www.todawa57.asia
Open in
urlscan Pro
2606:4700:3035::6815:3570
Public Scan
Effective URL: https://www.todawa57.asia/home.php
Submission Tags: phishingrod
Submission: On January 24 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.
This is the only time www.todawa57.asia was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN4766 (KIXS-AS-KR Korea Telecom, KR)
ad.abchub.site | |
ad.aceplanet.co.kr | |
engine.tend-table.com |
ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
i.keezip.com |
ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
cdn11.ad4989.co.kr |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
googlesyndication.com
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 |
109 KB |
17 |
todawa57.asia
1 redirects
www.todawa57.asia |
36 KB |
11 |
bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8446 |
88 KB |
11 |
doubleclick.net
3 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 |
210 KB |
11 |
keezip.com
i.keezip.com |
804 KB |
4 |
casalemedia.com
2 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622 |
2 KB |
3 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 253 |
3 KB |
3 |
2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336 |
52 KB |
3 |
ad4989.co.kr
cdn11.ad4989.co.kr — Cisco Umbrella Rank: 410798 js.ad4989.co.kr — Cisco Umbrella Rank: 138418 |
509 KB |
3 |
abchub.site
ad.abchub.site |
7 KB |
2 |
tend-table.com
engine.tend-table.com — Cisco Umbrella Rank: 129560 |
1 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230 |
65 KB |
1 |
aceplanet.co.kr
ad.aceplanet.co.kr — Cisco Umbrella Rank: 254451 |
3 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 760 |
68 KB |
1 |
todawa52.asia
1 redirects
todawa52.asia |
431 B |
84 | 16 |
Domain | Requested by | |
---|---|---|
17 | www.todawa57.asia |
1 redirects
www.todawa57.asia
|
11 | c.bannerflow.net |
s0.2mdn.net
c.bannerflow.net www.todawa57.asia |
11 | i.keezip.com |
www.todawa57.asia
|
10 | pagead2.googlesyndication.com |
www.todawa57.asia
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net |
7 | tpc.googlesyndication.com |
www.todawa57.asia
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net |
4 | dsum-sec.casalemedia.com |
2 redirects
googleads.g.doubleclick.net
|
4 | cm.g.doubleclick.net |
3 redirects
googleads.g.doubleclick.net
|
4 | securepubads.g.doubleclick.net |
ad.aceplanet.co.kr
securepubads.g.doubleclick.net |
3 | ib.adnxs.com |
2 redirects
googleads.g.doubleclick.net
|
3 | s0.2mdn.net |
www.todawa57.asia
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com s0.2mdn.net |
3 | ad.abchub.site |
www.todawa57.asia
js.ad4989.co.kr |
2 | engine.tend-table.com |
js.ad4989.co.kr
|
2 | ad.doubleclick.net |
www.todawa57.asia
|
2 | ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
2 | js.ad4989.co.kr |
ad.abchub.site
engine.tend-table.com |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | www.googletagservices.com |
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com
|
1 | googleads.g.doubleclick.net |
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com
|
1 | ad.aceplanet.co.kr |
ad.abchub.site
|
1 | cdn11.ad4989.co.kr |
ad.abchub.site
|
1 | code.jquery.com |
ad.abchub.site
|
1 | todawa52.asia | 1 redirects |
84 | 22 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
todawa57.asia GTS CA 1P5 |
2023-11-27 - 2024-02-25 |
3 months | crt.sh |
ad.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA |
2023-11-29 - 2024-06-28 |
7 months | crt.sh |
i.keezip.com TrustAsia RSA DV TLS CA G2 |
2023-10-12 - 2024-10-11 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA |
2023-01-17 - 2024-01-31 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-11 - 2024-05-10 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
This page contains 12 frames:
Primary Page:
https://www.todawa57.asia/home.php
Frame ID: 3281BB227E469F63B3F205869A91CC3E
Requests: 40 HTTP requests in this frame
Frame:
https://ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7892FE54D14DDC382552374F01C24BC4
Requests: 1 HTTP requests in this frame
Frame:
https://ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 791E48D849FEF63FFF98EDC9BEAEEC9F
Requests: 14 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCM4XAYsq6J4gEwAQ&v=APEucNWQQtysT5kksqTRkb3KD8s88oapDvXhOsXb7hHuFibqv_B8qncy8S3fTgeMMlg4QOx5y-YncC1q2JYnzXMRzbCcz3uVcLLgBhQV-BUVhsxjo_omozO8ZrzciiXNdZyhXSGDGFcdGSpbg9yCDUK79YdNMuv5ezmY848S1Z5y6_xR4efdNjpsjZsEL8BszREO4h9s9aM5
