nitrotypetournaments.shivtr.com
Open in
urlscan Pro
45.33.21.148
Public Scan
URL:
https://nitrotypetournaments.shivtr.com/
Submission Tags: phishingrod
Submission: On August 31 via api from DE — Scanned from DE
Submission Tags: phishingrod
Submission: On August 31 via api from DE — Scanned from DE
Summary
This website contacted 18 IPs
in 3 countries
across 13 domains to perform 53 HTTP transactions.
The main IP is 45.33.21.148, located in
Richardson, United States and
belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG.
The main domain is nitrotypetournaments.shivtr.com.
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.
This is the only time nitrotypetournaments.shivtr.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.
This is the only time nitrotypetournaments.shivtr.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
6
45.33.21.148
(Richardson, United States)
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li975-148.members.linode.com
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li975-148.members.linode.com
| nitrotypetournaments.shivtr.com | |
| static.shivtr.com |
8
2a00:1450:4001:80b::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
8
52.217.129.200
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
| s3.amazonaws.com |
1
18.164.68.103
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-164-68-103.lhr50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-164-68-103.lhr50.r.cloudfront.net
| i65.tinypic.com |
4
2a00:1450:4001:82f::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
2a00:1450:4001:827::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| partner.googleadservices.com |
5
185.89.210.101
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| ams3-ib.adnxs.com |
5
2a00:1450:4001:81c::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
1
2a00:1450:4001:801::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com |
1
23.43.60.179
(Düsseldorf, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-43-60-179.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-43-60-179.deploy.static.akamaitechnologies.com
| acdn.adnxs-simple.com |
3
99.80.254.210
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-254-210.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-254-210.eu-west-1.compute.amazonaws.com
| trc.audiencemanager.de | |
| anz.audiencemanager.de |
2
34.95.69.49
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
| i.clean.gg |
4
108.139.243.99
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-99.mxp63.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-99.mxp63.r.cloudfront.net
| cdn.audiencemanager.de |
2
142.250.184.230
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
| ad.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150 |
228 KB |
| 8 |
amazonaws.com
s3.amazonaws.com |
2 MB |
| 7 |
audiencemanager.de
trc.audiencemanager.de — Cisco Umbrella Rank: 96727 cdn.audiencemanager.de — Cisco Umbrella Rank: 135458 anz.audiencemanager.de — Cisco Umbrella Rank: 94411 |
31 KB |
| 6 |
adnxs.com
ams3-ib.adnxs.com — Cisco Umbrella Rank: 7587 cdn.adnxs.com — Cisco Umbrella Rank: 1635 |
36 KB |
| 6 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 ad.doubleclick.net — Cisco Umbrella Rank: 173 |
25 KB |
| 6 |
shivtr.com
nitrotypetournaments.shivtr.com static.shivtr.com |
212 KB |
| 2 |
clean.gg
i.clean.gg — Cisco Umbrella Rank: 1316 |
104 B |
| 2 |
tinypic.com
1 redirects
i65.tinypic.com — Cisco Umbrella Rank: 751980 tinypic.com — Cisco Umbrella Rank: 134251 |
16 KB |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220 |
25 KB |
| 1 |
adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2731 |
44 KB |
| 1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214 |
57 KB |
| 1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1104 |
601 B |
| 53 | 13 |
| Domain | Requested by | |
|---|---|---|
| 8 | s3.amazonaws.com |
nitrotypetournaments.shivtr.com
static.shivtr.com |
| 8 | pagead2.googlesyndication.com |
nitrotypetournaments.shivtr.com
pagead2.googlesyndication.com tpc.googlesyndication.com acdn.adnxs-simple.com |
| 5 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
| 5 | ams3-ib.adnxs.com |
googleads.g.doubleclick.net
ams3-ib.adnxs.com cdn.adnxs.com |
| 5 | static.shivtr.com |
nitrotypetournaments.shivtr.com
|
| 4 | cdn.audiencemanager.de |
acdn.adnxs-simple.com
cdn.audiencemanager.de |
| 4 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
