start.parimatch.com
Open in
urlscan Pro
104.18.97.26
Public Scan
Submitted URL: http://www.paripartners564.com/C.ashx?btag=a_13262b_1475c_&affid=6884&siteid=13262&adid=1475&c=
Effective URL: https://start.parimatch.com/ref/foot/13/en/?btag=a_13262b_1475c_&siteid=13262
Submission: On March 08 via manual from RO
Effective URL: https://start.parimatch.com/ref/foot/13/en/?btag=a_13262b_1475c_&siteid=13262
Submission: On March 08 via manual from RO
Summary
This website contacted 14 IPs
in 7 countries
across 15 domains to perform 52 HTTP transactions.
The main IP is 104.18.97.26, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is start.parimatch.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 19th 2018. Valid for: 2 years.
This is the only time start.parimatch.com was scanned on urlscan.io!
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 19th 2018. Valid for: 2 years.
This is the only time start.parimatch.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
2a00:1450:4001:821::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
3
2a00:1450:4001:81a::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
8
172.217.16.134
(United States)
ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
| 9774526.fls.doubleclick.net |
2
172.217.18.2
(United States)
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
| www.googleadservices.com |
1
99.86.3.5
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-5.fra6.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-5.fra6.r.cloudfront.net
| js.datadome.co |
5
185.11.128.203
(Elblag, Poland)
ASN50599 (DATASPACE, PL)
PTR: host-185-11-128-203.dataspace.pl
ASN50599 (DATASPACE, PL)
PTR: host-185-11-128-203.dataspace.pl
| gde-default.hit.gemius.pl |
1
3.126.75.97
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-75-97.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-75-97.eu-central-1.compute.amazonaws.com
| api-js.datadome.co |
1
2a00:1450:4001:820::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 28 |
parimatch.com
start.parimatch.com |
4 MB |
| 10 |
doubleclick.net
6 redirects
9774526.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net |
3 KB |
| 5 |
yandex.ru
2 redirects
mc.yandex.ru |
3 KB |
| 5 |
gemius.pl
1 redirects
gde-default.hit.gemius.pl |
20 KB |
| 3 |
webvisor.org
1 redirects
mc.webvisor.org |
1 KB |
| 3 |
google-analytics.com
1 redirects
www.google-analytics.com |
41 KB |
| 2 |
google.de
www.google.de |
219 B |
| 2 |
google.com
2 redirects
www.google.com |
838 B |
| 2 |
datadome.co
js.datadome.co api-js.datadome.co |
23 KB |
| 2 |
googleadservices.com
www.googleadservices.com |
12 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net |
46 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
30 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
702 B |
| 1 |
eacdn.com
1 redirects
wlparipartners.adsrv.eacdn.com |
506 B |
| 1 |
paripartners564.com
1 redirects
www.paripartners564.com |
662 B |
| 52 | 15 |
| Domain | Requested by | |
|---|---|---|
| 28 | start.parimatch.com |
start.parimatch.com
|
| 8 | 9774526.fls.doubleclick.net |
4 redirects
www.googletagmanager.com
|
| 5 | mc.yandex.ru |
2 redirects
start.parimatch.com
cdn.jsdelivr.net |
| 5 | gde-default.hit.gemius.pl |
1 redirects
www.googletagmanager.com
gde-default.hit.gemius.pl start.parimatch.com |
| 3 | mc.webvisor.org |
1 redirects
start.parimatch.com
|
| 3 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
www.google-analytics.com |
| 2 | www.google.de |
start.parimatch.com
|
| 2 | www.google.com | 2 redirects |
| 2 | www.googleadservices.com |
www.googletagmanager.com
www.googleadservices.com |
| 1 | googleads.g.doubleclick.net | 1 redirects |
| 1 | api-js.datadome.co |
js.datadome.co
|
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | js.datadome.co |
start.parimatch.com
|
| 1 | cdn.jsdelivr.net |
start.parimatch.com
|
| 1 | www.googletagmanager.com |
start.parimatch.com
|
| 1 | fonts.googleapis.com |
start.parimatch.com
|
| 1 | wlparipartners.adsrv.eacdn.com | 1 redirects |
| 1 | www.paripartners564.com | 1 redirects |
| 52 | 18 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| air.parimatch.com |
| app.appsflyer.com |
