www.pdfmagiconline.com
Open in
urlscan Pro
45.79.152.80
Public Scan
Submission: On August 30 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by R3 on August 17th 2023. Valid for: 3 months.
This is the only time www.pdfmagiconline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-152-80.ip.linodeusercontent.com
www.pdfmagiconline.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
fonts.gstatic.com | |
www.google.co.uk |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net | |
www.googletagservices.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
12154094.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
y.clarity.ms |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com | |
s.tribalfusion.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-44-182.eu-central-1.compute.amazonaws.com
pm.w55c.net |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 |
356 KB |
20 |
doubleclick.net
2 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 12154094.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 242 |
98 KB |
19 |
pdfmagiconline.com
www.pdfmagiconline.com |
3 MB |
8 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
86 KB |
7 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 100 |
2 KB |
7 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 891 y.clarity.ms — Cisco Umbrella Rank: 8365 c.clarity.ms — Cisco Umbrella Rank: 1512 |
22 KB |
5 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45 |
5 KB |
3 |
tribalfusion.com
1 redirects
a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 1944 |
2 KB |
3 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com — Cisco Umbrella Rank: 150 |
610 B |
2 |
adform.net
2 redirects
c1.adform.net — Cisco Umbrella Rank: 597 |
1 KB |
2 |
w55c.net
2 redirects
pm.w55c.net — Cisco Umbrella Rank: 877 |
2 KB |
2 |
yahoo.com
2 redirects
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458 |
1 KB |
2 |
dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3135 |
207 B |
2 |
quantserve.com
1 redirects
cms.quantserve.com — Cisco Umbrella Rank: 798 |
793 B |
2 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222 |
113 KB |
2 |
google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3506 |
563 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48 |
157 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 236 |
766 B |
1 |
onetag-sys.com
1 redirects
onetag-sys.com — Cisco Umbrella Rank: 771 |
336 B |
1 |
criteo.com
dis.criteo.com — Cisco Umbrella Rank: 626 |
363 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 360 |
265 B |
1 |
simpli.fi
1 redirects
um.simpli.fi — Cisco Umbrella Rank: 800 |
713 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2412 |
259 B |
104 | 23 |
Domain | Requested by | |
---|---|---|
19 | www.pdfmagiconline.com |
www.pdfmagiconline.com
|
13 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
12 | pagead2.googlesyndication.com |
www.pdfmagiconline.com
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com |
9 | cm.g.doubleclick.net |
www.pdfmagiconline.com
googleads.g.doubleclick.net |
9 | googleads.g.doubleclick.net |
1 redirects
pagead2.googlesyndication.com
www.googletagmanager.com googleads.g.doubleclick.net |
6 | www.gstatic.com |
googleads.g.doubleclick.net
|
6 | www.google.com |
1 redirects
www.pdfmagiconline.com
googleads.g.doubleclick.net tpc.googlesyndication.com |
5 | fonts.googleapis.com |
www.pdfmagiconline.com
googleads.g.doubleclick.net |
3 | y.clarity.ms |
www.clarity.ms
|
2 | c.clarity.ms | 1 redirects |
2 | www.googleadservices.com | |
2 | c1.adform.net | 2 redirects |
2 | pm.w55c.net | 2 redirects |
2 | pr-bh.ybp.yahoo.com | 2 redirects |
2 | a.tribalfusion.com |
1 redirects
googleads.g.doubleclick.net
|
2 | dclk-match.dotomi.com |
googleads.g.doubleclick.net
|
2 | cms.quantserve.com |
1 redirects
googleads.g.doubleclick.net
|
2 | www.googletagservices.com |
googleads.g.doubleclick.net
|
2 | www.google.co.uk |
www.pdfmagiconline.com
|
2 | www.clarity.ms |
www.pdfmagiconline.com
www.clarity.ms |
2 | 12154094.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.googletagmanager.com |
www.pdfmagiconline.com
www.googletagmanager.com |
1 | c.bing.com | 1 redirects |
1 | onetag-sys.com | 1 redirects |