| 2 | ad.doubleclick.net |
1 redirects
googleads.g.doubleclick.net
|
| 2 | anz.audiencemanager.de |
googleads.g.doubleclick.net
acdn.adnxs-simple.com |
| 2 | i.clean.gg |
acdn.adnxs-simple.com
|
| 1 | www.google.com |
tpc.googlesyndication.com
|
| 1 | cdnjs.cloudflare.com |
cdn.audiencemanager.de
|
| 1 | cdn.adnxs.com |
ams3-ib.adnxs.com
|
| 1 | trc.audiencemanager.de |
ams3-ib.adnxs.com
|
| 1 | acdn.adnxs-simple.com |
ams3-ib.adnxs.com
|
| 1 | www.googletagservices.com |
googleads.g.doubleclick.net
|
| 1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
| 1 | tinypic.com |
nitrotypetournaments.shivtr.com
|
| 1 | i65.tinypic.com | 1 redirects |
| 1 | nitrotypetournaments.shivtr.com | |
| 53 | 20 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nts1.shivtr.com |
| ntambassadors.shivtr.com |
| ntlottery.shivtr.com |
| ntxgames.shivtr.com |
| nt.times.shivtr.com |
| bit.ly |
| nitrotype.com |
| shivtr.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.shivtr.com R3 |
2023-08-31 - 2023-11-29 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
| s3.amazonaws.com Amazon RSA 2048 M01 |
2023-07-10 - 2024-06-21 |
a year | crt.sh |
| *.googleadservices.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
| *.adnxs.com GeoTrust ECC CA 2018 |
2023-02-13 - 2024-03-15 |
a year | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
| cdn.adnxs.com GeoTrust RSA CA 2018 |
2022-10-21 - 2023-10-22 |
a year | crt.sh |
| *.audiencemanager.de Go Daddy Secure Certificate Authority - G2 |
2023-08-23 - 2023-10-10 |
2 months | crt.sh |
| i.clean.gg GTS CA 1D4 |
2023-07-21 - 2023-10-19 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://nitrotypetournaments.shivtr.com/
Frame ID: 1A07DA83ACEB151A91547A040215999C
Requests: 22 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: 36056449ED26CDA552BB4D6B74FB1F8C
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1693505447&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fnitrotypetournaments.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693512646822&bpp=4&bdt=758&idt=254&shv=r20230830&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2960151590&frm=20&pv=2&ga_vid=2053279024.1693512647&ga_sid=1693512647&ga_hid=90999783&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C44796700&oid=2&pvsid=349150305882352&tmod=2114219776&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=295
Frame ID: B2F4B652E52C1AD72DCDFB13B1D410C0
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=670858179&pi=t.ma~as.2876344136&w=728&lmt=1693505447&format=728x90&url=https%3A%2F%2Fnitrotypetournaments.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693512646826&bpp=1&bdt=762&idt=303&shv=r20230830&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2960151590&frm=20&pv=1&ga_vid=2053279024.1693512647&ga_sid=1693512647&ga_hid=90999783&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C44796700&oid=2&pvsid=349150305882352&tmod=2114219776&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1fRb2UT2AB&p=https%3A//nitrotypetournaments.shivtr.com&dtd=312
Frame ID: DF8C346A8F036D27A95991580A7B720C
Requests: 19 HTTP requests in this frame
Frame:
https://cdn.audiencemanager.de/htmlBanners/64cd1d8c89211a0d8c7ec024/SD_Audio_PM_AON_728x90/SD_Audio_PM_AON_728x90/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKSAfCRkgAAAAMAxBkFAQjH58OnBhDc5d-B8eaJziwYACDR87kDKLUBMKccOAJA6MX62QFIx7E9UABaA1VTRGIDVVNEaNgFcFp4n6RUgAHu8QWIAQGQAQKYAQWgAQKpARiGYRiGYYg_sQF7FK5H4XqEP7kBAAAAwPUo-D_BAfY7uUuH84U_yQHEX5M16iGKP9gB8AbgAQA.%2Fs%3D586edabdf77197bd2b2d80799b04e7fdb93591b1%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521HxRvoAjsuqUbEOjF-tkBGMexPSAAKAAxAAAAAAAAGEA6CUFNUzM6NjAxN0CxREkF-kSeJF3tP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMzYyMyNBTVMzOjYwMTc%3D%2Fbn%3D96494%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCoMeOx_PwZJTMCuyFwuIPm6mKkAWKxJSdXKGJ1IjqAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0yMzY3MTA4MDQ4Mjg3NTE1yAEJqQL8am_kHjeyPqgDAcgDAqoE3QFP0COyn0m58m6068lk5NV8QIKgmVezNJ1His8tbrYAK_7RaJP0E9JY-6qSm2gMaFbOVUYXoFAsNxeQ5z2h9wQSl7r6u_vwzxWDPlm3JRZabM_9gFFW_waNRONjAZAKUTElCdyi3wlqnUXaSQZmIWezHmk4SasYmpoxjfNP80nS8P_Ihgh911WrBXeej3bujBWDMhyoZ-7v_ZUuYiPKzodEw3TTu-zEtukJk1JbC_xXpVT393ZorxlxmvMjJmYRlWMPUmb9QmTuNvi1EOXlFSAFYXwDAXgD4gpS1OUmJ4AGyJLCh7qPuJg0oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_28I7dr-QtCULt-H__-QEmEiGD7Wg%2526client%253Dca-pub-2367108048287515%2526adurl%253Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D64d389920d31403e104216cc%2526adId%253D3a329164f0f3c7d045d0281030562170091297%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D3a329164f0f3c7d045d0281030562170091297%2526curl%253DaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQv%2526ntuId%253Da5101c5287fb6307a74ff3a97113b5df9451024941444710185de187e4436e42%2526cb%253D1693521407%2526redirectUrl%253D