Frame ID: E6A4C78F0474310D70AE3A61106F1B31
Requests: 5 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6AD2F8A5445AF17FB13457D9726F0C61
Requests: 3 HTTP requests in this frame
Frame:
https://s0.2mdn.net/sadbundle/8301649054174019584/Autoverzekering2023-Prospecting-Display-Prijsomhoog-300x250-638127430011371309-35bdfefc-858b-4140-9025-1b367e3cbc96.html?ev=01_250
Frame ID: 945A0C7FAB9BA7745F9D47590E29E56F
Requests: 6 HTTP requests in this frame
Frame:
blob://https://s0.2mdn.net/a46ee33a-5145-4451-b36e-068305d99a1f
Frame ID: BE55A63AD3C1ABA5062B2894F9119910
Requests: 1 HTTP requests in this frame
Frame:
https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cHM6Ly93d3cudG9kYXdhNTcuYXNpYS9ob21lLnBocA==&inflow=&adurl=//ad.abchub.site&lang=utf-8&tm=1706071469645
Frame ID: F7191995BBF1BEA59FA3C9BD1A202168
Requests: 3 HTTP requests in this frame
Frame:
https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/5d0d963f-f16a-4763-a782-9e6fa301a1f1.svg
Frame ID: BB9ED3BEAE7321E04EFD40FA7B08EA56
Requests: 7 HTTP requests in this frame
Frame:
https://ad.abchub.site/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N©_yn=Y&tm=1706071471459
Frame ID: 705AD57158958BBAEBF18D74B02B3776
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36FF6D37834BC639B3629D1FA4646BD4
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 503EC926DE44504C534A994738303000
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
토다와Page URL History Show full URLs
-
https://todawa52.asia/
HTTP 301
https://www.todawa57.asia/ HTTP 302
https://www.todawa57.asia/home.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Zip (Payment processors) Expand
Detected patterns
- zip\.co
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand
Detected patterns
- 2mdn\.net
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
- 2mdn\.net
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: https://www.토다와.net
Search URL Search Domain Scan URL
Title: 자료요청
Search URL Search Domain Scan URL
Title: Wetv
Search URL Search Domain Scan URL
Title: 성인
Search URL Search Domain Scan URL
Title: 섹파찾기
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://todawa52.asia/
HTTP 301
https://www.todawa57.asia/ HTTP 302
https://www.todawa57.asia/home.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 47- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8t_2QOIKP88M7KMrXs-rE&google_cver=1
- https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
- https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbCVrab8gfPDqxeDmwa3KQAA HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8t_2QOIKP88M7KMrXs-rE&google_cver=1
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
- https://ib.adnxs.com/setuid?entity=101&code=CAESEC1921YSoqbjMfMZDx6XC8k&google_cver=1
- https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMyOTIzNzk5NDIxOTM2MDY1Ng%3D%3D
84 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
home.php
www.todawa57.asia/ Redirect Chain
|
47 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PelicanC.dll
ad.abchub.site/cgi-bin/ |
3 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common.css
www.todawa57.asia/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
www.todawa57.asia/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sub.css
www.todawa57.asia/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iconfont.css
www.todawa57.asia/css/ |
5 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common.js
www.todawa57.asia/js/ |
1 KB 929 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.gif
www.todawa57.asia/images/common/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
search.gif
www.todawa57.asia/images/common/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
img_19.png
www.todawa57.asia/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bet1_380.jpg
i.keezip.com/ad/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wn-xg_1.jpg
i.keezip.com/ad/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ww-ot_m.jpg
i.keezip.com/ad/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
drugpharm_m2.gif
i.keezip.com/ad/ |
69 KB 69 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nulpurn_380.gif
i.keezip.com/ad/ |
195 KB 195 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
herbnewming.gif
i.keezip.com/ad/ |
142 KB 142 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