| s3-eu-west-1.amazonaws.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.parimatch.com COMODO RSA Domain Validation Secure Server CA |
2018-10-19 - 2020-10-18 |
2 years | crt.sh |
| *.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
| *.doubleclick.net GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
| www.googleadservices.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
| ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-02-22 - 2020-08-30 |
6 months | crt.sh |
| *.datadome.co Gandi Standard SSL CA 2 |
2019-10-08 - 2021-10-21 |
2 years | crt.sh |
| *.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA |
2019-09-11 - 2021-09-24 |
2 years | crt.sh |
| www.google.de GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
| mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
| mc.webvisor.org Yandex CA |
2019-05-08 - 2020-05-07 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://start.parimatch.com/ref/foot/13/en/?btag=a_13262b_1475c_&siteid=13262
Frame ID: 5C05A537C7DDD5A64F2DA586E25C6295
Requests: 49 HTTP requests in this frame
Frame:
https://9774526.fls.doubleclick.net/activityi;dc_pre=CNTx9eDXiugCFYzDuwgdjjIA_Q;src=9774526;type=pmhjo0;cat=all_s0;ord=6544223476631;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
Frame ID: FC37447A3531BCE60D99E4EE21035EFF
Requests: 1 HTTP requests in this frame
Frame:
https://9774526.fls.doubleclick.net/activityi;dc_pre=CJ7z9eDXiugCFRPDuwgdjugNog;src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=6284989579405;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
Frame ID: 7EF8B762DEBF6E7D573DC586F8A1BB6F
Requests: 1 HTTP requests in this frame
Frame:
https://9774526.fls.doubleclick.net/activityi;dc_pre=CL_z9eDXiugCFcbjuwgd81gB_g;src=9774526;type=pmhjo0;cat=landi0;ord=3357105780757;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
Frame ID: D7C83CD276792A140A00F9D2162121DF
Requests: 1 HTTP requests in this frame
Frame:
https://9774526.fls.doubleclick.net/activityi;dc_pre=CKz39eDXiugCFWjjuwgdf34ABA;src=9774526;type=pmhjo0;cat=landi00;ord=1;num=3629287740061;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
Frame ID: 9E03C42D0EAF31892499CE6C837AC070
Requests: 1 HTTP requests in this frame
Frame:
https://gde-default.hit.gemius.pl/gdejs/xgde.html
Frame ID: F86EAA5F4FD0A68EEBA7712E3B8024D1
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.paripartners564.com/C.ashx?btag=a_13262b_1475c_&affid=6884&siteid=13262&adid=1475&c=
HTTP 302
http://wlparipartners.adsrv.eacdn.com/C.ashx?btag=a_13262b_1475c_&affid=6884&siteid=13262&adid=1475&c=&AutoR=1 HTTP 302
https://start.parimatch.com/ref/foot/13/en/?btag=a_13262b_1475c_&siteid=13262 Page URL
Detected technologies
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^cloudflare$/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /cdn\.jsdelivr\.net\/npm\/yandex-metrica-watch\/watch\.js/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://air.parimatch.com/en/?btag=a_13262b_1475c_&siteid=13262
Search URL Search Domain Scan URL
URL: https://air.parimatch.com/en/regtel/1/?btag=a_13262b_1475c_&siteid=13262
Title: Register now
Title: Register now
Search URL Search Domain Scan URL
URL: https://app.appsflyer.com/id1178014476?pid=Parimatch_site&c=PM_site_image&af_prt=DC
Search URL Search Domain Scan URL
URL: https://s3-eu-west-1.amazonaws.com/pm99sf7fxfjj5dxh/android/parimatch-latest.apk
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.paripartners564.com/C.ashx?btag=a_13262b_1475c_&affid=6884&siteid=13262&adid=1475&c=
HTTP 302
http://wlparipartners.adsrv.eacdn.com/C.ashx?btag=a_13262b_1475c_&affid=6884&siteid=13262&adid=1475&c=&AutoR=1 HTTP 302
https://start.parimatch.com/ref/foot/13/en/?btag=a_13262b_1475c_&siteid=13262 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=all_s0;ord=6544223476631;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262 HTTP 302
- https://9774526.fls.doubleclick.net/activityi;dc_pre=CNTx9eDXiugCFYzDuwgdjjIA_Q;src=9774526;type=pmhjo0;cat=all_s0;ord=6544223476631;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
- https://9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=6284989579405;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262 HTTP 302