1 | dis.criteo.com |
googleads.g.doubleclick.net
|
1 | match.adsrvr.org |
googleads.g.doubleclick.net
|
1 | um.simpli.fi | 1 redirects |
1 | s.tribalfusion.com |
www.pdfmagiconline.com
|
1 | adservice.google.com |
12154094.fls.doubleclick.net
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
104 | 32 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pdfmagiconline.com R3 |
2023-08-17 - 2023-11-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-01 - 2023-12-01 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
www.google.co.uk GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 06 |
2023-02-13 - 2024-02-08 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-09-09 |
a year | crt.sh |
*.dotomi.com GlobalSign RSA OV SSL CA 2018 |
2023-08-15 - 2024-09-15 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-19 - 2023-10-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-07 - 2024-05-06 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
This page contains 14 frames:
Primary Page:
https://www.pdfmagiconline.com/
Frame ID: C3DEE9EA721EAE60D1B9B14B78759884
Requests: 45 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: 9898F923AD72F7B22414735DA992B8F3
Requests: 1 HTTP requests in this frame
Frame:
https://12154094.fls.doubleclick.net/activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F
Frame ID: 2E15BA3FAD18927C5CD1B3B4428B57E5
Requests: 2 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6495373596935145&output=html&adk=1812271804&adf=3025194257&lmt=1683815354&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.pdfmagiconline.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693383750150&bpp=4&bdt=765&idt=358&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=827323025107&frm=20&pv=2&ga_vid=688159843.1693383750&ga_sid=1693383751&ga_hid=406706359&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077317%2C31077523%2C44795921&oid=2&pvsid=1058618412334179&tmod=1325019931&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=382
Frame ID: B7735DAA0D1A28A907C3C491A473AE82
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: EF7EE1AC553DCF126D6602E25AEA412F
Requests: 6 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: BE955DC3539135D662E49E89F3AF976F
Requests: 14 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D0E0C906E6BBA2A7C3AC43BF005C3332
Requests: 8 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F788B09DCE2D211AEDB7AF995142410
Requests: 9 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0FECCF786F3BC5EE069DE940520E046F
Requests: 2 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B092FB2DF7BB13FCC97A2A1D291AD86C
Requests: 9 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: A2E80D0EC2D9F4FDCE71835E323ACD0C
Requests: 1 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: 132CEDBC32D2A53143E692D054040239
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A6851729471D8C68EF2AEB7AF8CAB12
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 740D8E8D9127928FB25F03938B24DFE2
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
PDF MagicDetected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://12154094.fls.doubleclick.net/activityi;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F HTTP 302
- https://12154094.fls.doubleclick.net/activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagiconline.com%2F
- https://a.tribalfusion.com/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
- https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhCEuBwqPMQjhwejGu3Gv8&google_cver=1&google_push=AXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUE6t6K1iNmS0usc5HDqTwX6V1QEnBLI8HUKjyaEC5u5UsMVcDSvktJ4vJgDIUDek8Hxti3FpLFUmgk-svgKGykL9a1mCN250%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
- https://um.simpli.fi/gp_match?google_gid=CAESEE3DqpS2hFAC6E0Y5_cClbI&google_cver=1&google_push=AXcoOmQx072aY1lUvFLoHX01shKdpf50c5zMHxVY88RDMVBVEAfCnfCJKwsoo0Fkj6fGK8wfWH_a9XhY7SbfweFcd7zOycu3xPb8oeM HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EDDBDD7C7D4F48758C000416F8008199&google_push=AXcoOmQx072aY1lUvFLoHX01shKdpf50c5zMHxVY88RDMVBVEAfCnfCJKwsoo0Fkj6fGK8wfWH_a9XhY7SbfweFcd7zOycu3xPb8oeM