filecast_m.gif
i.keezip.com/ad/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sekder.gif
i.keezip.com/ad/ |
20 KB 20 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_new.gif
www.todawa57.asia/images/ |
511 B 1003 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_nonew.gif
www.todawa57.asia/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
drugpharm2.gif
i.keezip.com/ad/ |
70 KB 70 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
250x250-6005.jpg
i.keezip.com/images/ |
107 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nulpurn_200.gif
i.keezip.com/ad/ |
35 KB 35 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.slim.js
code.jquery.com/ |
230 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1703668761049.gif
cdn11.ad4989.co.kr/04_f0/0Q4_b/ |
495 KB 496 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tend.js
js.ad4989.co.kr/common/js/ |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PelicanC.dll
ad.abchub.site/cgi-bin/ |
3 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PelicanC.dll
ad.aceplanet.co.kr/cgi-bin/ |
2 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
97 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
img_19.png
www.todawa57.asia/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_new.gif
www.todawa57.asia/images/ |
511 B 1003 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_nonew.gif
www.todawa57.asia/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main_bg.gif
www.todawa57.asia/images/common/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
more.gif
www.todawa57.asia/images/main/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ |
430 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
68 B 83 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
107 KB 44 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7892 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 791E |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
googleads.g.doubleclick.net/xbbe/ Frame E6A4 |
624 B 827 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 791E |
111 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 791E |
8 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 791E |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 791E |
41 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 791E |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 791E |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 791E |
42 B 173 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 791E |
205 KB 65 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rum
dsum-sec.casalemedia.com/ Frame E6A4 Redirect Chain
|
43 B 341 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame E6A4 Redirect Chain
|
43 B 771 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
ib.adnxs.com/ Frame E6A4 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame E6A4 Redirect Chain
|
170 B 243 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
ad.doubleclick.net/pcs/ Frame 791E |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9061729286060948861
s0.2mdn.net/simgad/ Frame 791E |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 791E |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6AD2 |
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 6AD2 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
ad.doubleclick.net/pcs/ Frame 791E |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Autoverzekering2023-Prospecting-Display-Prijsomhoog-300x250-638127430011371309-35bdfefc-858b-4140-9025-1b367e3cbc96.html
s0.2mdn.net/sadbundle/8301649054174019584/ Frame 945A |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AD2 |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63f73765e7527f77f1b4988f
c.bannerflow.net/a/ Frame 945A |
69 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
document.000000EAE27C3E.js
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/published/4012501/4491758/ Frame 945A |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animated-creative.e5e299a34660fcb1f63a.js
c.bannerflow.net/scripts/ Frame 945A |
155 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 945A |
66 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a46ee33a-5145-4451-b36e-068305d99a1f
https://s0.2mdn.net/ Frame BE55 |
668 B 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame F719 |