- https://9774526.fls.doubleclick.net/activityi;dc_pre=CJ7z9eDXiugCFRPDuwgdjugNog;src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=6284989579405;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
- https://9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=landi0;ord=3357105780757;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262 HTTP 302
- https://9774526.fls.doubleclick.net/activityi;dc_pre=CL_z9eDXiugCFcbjuwgd81gB_g;src=9774526;type=pmhjo0;cat=landi0;ord=3357105780757;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
- https://9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=landi00;ord=1;num=3629287740061;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262 HTTP 302
- https://9774526.fls.doubleclick.net/activityi;dc_pre=CKz39eDXiugCFWjjuwgdf34ABA;src=9774526;type=pmhjo0;cat=landi00;ord=1;num=3629287740061;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=514205359&t=pageview&_s=1&dl=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262&ul=en-us&de=UTF-8&dt=Parimatch.%20They%20fight%20%E2%80%93%20you%20win!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQ~&jid=1642605443&gjid=610332086&cid=2040354716.1583663899&tid=UA-85204139-17&_gid=816097210.1583663899&_r=1>m=2wg2q25CZS6L&cd20=start.parimatch.com&z=1401933479 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85204139-17&cid=2040354716.1583663899&jid=1642605443&_gid=816097210.1583663899&gjid=610332086&_v=j81&z=1401933479 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85204139-17&cid=2040354716.1583663899&jid=1642605443&_v=j81&z=1401933479 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85204139-17&cid=2040354716.1583663899&jid=1642605443&_v=j81&z=1401933479&slf_rd=1&random=2559940885
- https://mc.yandex.ru/watch/3?wmode=7&page-ref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1822%3Ast%3A1583663899%3Au%3A1583663899814340686%3Ahi%3A HTTP 302
- https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1822%3Ast%3A1583663899%3Au%3A1583663899814340686%3Ahi%3A
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693592642/?random=2066622827&cv=9&fst=*&num=1&value=0&label=MuzlCJTz-7gBEMLE3coC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg2q2&sendb=1&ig=1&frm=0&url=https://start.parimatch.com/ref/foot/13/en/%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262&tiba=Parimatch.%20They%20fight%20%E2%80%93%20you%20win!&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=GstkXoDEI8jJ7_UPnMmBiAs&sscte=1&crd=>d=&eitems=ChEIgMyS8wUQ7ZPkvN7b06b7ARIdAJtZzIQFjwVR369YaOoQawAWMr4fh6hhSafKJe4 HTTP 302
- https://www.google.com/pagead/1p-conversion/693592642/?random=2066622827&cv=9&fst=*&num=1&value=0&label=MuzlCJTz-7gBEMLE3coC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg2q2&sendb=1&ig=1&frm=0&url=https://start.parimatch.com/ref/foot/13/en/%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262&tiba=Parimatch.%20They%20fight%20%E2%80%93%20you%20win!&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=GstkXoDEI8jJ7_UPnMmBiAs&eitems=ChEIgMyS8wUQ7ZPkvN7b06b7ARIdAJtZzITtiTXaWu9ghuCvQWnXxjDEUpuTem6gBBE&random=125096135&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-conversion/693592642/?random=2066622827&cv=9&fst=*&num=1&value=0&label=MuzlCJTz-7gBEMLE3coC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg2q2&sendb=1&ig=1&frm=0&url=https://start.parimatch.com/ref/foot/13/en/%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262&tiba=Parimatch.%20They%20fight%20%E2%80%93%20you%20win!&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=>d=&is_vtc=1&ocp_id=GstkXoDEI8jJ7_UPnMmBiAs&eitems=ChEIgMyS8wUQ7ZPkvN7b06b7ARIdAJtZzITtiTXaWu9ghuCvQWnXxjDEUpuTem6gBBE&random=125096135&resp=GooglemKTybQhCsO&ipr=y
- https://mc.webvisor.org/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=8841.WTDFw7Suue6tp5sUl5NFUSVYdAqNXrWX3Y2wLkxNt87Ej6vu0gDdBUe8phquC1oo.mnLq0OLoyqGLUSvFIdCiAwsaEL0%2C HTTP 302
- https://mc.webvisor.org/sync_cookie_image_decide?token=8841.8KuCrh7a3Ghcc5SRYKhzyYDCW3Lk8eyy-QKm73wsL_yHamq6bgzCdL8NgzN7qTGFysryc5pln549JBb9bEnK5LQt8IaVBmW94zAyDl4B42E%2C.k_pwyjv8OKOPCJZooZ9_6v5s40U%2C
