&p=http%3A//gde-fon.com&dtd=85
Frame ID: DA591A78CE03AFF1C819B4F398046571
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4030154701217591&output=html&adk=1812271804&adf=3025194257&lmt=1602497281&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fgde-fon.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602497281053&bpp=2&bdt=854&idt=2&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=6907362197%2C6907362197&nras=1&correlator=8194248361518&frm=20&pv=1&ga_vid=1693569632.1602497280&ga_sid=1602497280&ga_hid=1009301497&ga_fc=0&iag=0&icsg=2271874&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067494&oid=3&psts=AGkb-H9GbX1--TGsEAA-0SLttc9ceksdL8jDsD_lAmDthE-F2k1pu_QESHylo6TkYh8uPg%2CAGkb-H_H5uoXOvQ-R0O3-R78UJwZZkGXtml740G3IzL0F7a1PlAJzWheheFxe4hC4oU&pvsid=2123715741541123&pem=881&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=8
Frame ID: AF9DC8136ED3078C3F7A04FB0B0C460C
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: B08039C85C37707F44843768B975B8EE
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4030154701217591&output=html&h=240&adk=4019670855&adf=2051224599&w=246&fwrn=4&fwrnh=100&lmt=1602497281&rafmt=1&to=qs&pwprc=4742960669&psa=1&guci=1.2.0.0.2.2.0.0&format=246x240&url=http%3A%2F%2Fgde-fon.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602497281220&bpp=4&bdt=1020&idt=4&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=6907362197%2C6907362197&nras=1&correlator=8194248361518&frm=20&pv=1&ga_vid=1693569632.1602497280&ga_sid=1602497280&ga_hid=1009301497&ga_fc=0&iag=0&icsg=567968&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067494&oid=3&psts=AGkb-H9GbX1--TGsEAA-0SLttc9ceksdL8jDsD_lAmDthE-F2k1pu_QESHylo6TkYh8uPg%2CAGkb-H_H5uoXOvQ-R0O3-R78UJwZZkGXtml740G3IzL0F7a1PlAJzWheheFxe4hC4oU&pvsid=2123715741541123&pem=881&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MTpKnAHEDU&p=http%3A//gde-fon.com&dtd=15
Frame ID: D992F900EA20D0095A56A52DA905D69D
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://st-gdefon.gallery.world/
HTTP 301
http://www.gdefon.com/ HTTP 301
http://gdefon.com/ HTTP 301
http://gde-fon.com/ Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://top100.rambler.ru/home?id=3020921
Search URL Search Domain Scan URL
URL: http://www.liveinternet.ru/click
Search URL Search Domain Scan URL
URL: http://vk.com/gdefon
Search URL Search Domain Scan URL
URL: http://www.facebook.com/gdefon
Search URL Search Domain Scan URL
URL: http://twitter.com/gdefon
Search URL Search Domain Scan URL
URL: http://www.yandex.ru/?add=65073&from=shared
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://st-gdefon.gallery.world/
HTTP 301
http://www.gdefon.com/ HTTP 301
http://gdefon.com/ HTTP 301
http://gde-fon.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 48- http://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//gde-fon.com/;0.0987494707629668 HTTP 302
- https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//gde-fon.com/;0.0987494707629668 HTTP 302
- https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//gde-fon.com/;0.0987494707629668
- https://mc.yandex.ru/watch/24925871?wmode=7&page-url=http%3A%2F%2Fgde-fon.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602497279472%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201012120800%3Aet%3A1602497281%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A90009048870%3Arqn%3A1%3Arn%3A954442854%3Ahid%3A309410051%3Ads%3A48%2C5%2C503%2C10%2C166%2C0%2C0%2C271%2C35%2C%2C%2C%2C998%3Afp%3A783%3Awn%3A5427%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602497281%3Au%3A1602497281930503836%3At%3AWallpapers%20and%20pictures%20for%20your%20desktop%20on%20the%20site%20www.GdeFon.com HTTP 302
- https://mc.yandex.ru/watch/24925871/1?wmode=7&page-url=http%3A%2F%2Fgde-fon.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602497279472%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201012120800%3Aet%3A1602497281%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A90009048870%3Arqn%3A1%3Arn%3A954442854%3Ahid%3A309410051%3Ads%3A48%2C5%2C503%2C10%2C166%2C0%2C0%2C271%2C35%2C%2C%2C%2C998%3Afp%3A783%3Awn%3A5427%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602497281%3Au%3A1602497281930503836%3At%3AWallpapers%20and%20pictures%20for%20your%20desktop%20on%20the%20site%20www.GdeFon.com