- https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENW8Z-LKiomGm0zeozWCTYk&google_cver=1&google_push=AXcoOmQwAlutAmey8xateTmHbGe2lABHWcn1VVBOPR7u2egYZJE9anzYDv-9bXJYvACmq_zkh-oLNikLbCrrHeXmhNGRMPnwywmMuA HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwAlutAmey8xateTmHbGe2lABHWcn1VVBOPR7u2egYZJE9anzYDv-9bXJYvACmq_zkh-oLNikLbCrrHeXmhNGRMPnwywmMuA&google_hm=eS1XMFJiUWJwRTJwR0RxU3hac0txc0RuTktUS2tDR09CdH5B
- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
- https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECgTJJ8mJluSGE4voyUPT-o&google_cver=1&google_push=AXcoOmSMCni4yuWbGUUue2G1HIfoUHF5kCK9CdSmBO8thcfs0Ga3Heiw_L8vgs3mjCC8al3zuxtfxBmf49rnTeH-5HWAnYJHV_1-zQ HTTP 302
- https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMCni4yuWbGUUue2G1HIfoUHF5kCK9CdSmBO8thcfs0Ga3Heiw_L8vgs3mjCC8al3zuxtfxBmf49rnTeH-5HWAnYJHV_1-zQ&google_hm=eWWFarmPiIWoDy23Id89xg
- https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRcPPpwzgpmpj8RbNnrpUl1a9PSO8g-Sl5AYy43VgEprJJ5GITQPpFDj HTTP 302
- https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRcPPpwzgpmpj8RbNnrpUl1a9PSO8g-Sl5AYy43VgEprJJ5GITQPpFDj HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlU5UTZZc0oxUUJndGE1&google_gid=CAESEDlDvQs3I9_Rgk7H2GQflfk&google_cver=1&google_push=AXcoOmRru-hsIvRyZbUXpUW6ZnzCmgvP4rrx2woPPlvdaRcPPpwzgpmpj8RbNnrpUl1a9PSO8g-Sl5AYy43VgEprJJ5GITQPpFDj
- https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENW8Z-LKiomGm0zeozWCTYk&google_cver=1&google_push=AXcoOmQ_SgGQAxJA5x2_VUjVWdejPtm3z4h3F9ncZKP4tNqJjFy6rqgyWQrV4NXD-Vm0EvoFJMskB8bjARZaWtZ22DKNXEYBS_T7 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_SgGQAxJA5x2_VUjVWdejPtm3z4h3F9ncZKP4tNqJjFy6rqgyWQrV4NXD-Vm0EvoFJMskB8bjARZaWtZ22DKNXEYBS_T7&google_hm=eS1XMFJiUWJwRTJwR0RxU3hac0txc0RuTktUS2tDR09CdH5B
- https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFX9O_DZIbJUO1-_m512Nqo&google_cver=1&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0VlpOyHcnY1IKakg4uZRe_ HTTP 302
- https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFX9O_DZIbJUO1-_m512Nqo&google_cver=1&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0VlpOyHcnY1IKakg4uZRe_ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2NDM4NDU1MjE0ODYyMjYwNQ&google_push=AXcoOmQlxEZEp6RxcQSvZL7zZGo2IUuGsRdRBtz_k4PhbxfpW6Lgay2-cbcmf_n-SDzGDGOrPew4Bt0VlpOyHcnY1IKakg4uZRe_
- https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECv4i7EqamF2Qp6pQYIw5Q4&google_cver=1&google_push=AXcoOmQ3yD1TaXg1kGnTy07K-J9WGgnVxQvXDEwsiyoWZC4uiJtrtNr9IJZI4G1pa5FgkXoYMQ_V-yEBkLYSe5wy1DAi7_Hi8TdP HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ3yD1TaXg1kGnTy07K-J9WGgnVxQvXDEwsiyoWZC4uiJtrtNr9IJZI4G1pa5FgkXoYMQ_V-yEBkLYSe5wy1DAi7_Hi8TdP
- https://googleads.g.doubleclick.net/pagead/adview?ai=CS3EfRvzuZNmhKLKqtOUP46mb-ASsge3Xcui3lsK-EQoQASCu1Z6UAWC7vpaD0AqgAZT2rKwoyAEBqAMByAPLBKoE2wFP0MInURzbRSOXV4bdW-wSafkkB8-9HjNXCgzJYPJk9Q2ALcTQGY5qAwXD42axW0Lc0UNxuBb_vSb-km3Vk7kFR9yMlSJdCrM2A9wvhEtZfETKTo6ePitNmTc8jOWRVS1NxPNmljbnO1GQoC58764d4alhLkT6bxkS_39ZdmB99HcxRUsSILg3Fwko-LRTucVfk5lBdtsqy911yIQjhuneLPZRMXAmInEq-i-WopOKm4-8G3Ky2P1P25Wq7Tj2nSIu6HX_mOiQKKn93-LVr6lwxNcd5iFrJMVw5r7ABOC3zI_SBIgF4NHpp0ySBQQIBBgBkgUECAUYBIAHlK79iwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRC6qeIB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJMWh0dHBzOi8vd3d3LmdlZWtvbS5jby51ay9nZWVrb20tbWluaS1pdDEyLW1pbmktcGOACgHICwHYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNjQ5NTM3MzU5NjkzNTE0NRgA&sigh=ZsI7CeTkciU&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWfEB8sQv5uN_5uJfVaR4CznUbp4bPfcOLUnxTqOjLU7I_Y7-lGAE&cbvp=2&vis=1 HTTP 302
- https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210274969082815810757%22,%22debug_reporting%22:true,%22destination%22:%22https://geekom.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210830428948%22],%224%22:[%2208-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214078550085744991649%22}&andc=true
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=815ED0EA00944987B753997575816E82&RedC=c.clarity.ms&MXFR=32AB05ACE08064133AC216D1E4806A6B HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=815ED0EA00944987B753997575816E82&MUID=1BBDED7656C66A0B085FFE0B576A6BF4
104 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.pdfmagiconline.com/ |