- https://gde-default.hit.gemius.pl/_1583663898879/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-NOTSUP&fpdata=-TURNEDOFF&href=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262 HTTP 301
- https://gde-default.hit.gemius.pl/__/_1583663898879/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-NOTSUP&fpdata=-TURNEDOFF&href=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2Fen%2F%3Fbtag%3Da_13262b_1475c_%26siteid%3D13262
52 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
start.parimatch.com/ref/foot/13/en/ Redirect Chain
|
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
parimatch.min.css
start.parimatch.com/ref/foot/13/en/stylesheets/ |
140 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-pm.svg
start.parimatch.com/ref/foot/13/en/images/ |
2 KB 882 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bonus-1.png
start.parimatch.com/ref/foot/13/en/images/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bonus-2.png
start.parimatch.com/ref/foot/13/en/images/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bonus-3.png
start.parimatch.com/ref/foot/13/en/images/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
parallax-1.png
start.parimatch.com/ref/foot/13/en/images/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
parallax-2.png
start.parimatch.com/ref/foot/13/en/images/ |
36 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
parallax-3.png
start.parimatch.com/ref/foot/13/en/images/ |
170 KB 170 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
parallax-4.png
start.parimatch.com/ref/foot/13/en/images/ |
139 KB 139 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
parallax-5.png
start.parimatch.com/ref/foot/13/en/images/ |
30 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
visa.svg
start.parimatch.com/ref/foot/13/en/images/payment/ |
1 KB 778 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
visa-c.svg
start.parimatch.com/ref/foot/13/en/images/payment/ |
1 KB 795 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mastercard.svg
start.parimatch.com/ref/foot/13/en/images/payment/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mastercard-c.svg
start.parimatch.com/ref/foot/13/en/images/payment/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
privat24.svg
start.parimatch.com/ref/foot/13/en/images/payment/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
privat24c.svg
start.parimatch.com/ref/foot/13/en/images/payment/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
appStore.svg
start.parimatch.com/ref/foot/13/en/images/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
androidApp.svg
start.parimatch.com/ref/foot/13/en/images/ |
15 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info.png
start.parimatch.com/ref/foot/13/en/images/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
start.parimatch.com/ref/foot/13/en/js/jquery/dist/ |
82 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr.js
start.parimatch.com/ref/foot/13/en/js/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
parimatch.lib.min.js
start.parimatch.com/ref/foot/13/en/js/ |
65 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle.js
start.parimatch.com/ref/foot/13/en/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
3 KB 702 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
125 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
PariMatchBold.woff2
start.parimatch.com/ref/foot/13/en/fonts/pm/ |
16 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Circe-Regular.woff
start.parimatch.com/ref/foot/13/en/fonts/circe/ |
158 KB 158 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CNTx9eDXiugCFYzDuwgdjjIA_Q;src=9774526;type=pmhjo0;cat=all_s0;ord=6544223476631;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2F...
9774526.fls.doubleclick.net/ Frame FC37 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CJ7z9eDXiugCFRPDuwgdjugNog;src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=6284989579405;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%...
9774526.fls.doubleclick.net/ Frame 7EF8 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CL_z9eDXiugCFcbjuwgd81gB_g;src=9774526;type=pmhjo0;cat=landi0;ord=3357105780757;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%2F13%2F...