64 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
gde-fon.com/ Redirect Chain
|
174 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top_bg.gif
cdn.gde-fon.com/images/ |
419 B 776 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gdefon.gif
cdn.gde-fon.com/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
add_wallpaper.png
cdn.gde-fon.com/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
random.png
cdn.gde-fon.com/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rss.png
cdn.gde-fon.com/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_toggler.png
cdn.gde-fon.com/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow_down.gif
cdn.gde-fon.com/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
separator.gif
cdn.gde-fon.com/images/ |
240 B 596 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en.gif
cdn.gde-fon.com/images/flag/ |
1013 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
show_ads.js
pagead2.googlesyndication.com/pagead/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658634_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
comments_preview.gif
gde-fon.com/images/ |
305 B 662 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658603_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658604_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658605_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658606_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658607_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658608_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
46 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658609_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
76 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
658610_meduza_meduzyi_podvodnyiy-mir_voda_more_okean_obit_www.Gde-Fon.com.jpg
st.gde-fon.com/wallpapers_preview/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
skeeks_auto_generetor__36ede064eab2c893872cd53364bb910e.js
cdn.gde-fon.com/assets/js/ |
170 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top100.jcn
counter.rambler.ru/ |
60 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ex_search_bg.gif
cdn.gde-fon.com/images/ |
101 B 457 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
left_content_hbg.gif
cdn.gde-fon.com/images/ |
243 B 599 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
left_content_topbg_nogradient.gif
cdn.gde-fon.com/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
left_pad_top.gif
cdn.gde-fon.com/images/ |
613 B 970 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
left_content_bottombg.gif
cdn.gde-fon.com/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dot_bg.gif
cdn.gde-fon.com/images/ |
74 B 429 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
left_content_topbg.gif
cdn.gde-fon.com/images/ |
6 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
left_pad_categories.gif
cdn.gde-fon.com/images/ |
764 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
left_content_toggler.gif
cdn.gde-fon.com/images/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
page_title_bg.gif
cdn.gde-fon.com/images/ |
625 B 982 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
page_icon_folder.jpg
cdn.gde-fon.com/images/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/ |
230 KB 87 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/ Frame F9AB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pagination_bg.gif
cdn.gde-fon.com/images/ |
162 B 518 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pagination_left.gif
cdn.gde-fon.com/images/ |
458 B 815 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nav_arrow_left.gif
cdn.gde-fon.com/images/ |
782 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nav_arrow_right.gif
cdn.gde-fon.com/images/ |
777 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
preview_bg.gif
cdn.gde-fon.com/images/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