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flexboxgrid.min.css
www.pdfmagiconline.com/css/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.pdfmagiconline.com/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blog.css
www.pdfmagiconline.com/blog/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
149 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.css
www.pdfmagiconline.com/css/ |
4 KB 825 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helper.js
www.pdfmagiconline.com/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.pdfmagiconline.com/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.png
www.pdfmagiconline.com/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10%20Big%20Financial%20Problems%20Private%20Schools%20Will%20Face%20In%202022.jpg
www.pdfmagiconline.com/blog/images/ |
222 KB 222 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b-arrow.svg
www.pdfmagiconline.com/img/ |
646 B 691 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10%20Factors%20That%20Will%20Have%20an%20Effect%20on%20the%20Cost%20of%20Your%20Life%20Insurance%20Premium.jpg
www.pdfmagiconline.com/blog/images/ |
185 KB 185 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10%20Tax%20Breaks%20For%20Seniors%20You%20May%20Not%20Be%20Aware%20Of.jpg
www.pdfmagiconline.com/blog/images/ |
205 KB 205 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5%20Categories%20Of%20Businesses%20Requiring%20Public%20Liability%20Insurance.jpg
www.pdfmagiconline.com/blog/images/ |
166 KB 166 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5%20Essential%20Tips%20For%20Buying%20A%20Family%20Car.jpg
www.pdfmagiconline.com/blog/images/ |
532 KB 533 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5%20Frequent%20Errors%20People%20Make%20When%20Planning%20Their%20Retirement.jpg
www.pdfmagiconline.com/blog/images/ |
200 KB 200 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5%20Methods%20To%20Confirm%20The%20Truthfulness%20Of%20Your%20Auto%20Insurance%20Policy.jpg
www.pdfmagiconline.com/blog/images/ |
117 KB 117 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5%20Penalties%20For%20An%20Incompetent%20Tax%20Preparer.jpg
www.pdfmagiconline.com/blog/images/ |
146 KB 146 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5%20Reasons%20To%20Notify%20Your%20Insurance%20Provider%20Of%20A%20Car%20Accident.jpg
www.pdfmagiconline.com/blog/images/ |
146 KB 147 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 744 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 831 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
212 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-bg.png
www.pdfmagiconline.com/img/ |
937 KB 937 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ |
387 KB 131 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame 9898 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10807373594/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/478325657/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=1717269685.1693383750;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o...
12154094.fls.doubleclick.net/ Frame 2E15 Redirect Chain
|
456 B 601 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
byc365qbzp
www.clarity.ms/tag/ |
650 B 1017 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
233 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/10807373594/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.uk/pagead/1p-user-list/10807373594/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 259 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
403 B 610 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame B773 |
308 KB 78 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/478325657/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.uk/pagead/1p-user-list/478325657/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.10/ |
57 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
y.clarity.ms/ |
0 302 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CJXisIf6g4EDFYEYaAgdYqAN_Q;src=12154094;type=remar0;cat=firea00;ord=2921276640943;auiddc=*;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pdfmagic...