9774526.fls.doubleclick.net/ Frame D7C8 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;dc_pre=CKz39eDXiugCFWjjuwgdf34ABA;src=9774526;type=pmhjo0;cat=landi00;ord=1;num=3629287740061;gtm=2wg2q2;auiddc=1977886854.1583663898;~oref=https%3A%2F%2Fstart.parimatch.com%2Fref%2Ffoot%...
9774526.fls.doubleclick.net/ Frame 9E03 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
26 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ |
139 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tags.js
js.datadome.co/ |
128 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xgde.js
gde-default.hit.gemius.pl/gdejs/ |
53 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
video-bg.jpg
start.parimatch.com/ref/foot/13/en/video/ |
39 KB 39 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
video-bg.mp4
start.parimatch.com/ref/foot/13/en/video/ |
3 MB 3 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.google-analytics.com/gtm/ |
61 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.googleadservices.com/pagead/conversion/693592642/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1
mc.yandex.ru/watch/3/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
advert.gif
mc.webvisor.org/metrika/ |
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
api-js.datadome.co/js/ |
2 B 279 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-conversion/693592642/ Redirect Chain
|
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1
mc.yandex.ru/watch/3/ |
35 B 589 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xgde.html
gde-default.hit.gemius.pl/gdejs/ Frame F86E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync_cookie_image_decide
mc.webvisor.org/ Redirect Chain
|
43 B 487 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
redot.js
gde-default.hit.gemius.pl/__/_1583663898879/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
redot.js
gde-default.hit.gemius.pl/__/_1583663898879/ |
2 B 378 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
35233970
mc.yandex.ru/watch/ |
152 B 707 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga string| ddjskey object| ddoptions object| _gdeaq function| $ function| jQuery object| html5 object| Modernizr function| yepnope boolean| mCustomScrollbar function| _classCallCheck function| setCookie function| getCookie boolean| pauseVideo object| VideoBg function| getScrollbarWidth function| throttle function| deviceType function| checkDeviceType function| staticInit function| loader object| links object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Ya object| yaCounter35233970 object| _0x1283 function| _0x1a35 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| ddAnalyzerData object| google_optimize object| _gdeaqp13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .hit.gemius.pl/ | Name: Gtest Value: KlG-tMaGQMGGG23MRqelYalWssGMXP8cfR4G |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlXE5JVflz5gKHHMae9mpFxmXOXVmr_lFl5j2s-jFUb8uSl41glZls0DLnW |
|
| .parimatch.com/ | Name: _ym_wasSynced Value: %7B%22time%22%3A1583663898830%2C%22params%22%3A%7B%22eu%22%3A1%7D%2C%22bkParams%22%3A%7B%7D%7D |
|
| .parimatch.com/ | Name: _ym_isad Value: 2 |
|
| .parimatch.com/ | Name: _ym_uid Value: 1583663899814340686 |
|
| .parimatch.com/ | Name: pm_siteid Value: 13262 |
|
| .parimatch.com/ | Name: _gat_UA-85204139-17 Value: 1 |
|
| .parimatch.com/ | Name: _ym_d Value: 1583663899 |
|
| .parimatch.com/ | Name: _gid Value: GA1.2.816097210.1583663899 |
|
| .parimatch.com/ | Name: _ga Value: GA1.2.2040354716.1583663899 |
|
| .parimatch.com/ | Name: __cfduid Value: d807119e6ade7748ab5ab7ec0f883dbea1583663898 |