Frame ID: 521D28F161B8F7864F16D5D9A9ADD4A6
Requests: 5 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC213889E5550A264A3C70ED5F15FED8
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 832AE543E3F1C2FEDF57CEB8EC9F1A75
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Nitro Type Tournaments - Nitro Type's Best TournamentsDetected technologies
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
URL: http://nts1.shivtr.com/
Title: Nitro Type Stars
Title: Nitro Type Stars
Search URL Search Domain Scan URL
URL: http://ntambassadors.shivtr.com/
Title: Nitro Type Ambassadors
Title: Nitro Type Ambassadors
Search URL Search Domain Scan URL
URL: http://ntlottery.shivtr.com/
Title: Nitro Type Lottery
Title: Nitro Type Lottery
Search URL Search Domain Scan URL
URL: http://ntxgames.shivtr.com/
Title: Nitro Type X Games
Title: Nitro Type X Games
Search URL Search Domain Scan URL
URL: http://nt.times.shivtr.com/
Title: Nitro Type Times
Title: Nitro Type Times
Search URL Search Domain Scan URL
URL: http://bit.ly/NitroTypeDiscord
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/sports_maniac
Title: Sports_Maniac
Title: Sports_Maniac
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/wugger
Title: LegendaryWolf
Title: LegendaryWolf
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/petromax
Title: petromax
Title: petromax
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/sadness12
Title: Sadness12
Title: Sadness12
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/jerome_morrow
Title: Jerome_Morrow
Title: Jerome_Morrow
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/n2222
Title: n1111
Title: n1111
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/adunn10
Title: LightningTyper
Title: LightningTyper
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/man1man2man
Title: P!NK
Title: P!NK
Search URL Search Domain Scan URL
URL: http://nitrotype.com/racer/justinxu
Title: Sapphire
Title: Sapphire
Search URL Search Domain Scan URL
URL: http://shivtr.com/
Title: Guild Hosting
Title: Guild Hosting
Search URL Search Domain Scan URL
URL: http://shivtr.com/terms
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: http://shivtr.com/privacy
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: http://shivtr.com/legal
Title: Legal
Title: Legal
Search URL Search Domain Scan URL
URL: http://shivtr.com/security
Title: Security
Title: Security
Search URL Search Domain Scan URL
URL: http://shivtr.com/help
Title: Help
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://i65.tinypic.com/m90qvq.png HTTP 301
- https://tinypic.com/images/goodbye.jpg
- https://ad.doubleclick.net/ddm/trackimp/N1682303.4281021MSTUDIOGMBHINV./B29540054.361410107;dc_trk_aid=552413898;dc_trk_cid=184159628;ord=1693519399;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
- https://ad.doubleclick.net/ddm/trackimp/N1682303.4281021MSTUDIOGMBHINV./B29540054.361410107;dc_pre=CNOtvp7ah4EDFZeIgwcdJ44Gnw;dc_trk_aid=552413898;dc_trk_cid=184159628;ord=1693519399;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
53 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
nitrotypetournaments.shivtr.com/ |
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
static.shivtr.com/assets/manifests/ |
218 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
497049-1687777120.css
static.shivtr.com/css-cache/site_themes/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
static.shivtr.com/assets/ |
608 KB 166 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
145 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
150423.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
static.shivtr.com/assets/mobile/toolbar/ |
250 B 291 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
78865.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
144763.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.png
static.shivtr.com/s3/missing/ |
382 B 460 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
144981.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/ |