adservice.google.com/ddm/fls/z/ Frame 2E15 |
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ |
154 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame EF7E |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame BE95 |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame EF7E |
4 KB 767 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EF7E |
205 B 520 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EF7E |
604 B 695 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame EF7E |
15 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame EF7E |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
y.clarity.ms/ |
0 302 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63e0a2a793d720ddab32c7ad1c79b976.js
www.gstatic.com/mysidia/ Frame BE95 |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b293f88652ab0f749d3615e759df59dc.js
www.gstatic.com/mysidia/ Frame BE95 |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame BE95 |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame BE95 |
2 KB 926 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame BE95 |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame BE95 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame BE95 |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame BE95 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE95 |
181 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame BE95 |
36 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame D0E0 |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame D0E0 |
2 KB 973 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame D0E0 |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame D0E0 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8F78 |
1 KB 643 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame D0E0 |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame D0E0 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D0E0 |
181 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame D0E0 |
36 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpixel
cms.quantserve.com/ Frame 8F78 |
35 B 463 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
current
dclk-match.dotomi.com/match/bounce/ Frame 8F78 |
0 104 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.match
s.tribalfusion.com/z/ Frame 8F78 Redirect Chain
|
43 B 421 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 8F78 Redirect Chain
|
170 B 232 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google
match.adsrvr.org/track/cmf/ Frame 8F78 |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 8F78 Redirect Chain
|
170 B 329 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usersync.aspx
dis.criteo.com/dis/ Frame 8F78 |
43 B 363 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attr
cm.g.doubleclick.net/pixel/ Frame 8F78 |
0 130 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0FEC |
143 B 166 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B092 |
1 KB 643 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame BE95 |
217 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame A2E8 |
37 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0FEC Redirect Chain
|
0 17 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B092 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
current
dclk-match.dotomi.com/match/bounce/ Frame B092 |
0 103 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B092 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.match
a.tribalfusion.com/ Frame B092 |
43 B 397 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B092 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B092 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B092 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attr
cm.g.doubleclick.net/pixel/ Frame B092 |
0 40 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.googleadservices.com/pagead/ar-adview/ Frame BE95 Redirect Chain
|
0 0 |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 444 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame 132C |
37 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
www.googleadservices.com/pagead/ar-adview/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A68 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aframe
www.google.com/recaptcha/api2/ Frame 740D |
829 B 561 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 740D |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame 5A68 |
37 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 5A68 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame BE95 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
y.clarity.ms/ |
0 302 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture function| getDomainFromUrl function| redirectToPronto function| setParamsFromQueryParams function| getValueOfParam function| setValueOfParam function| browser_version function| uuidv4 function| generateVisitorIdOrGetFromCookies function| redirectTo function| generateDownloadUrl function| objectToQuerystring function| sendToBq function| sendEmidReport function| sendVisitReport object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| GooglebQhCsO function| clarity function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests27 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.pdfmagiconline.com/ | Name: _gcl_au Value: 1.1.1717269685.1693383750 |
|