|
| .parimatch.com/ | Name: pm_btag Value: a_13262b_1475c_ |
|
| .parimatch.com/ | Name: _gcl_au Value: 1.1.1977886854.1583663898 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9774526.fls.doubleclick.net
api-js.datadome.co
cdn.jsdelivr.net
fonts.googleapis.com
gde-default.hit.gemius.pl
googleads.g.doubleclick.net
js.datadome.co
mc.webvisor.org
mc.yandex.ru
start.parimatch.com
stats.g.doubleclick.net
wlparipartners.adsrv.eacdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paripartners564.com
104.18.32.32
104.18.97.26
149.5.244.13
172.217.16.134
172.217.18.2
185.11.128.203
2606:4700::6810:5614
2a00:1450:4001:818::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2002
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9b
2a02:6b8::1:119
3.126.75.97
91.92.196.189
99.86.3.5
0757b4838a6150b371faa545e76df397010b9d5b635c0369845c6da68d031276
0be31b153d97c00b20158c751301bdd763f1e7e8070acc99c8b7513c03d4c055
0cda77dd93a94060b5d99fd46ecbe7cc5badf81560d5b581dcf6cd7b875b0869
10b99c157531191c23a6df16ee0dc911cf740e6f6ce539740d678027cce6535e
10c1d509c2e8d483f357edef492b213fa47a85abbe1a621a7461d5224ebe635d
14dafd4673b7a7a8211d694f2dbb9cf48dc4b05410c559b115847db8e11ab73c
2116f5c3d0d83e9d1c65327b94334bda2380ce76d64e18e98d78953ed9cd579f
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
3e8178cfc5e51a882c10aa22ab038ac7f344879dde1e8a19f4a7c53a60af812f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4438fec9254091e50810d17fa368bc509f657c8296a464b882e5bfdada73f1db
467d3d46faf288a6885f67ec02374a659ee8afe9ae667016fc79bf0dc4750118
4d1cb65f0b3511c7d4c72d2aa218b88a8f04e695011f9693d79772887e3dd00d
4df2d5f913d7462f27533b937b4320d51df05cb27cbdb267295f2730a0b5d599
4e7e3259949faa5103f49ed1e636fdd983c0d730c0723f71a73a56276ee67720
52c9e37b2d98323f207f5675a46011556d4fa3154df815e9c3f8ef6d6008006e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704fac56ecea13b4485c7cecbdcc59cae8b2f6671f53fba6fa34df1132cc308
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ad24dfc221719b0cdafaa3796f11d319e422296ab95eb1c674a5c6e958bd5c2
642c60a51561cd6e783a339489a42609fbf5517e60dd184199aae72c8833577c
68d2df0ca318e404c1d18e434af8619644605e547197b1563cb25a0fbab017d5
6ec23bf5d807fc1cf0177082a6be886a7e88686e254cb54bce6b06fb5a23033e
6fe80eabf9276ae81af0db2535bab5e5373907a270014521fd8367c7032af62d
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
783fc0a5fc56b29092cbb6d014ad584c3dd80841af3533f4cb1e5fba9a278e5f
8f5e9ce1aee3d4f9d0566df1cc5d0b0fe990ee25aab619b2e7875a2851b5fdd4
96f168ba98bacfecb327023b728fc82f086e5d586177d096885a418433ec65ec
9cff341e476fc9cd1a6108665a2c095d1444113c24d69239fd91cebe226ce0df
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9dd1869c1d7bfd4cb936b0c26234d7863913ff2b77377ce66a20bbaa686d2017
aae86876fc2071107557b79e7b57749b6701aae1f80a3f55a3082e2c51764f76
c3631ac1c623c7498c038ddf390931387f2b76e517675efed274b1c95bd80b68
c91c1b74a467f0ad3fcea2c1e0ea753041aeca34b953d356ebe1110cfddffce4
cc3578add27e5de9e1a451c7f1ffb2b7494bb6f97cf3333ad07a3a91ce7576ac
d077fc7d624cbb33d4e173b3c45667d1784b722269ccf77776100b273a1a7913
dd0c25871f6e5be9b52e3d604c758a181ef6e545e27e6a94a181acda5e13ae89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e447cbffe684ab145a2ec90f13a903ee5f33071d863819070b213c39e88562
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef767a6b2cebb96f29b160ba8e65936035b54cb1bb630488027ada817d07644a
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f49149c282384141ec813d4612136fcd958542091c80aa4c5e5b1f950cb62b8a
f647543efeccbdd2003f6d2ae04f71d037c29c8f3cbc451cd6d727214c53b1b2
fc2c19a8ff5112ff888dfc99bc690d87f2af69fc58de29fc9495ba1f25c0f185