global-ajax-loader.gif
cdn.gde-fon.com/images/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ads
googleads.g.doubleclick.net/pagead/ Frame 1BEA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
72 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ads
googleads.g.doubleclick.net/pagead/ Frame DA59 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
kraken.rambler.ru/cnt/ |
595 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
watch.js
mc.yandex.ru/metrika/ |
143 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hit
counter.yadro.ru/ Redirect Chain
|
397 B 851 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader.gif
gde-fon.com/images/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vk-icon.gif
cdn.gde-fon.com/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
facebook-icon.gif
cdn.gde-fon.com/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
twitter-icon.gif
cdn.gde-fon.com/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
yandex.gif
cdn.gde-fon.com/images/ |
1017 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1
mc.yandex.ru/watch/24925871/ Redirect Chain
|
167 B 667 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 379 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
131 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ads
googleads.g.doubleclick.net/pagead/ Frame AF9D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame B080 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 87 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ads
googleads.g.doubleclick.net/pagead/ Frame D992 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
226 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| trustedTypes object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired boolean| _gfp_p_ boolean| _gfp_a_ object| google_trust_token_redemption_status number| google_unique_id object| google_sa_queue object| google_sl_win function| google_process_slots object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_core_dbp object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_bfa object| ebfa object| ebfaca object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_lact object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_only_pyv_ads object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_scs object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_video_url_to_fetch object| google_webgl_support object| google_yt_pt object| google_yt_up object| google_package object| google_debug_params object| google_enable_single_iframe object| dash object| google_refresh_count object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map function| doLang function| girlsgdefonurl function| socialButtons object| $favouriteDialog function| init function| initDialogs function| initHandlers function| toggleExSearch function| toggleEsRow function| addEsElement function| removeEsElement function| addEsColor function| removeEsColor function| toggleColorPicker function| ctrlNavigate function| kloToggler undefined| lastAddFavId function| addToFavourite function| doAddToFavourite function| initPreviews function| vote function| onVote function| getScreen function| saveScreen function| $ function| jQuery function| SelectParser function| AbstractChosen function| Chosen function| get_side_border_padding function| _ object| Skeeks object| sx object| j object| O string| Q string| o number| J function| facebook function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded function| Kraken function| top100 object| _top100q object| closure_lm_616117 object| _top100 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Ya object| yaCounter24925871 object| adsbygoogle object| GoogleGcLKhOms function| google_spfd object| google_image_requests number| google_lpabyc7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlc9q4uybUV9tFonJpvypHCJmVmo0Y4DYVAVSmXH6hCcndTPiCsV4Xz_0eT |
|
| .gde-fon.com/ | Name: _ym_d Value: 1602497281 |
|
| .gde-fon.com/ | Name: _ym_visorc_24925871 Value: w |
|
| .gde-fon.com/ | Name: top100_id Value: t1.-1.1446915131.1602497280465 |
|