882 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
159598.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/ |
433 B 789 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
goodbye.jpg
tinypic.com/images/ Redirect Chain
|
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3297180.jpg
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ |
771 KB 772 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3297179.jpg
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ |
771 KB 772 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3297178.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ |
693 KB 694 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ |
384 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame 3605 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
387 B 601 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame B2F4 |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame DF8C |
37 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ab
ams3-ib.adnxs.com/ Frame DF8C |
12 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame DF8C |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame DF8C |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF8C |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
script.js
acdn.adnxs-simple.com/strikeforce/ Frame DF8C |
125 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
trc.audiencemanager.de/ad/ Frame DF8C |
5 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rd_log
ams3-ib.adnxs.com/ Frame DF8C |
0 532 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trk.js
cdn.adnxs.com/v/s/239/ Frame DF8C |
80 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
1a
i.clean.gg/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
1a
i.clean.gg/ Frame DF8C |
0 104 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.html
cdn.audiencemanager.de/htmlBanners/64cd1d8c89211a0d8c7ec024/SD_Audio_PM_AON_728x90/SD_Audio_PM_AON_728x90/ Frame 521D |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
impression
anz.audiencemanager.de/log/ad/ Frame DF8C |
43 B 296 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
B29540054.361410107;dc_pre=CNOtvp7ah4EDFZeIgwcdJ44Gnw;dc_trk_aid=552413898;dc_trk_cid=184159628;ord=1693519399;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N1682303.4281021MSTUDIOGMBHINV./ Frame DF8C Redirect Chain
|
42 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
vevent
ams3-ib.adnxs.com/ Frame DF8C |
0 556 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame DF8C |
220 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 521D |
70 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gaming-728-90-pm.png
cdn.audiencemanager.de/htmlBanners/64cd1d8c89211a0d8c7ec024/SD_Audio_PM_AON_728x90/SD_Audio_PM_AON_728x90/assets/ Frame 521D |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gaming-728-90-logo.png
cdn.audiencemanager.de/htmlBanners/64cd1d8c89211a0d8c7ec024/SD_Audio_PM_AON_728x90/SD_Audio_PM_AON_728x90/assets/ Frame 521D |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gaming-728-90-bg.png
cdn.audiencemanager.de/htmlBanners/64cd1d8c89211a0d8c7ec024/SD_Audio_PM_AON_728x90/SD_Audio_PM_AON_728x90/assets/ Frame 521D |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame DF8C |
0 19 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
it
ams3-ib.adnxs.com/ Frame DF8C |
0 533 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
vevent
ams3-ib.adnxs.com/ Frame DF8C |
0 557 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC21 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 832A |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
pagead2.googlesyndication.com/bg/ Frame FC21 |
38 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 832A |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame DF8C |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
viewability
anz.audiencemanager.de/log/ad/ Frame DF8C |