.pdfmagiconline.com/ | Name: _ga_QPHPMBL24P Value: GS1.1.1693383750.1.0.1693383750.0.0.0 |
|
.pdfmagiconline.com/ | Name: _ga Value: GA1.1.688159843.1693383750 |
|
www.clarity.ms/ | Name: CLID Value: 9b5c71eff9e8443e91a8657a98a3f3e3.20230830.20240829 |
|
.pdfmagiconline.com/ | Name: __gads Value: ID=2b48435c670d3c44-2253bb6560de00a9:T=1693383750:RT=1693383750:S=ALNI_MYwEcTGm36VF1xR5RsgyDElKGmfcw |
|
.pdfmagiconline.com/ | Name: __gpi Value: UID=00000c6b724c0995:T=1693383750:RT=1693383750:S=ALNI_MZvdg9_4-rg4Yr8vqjRbYJtIJUDIg |
|
.pdfmagiconline.com/ | Name: _clck Value: 6coeb7|2|fel|0|1337 |
|
.pdfmagiconline.com/ | Name: _clsk Value: 1xttds9|1693383751283|1|1|y.clarity.ms/collect |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUns8nHD3njtTiczIY3U64ipDWci_IbwDl9-mPQQHZcOS917SypNZprWdk77BsI |
|
.simpli.fi/ | Name: suid Value: EDDBDD7C7D4F48758C000416F8008199 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBEj87mQCEJrR9IOJdjNuHaJ3K4s9dpwFEgEBAQFN8GT4ZAAAAAAA_eMAAA&S=AQAAAtPvJGumxFKXPzelqnOPLLw |
|
.quantserve.com/ | Name: d Value: EFsBCQHqKYEA |
|
.quantserve.com/ | Name: mc Value: 64eefc48-6a4e2-2b972-44719 |
|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.adform.net/ | Name: C Value: 1 |
|
.tribalfusion.com/ | Name: ANON_ID Value: aJntuJp26Ua8e4OCaQoUwukKQmFGUnZcZdBTJUAUYL7pnqvCHt8BNTXv4LZbcdgbWKllvFvvdQDEEYa01vGx7f8uR26 |
|
.w55c.net/ | Name: wfivefivec Value: fU9Q6YsJ1QBgta5 |
|
.adform.net/ | Name: uid Value: 8064384552148622605 |
|
.w55c.net/ | Name: matchgoogle Value: 5 |
|
.bing.com/ | Name: MUID Value: 1BBDED7656C66A0B085FFE0B576A6BF4 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 1BBDED7656C66A0B085FFE0B576A6BF4 |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 1BBDED7656C66A0B085FFE0B576A6BF4 |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
.googleadservices.com/ | Name: ar_debug Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
12154094.fls.doubleclick.net
a.tribalfusion.com
adservice.google.com
c.bing.com
c.clarity.ms
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
s.tribalfusion.com
tpc.googlesyndication.com
um.simpli.fi
www.clarity.ms
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pdfmagiconline.com
y.clarity.ms
104.211.35.148
142.250.184.194
142.250.184.198
142.250.185.98
178.250.7.11
2001:4860:4802:32::36
2606:4700::6812:18ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:48:1::45
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:830::200a
2a02:fa8:8806:12::1370
2a05:d018:d29:3601:78ec:3e9e:b03:b2b6
34.91.62.186
37.157.6.232
45.79.152.80
51.89.9.252
52.223.40.198
52.28.44.182
68.219.88.97
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13a082799552d0fbf3b86a81319b5ae5e09cc0d069218f31cc706b9f4d4e9bfe
162923bda88e2e0138d0a27d83489a6325d6c6e0007b214bef513839303260c2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a904bcf59f6ef11185075a0a6661e63396b7531d1ed3e01bbd6f0a056a0e318
1b0692ce1abedc22252b6d2aa5b055789850b18039c5bbc5ad7ab2003f77b893
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f74f3d921a3cb97425c3f820e15d3cecf0c3e318c0452a6d18d29b07ad86f46
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803
368c8de82ff7ee7bd2411d0e479381ddd1b9724fff423982d64fa1dd58ee073b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
4196110c6a5fd6417e81bd77fb11f2ececf40d01233c0af0455bc4714542fa09
4456151a0f614d456dd29c995fa1c8a528754fbab94faf229cb320663a68e929
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
45c78a598de661192bdaba2fcff24d8ecf75aa3fb6c72954dc673ca63ee585e9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
5161dad6da948d9bc1a98b045204d6ff89c797303c755827774db950c8beb07e
536a0be786c234c162ce70056975670440f2bdaa8649f92712e84654b74d9fb1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6684feb3c940a480fd3050407446078cd0858f06868287a48f0616f8a5649c1b
6c31e917a7821ea96dd3b281a081bb44a246741abb45655eed6ccd53e564d230
71ee3caeb6511384601336b6d3b346fbc2ed7fd4ac539b80ae2cea4a646d8ba7
782587bc7c1ac5b6dd3419460c7c879513de567e9fcb6fd75f2a8986d23a057f
7e7ff84655df1d4f7c2338e4ed712f26df17806ad5b3a3ff62c0637fb04b2c21
8c68017261fd755792e040870b16d8dfb80b2b82f4cd8514e507901e3a7b0e4b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94a5e5af53bdc295634bea1d47fb682eb846142aaf1bc68e7c363ca24c461f4b
9639c605628c48546859244994ac173b9f296054bfcfa52cb5f41fa0cf54d4ea
97eeba5d62569a131234a1828195f0fe59bb40a4f264aefcd89433b46a710416
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2e620bed228eb2a391b2dad68c2f0add5e118a11da8a0b0f151d4a46c32a8fd
a36b324fd28b8bd7d7afc914e78dafbc13b54d666872423b4220b23b471af5a8
a75d8592e87e98d2f925cd77c1bc3229cd4bb9bfa26623df84eea663dde29782
a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d52ed4a45590433affb0ec4f009320cba97774063146f86816b424ca7f709933
d94946c43e7aed7bac594c276080916ff470500933374396419772aa9de3bdc4
de6e0efa7821954c8cfdf9f793b68b73b6004a49b3b37b00b4891bbb9b12f977
e048295f3e7b9e93551afaaf228070b944a099ab0d2afb4ed71fecae50ceffbc
e3a07a4d0dde9642aa06e39797ff36c1817256ff0377ea990c7b71e10e1f4d49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eab4f8bdbf622a34fedec99e2374ee1424f26dd8ae677627b648a0fcfe457941
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f117353bad780ddb988cafcfd7282304369d1a9d11adde07a9ab8783796cc
f715d4f7b6d475a6672544dc179172444da731d89be3716beeff960948377bdf
fc9270b7e1ade019077ba995ddd516f1575fe0d770f273c907748db023f3fdde
ffcfac539e9acab2466a11bd9a671468d12085b6af69c786c9b91da8ef7a2a4d