| .gde-fon.com/ | Name: _ym_isad Value: 2 |
|
| .gde-fon.com/ | Name: _ym_uid Value: 1602497281930503836 |
|
| .gde-fon.com/ | Name: last_visit Value: 1602490080467::1602497280467 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
cdn.gde-fon.com
counter.rambler.ru
counter.yadro.ru
gde-fon.com
gdefon.com
googleads.g.doubleclick.net
kraken.rambler.ru
mc.yandex.ru
pagead2.googlesyndication.com
st-gdefon.gallery.world
st.gde-fon.com
tpc.googlesyndication.com
www.gdefon.com
www.googletagservices.com
148.251.23.198
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:815::2002
2a00:1450:4001:819::2002
2a02:6b8::1:119
81.19.89.17
81.19.89.18
88.212.201.198
94.130.4.246
021a63abb74279018a7bfc98cdd47f345898d6a7114380675f6db28f840bc0e7
047c45dd2c867094ab0371e6c6beb118cf13c06929532f1fcb639c118cf56a7d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09dda4574612d5260fd17d0b380724da8ab5243b4e5ad395e403217083f0e031
0d11c312a9f1e609de46c3a678ea3a423e7f1e136544c654e36722ac437e920a
0fc1a637139608ba83f51711201459e7e4f95620e0577cd0602fa270f6ed4c0b
1011094e4699451ace9e7ef6c509d67645762e41787700dcaa964a5a5a228bfc
120b1e3e40065af0ef2b9ed1fd14fce4136bf9fd5c1b0644fccc55a006e87be5
155fac81e33900f98d63352670693edad60fab118cd3268ee62ab89c9e9f91dd
1620109aece3feb4060763abe389a1edb8b855a5bc5695aaa91f5d3882f101ed
2213f1811f78a767f3ab3826faca0abaa675a66d57e2707497bf9260ab0bb1dd
223289a70f23bf9951cbad5925e36c81cb3e76d94e87e3150bb481cfb11e7077
228893f9080f3d50b85382ab2e762efbe0cca34f0894a0af5d29d9f006c7d9c0
25dd72b4f47097c21475a8dcd4a40ddb1473df35647667f8c402c55293e7141b
2ae2c9e3fb465cd4f39a0d5071b605f28a5359c6527fd86561d6ff9356b52909
2e361941eefdbc7936a4b84681f1ad65f4eb1f5e94f879ec9b151c637289f668
327f76399e5d40037a2cad547d5a2e986c52eaadf659276a6d98b2e593c2322f
3422eed17fc1d97b37f51cfac7a05afd02a1b244c7b2123e67e1a4a2c773a6dc
3974ad0fc930335cc924c983da3a6d63fb62c349fea5b6725fa043c5da917e88
3d25afaf111858e59253e0f7c408d0c3c173c3381b16f3cdfa3db05750343f39
3e2b8d6ae33cecb6f560d5aa4ea036130fbc363ae345fed3e7314847761badd5
4942b56f5a0b664f49a0465d33c73025ba0488344c5cc81ca8829502314ff70d
49d47e57bb5680bb988a4014155526ef5ca600764ef5ccc6e58254d064734ab7
49da4837ddad0c0d5fff59cba9edc94d85c5dcf6953bd7a6b0965c9b91f1d773
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20
5d59ca9aaa2b99199d74f773c6c133577b24cae1d2e7ccdfa2ba445a9fc53a2a
6b6e932d58d9e706aa1dc35bf4096fb7e6529858382b392d4ab3da22624f236c
77706f7ea31c7ccace25070592978c4238cab751c753c903dfc869f76c74ed02
79db1a2a0faa419d036645142ad580a2b16383ffd876720d0fd338d81f2fba33
91e58332d0f1e90376be89f0ce27af0223c398497a4b719a66eee21f94453007
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
aa495e62155328634327c7188c954a813783f3dd622de147296b072fd349c958
aafbc92f6fa5ae9f9ca49efcdd125b1fd7d0c563ea119970e8ca3af6e1a9cbde
afa60a85e8c2d671e2c70b1b64115fdd48048973a58f4edc0db5bbf68bd92814
b23aaa138975cae4336acdee523b76b071a076e76c07de61c0fc476ee62bc96e
b530f9ad5fd6be117b433c636fd2be27bff25e382428bfa5e6182dba573ee741
b88a41ee4e6d03f16f058e892b1b328a17edac5da058cc94ecae34211affca1e
bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e
c35750288b66ef5583142fe95bddcc64062508d3095931d3b7b521af7af0ac8c
c3b5a0c77f9ed0bc66485ae879879097c1b3cf52b4b27cb4665baf71f7c6f803
c613686d3b0d5293d68cb8782b98fd52a516ca5f28ce731b2aa29ae4433458ea
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
ce8eda7fd9718b31a4e728179169551930bb67fb6828237778d1acddefb82380
d6bcda893525e54863b3620b15921b16573bba320afd165c8461db0ed1bdbe88
df3af838734cf2e3280a276824140faf0b3fa874284e515bcd69f06649fedb45
e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46e7c231f1611ed2e7476ce8ced6f6c0c5abd768265b7c26eaa0ed54f522946
e7bd9d5c16e461b43d14e624e5265cb81f45a4184024214068cf788a926bc55a
ef8e44bd548c1fdbf391e31ba2544701e6e0abf4ac546008a03af599a9c7c6dd
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
f5a1805b2a856a1d0f67139e76c7154d4866d0650d7385fc17f2aec03205aaac
fe72b03ba18e5dd2cc5d25c4b702f583032f99cb1bc855f0497bdcf402540040
fed4f271c65f02c5cb00bcf380173ea03575523f88ddfea4d808b6673a9b5355
ff64d1a56ea687d0c354da8d76f809a43e55c379addca640aed9692b1e015d28