43 B 296 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame FC21 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| setCookie function| getCookie function| deleteCookie function| bbcodeHelp function| getVideoParam function| centerModals function| get_time_difference_in_minutes function| get_local_time_for_date function| distance_of_time_in_words object| Duration object| TZTime function| $ function| jQuery object| jQuery1124022901917514255765 function| tmpl object| App function| _ function| Class function| Picker object| hopscotch object| bbcodeSettings object| bbcodeSimpleSettings function| positionFooter object| AionItem object| Gw2Item object| RomItem object| VindictusItem object| WowItem object| ClassicItem object| ItemTooltip object| Shivtip object| MainTooltip object| ProgressionTooltip function| Chat object| ChatEmotes function| ChatMessage function| Pusher function| WhosOnline object| adsbygoogle object| date object| miuScript object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| nitrotypetournaments.shivtr.com/ | Name: site_game_id Value: 144416 |
|
| nitrotypetournaments.shivtr.com/ | Name: _shivtr_bakery Value: uleoz4oY7pLEJ%2BVSC2VMF%2FWj0nGsPZ6vhfyipDWmpcwUXzeifPxnbfGmeIVUhrw9z2c67xSYlj4dXPcT%2FSgy4pi3%2FNF6M8etLNHMJ3PXUSPRHbw%2F%2BprLfY7cUGfjrGm%2BjXrdvJDaig6XpguQBM4fQ936Bl1S1h0LDFdTpG%2FM6m9FkHlNLMS4ZiB5%2B7tp0mqY7Bn0j9RH8vizxWaLf4LLgQ8F9JCtUgoepP2AZETOBOx5A%2FDs48T19yCYrLgEoEtp4ZJwtgc0%2BzLj6BeUm6m2TGPSVPW%2BRaK08NdDwamnx92uTx9ABce0tJwQY90%3D--SBQtbqRlEYoGNFEw--wBlUo8aKi6PLkOGb3PJruQ%3D%3D |
|
| .shivtr.com/ | Name: __gads Value: ID=1bdaac06f64fa6c9-228d060dbbe300c9:T=1693512647:RT=1693512647:S=ALNI_MahQjxoH803Z7FgWF-3vcwqX49MbQ |
|
| .shivtr.com/ | Name: __gpi Value: UID=00000d8f24c4e358:T=1693512647:RT=1693512647:S=ALNI_MbESGrMK02Irs1Zbi7ml5_12hyFfQ |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HaScEY3X!1yIE'Yg-$0y=/d!!'8*$ZL+[ |
|
| .doubleclick.net/ | Name: APC Value: AfxxVi7hHLhLbxdQg_g4W5w6RB8rLOimbuUG7tFjLpUXNnAo3IxxMQ |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlT6aNmSBCkK31fl5axGoQnO0QXAI4g-KgiF7j4201NJLJZWtktUYp55azXWU8 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acdn.adnxs-simple.com
ad.doubleclick.net
ams3-ib.adnxs.com
anz.audiencemanager.de
cdn.adnxs.com
cdn.audiencemanager.de
cdnjs.cloudflare.com
googleads.g.doubleclick.net
i.clean.gg
i65.tinypic.com
nitrotypetournaments.shivtr.com
pagead2.googlesyndication.com
partner.googleadservices.com
s3.amazonaws.com
static.shivtr.com
tinypic.com
tpc.googlesyndication.com
trc.audiencemanager.de
www.google.com
www.googletagservices.com
108.139.243.99
142.250.184.230
151.101.1.108
18.164.68.103
185.89.210.101
23.43.60.179
2600:9000:225e:3800:1a:9447:e40:93a1
2606:4700::6811:190e
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2002
34.95.69.49
45.33.21.148
52.217.129.200
99.80.254.210
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
1774c1ad07251da93103cac2b3d9621afb51c93eefda5625628be6c2325eba46
277261b068be385d9d54fbb9c41679758beb5452fe6c5baae503902f101248f8
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
404751dcec6a409ff8b33a0fe2f9a0f9ce3e37f40e1c2dc98707a072f2c34aea
48634fd4b61901463a25a7b94f90fbbccaa2cfa4de81f93bde3c709d3bf70638
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
504befc4626095b2a9bcb4b3b482f20416afe7e04bbba452cca23ac755ec7dd1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b02beaa1d6a3473a8b9110e4304ab2a5c30e769062f658ec28b59bfc24b752c
6da9457429fb4d657792190cf09085cbdd623ecbff79ea51ef86b39ea347c7d8
6ed5b9768386a732ec6d8eab5f78bed2ad8f6c2248faa5a8b9583f7e170fce8b
739475c9571bc4e799565b22048b405b7062e5479fc207ea272b602f0133632e
7f2d7359adad6d3346e8fd977db7513c0e63ddafe095da71427d482672d3baad
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3
94e1169414437bcd0e7dcdfbcba9e4252a58757cb37e74d002963483fee8ba16
954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96
9711c958509ef31217881229e426dc6662ebafd518aba4d41095e18af1e18e7d
994896aa9c34a66c5733791da79987c5d20584a1584cd2ea206f0b29302de3af
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be
a064ddb83f09aaa9527272a1ea3c01d19477ccd082885f46000978b9b6f3c168
a4fcfd48d93d834e21a9bc24879b4075e3088ae400ac96f808423ed8b4cabcde
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b6e46eeb77f4ef570026814d0223dedb16e014a71340c4721b55ddcf84333f5f
b762eff00bc4a610fc1eae039fa9ec77a257f1b6b9b71be535d54c7d826c63fa
c9e24ab445143b4e8e1c3c95e269b1d22c16e1c758073261fce58a67853588c6
cf60d1868c10fdeb844dd7caa38c9c6ed348cbf00626b88087ce4b620171f5de
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5
e322d6c7a0220083d56c9a4ec5f6bcbccd81c2b1536bee8dcbfac5875d7f7f34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7dd682b8b88725290d18ecddd61b0933f0d6aea5e693fecb6ca447a063f363d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053
f89bcbd2ddad20ddf8ba79ba1cdbdd20b51c78a9b933a6cbe2cebd8d34b769f3
fcfb69815ed29d939683d4fa6211e32c2d1a0b03911196d5e72b34b77b71610f