566 B 669 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d0d963f-f16a-4763-a782-9e6fa301a1f1.svg
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/ Frame BB9E |
248 B 496 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize
c.bannerflow.net/io/api/image/ Frame BB9E |
706 B 919 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize
c.bannerflow.net/io/api/image/ Frame BB9E |
1012 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize
c.bannerflow.net/io/api/image/ Frame BB9E |
872 B 962 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize
c.bannerflow.net/io/api/image/ Frame BB9E |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
166dded2-d5e0-42c4-98a2-f5bd770ff992.svg
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/ Frame BB9E |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fd4e688c-c9c3-4b58-b7da-d35433745e50.svg
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/ Frame BB9E |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
c.bannerflow.net/tr/v2/pixel/ Frame 945A |
0 81 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 791E |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tend_child.js
js.ad4989.co.kr/common/js/ Frame F719 |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebLog.dll
engine.tend-table.com/cgi-bin/ Frame F719 |
79 B 391 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pelicanc.dll
ad.abchub.site/cgi-bin/ Frame 705A |
0 372 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36FF |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 503E |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 36FF |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 503E |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 36FF |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
45 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery function| goLink_0FAE function| addBackr_0FAE object| cnyBackSet_0FAE object| foin_cookie_setting object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| foin_where_ref object| foin_domainCutInfo object| foin_Base64 string| l_protocol object| l3_date string| Title string| Summary string| Lang object| keywordInfo string| refVal boolean| useRef string| old_refVal string| l_userAgent number| l_isChrome number| l_ver number| l_end object| l_date string| l_url object| l_Body object| l_divObj object| l_style string| key object| l_scrObj object| foin_cookie object| foinCookie number| version object| GoogleGcLKhOms17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ad.abchub.site/ | Name: FOIN_REF1 Value: https://www.todawa57.asia/ |
|
ad.abchub.site/ | Name: HEAD Value: 021050U2Fi0at |
|
ad.aceplanet.co.kr/ | Name: FOIN_REF1 Value: https://www.todawa57.asia/ |
|
ad.aceplanet.co.kr/ | Name: HEAD Value: 021050U2Fi0st |
|
.todawa57.asia/ | Name: __gads Value: ID=bac2718bb5a65f01:T=1706071468:RT=1706071468:S=ALNI_MbuwA260MMGALctJX2vpSUlwm5FBQ |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkmWUZa7iqTVa1xBQgUfvq0YNcoKHtC6xfjMUmfGk_oZ4OVyIrydEvJZvk8 |
|
.adnxs.com/ | Name: XANDR_PANID Value: _mJT5vQKkmm1AkI5-hMmwYXTUIM1n6oyO65qnz6RlJC2mPWU3dbSZCn6fHEesktxrNKfkx2ahV_51LI-TKNOlzvNE23leIiVXqUdBEHmJlU. |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: uuid2 Value: 7329237994219360656 |
|
.casalemedia.com/ | Name: CMID Value: ZbCVrab8gfPDqxeDmwa3KQAA |
|
.casalemedia.com/ | Name: CMPS Value: 5222 |
|
.casalemedia.com/ | Name: CMPRO Value: 5222 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?hB3Gg*!@wnfH8K6pQK`!5=E<*L5?%M7i-kzm40!%(1If_u5u1z92El)fBDCoe9^pD$*bpRz*qF1`*b_c?*'mT/ |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
engine.tend-table.com/ | Name: HEAD Value: 010050U2Fi1pS |
|
engine.tend-table.com/ | Name: FOIN_CATEGORY1 Value: |
|
ad.abchub.site/ | Name: FOIN_CATEGORY1 Value: |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.abchub.site
ad.aceplanet.co.kr
ad.doubleclick.net
c.bannerflow.net
cdn11.ad4989.co.kr
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
ec4571320c946e58c8cea5acde3d63a6.safeframe.googlesyndication.com
engine.tend-table.com
googleads.g.doubleclick.net
i.keezip.com
ib.adnxs.com
js.ad4989.co.kr
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
todawa52.asia
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.todawa57.asia
1.237.47.65
104.18.36.155
112.214.46.112
142.250.184.198
172.217.16.194
185.89.210.180
202.97.174.25
221.165.139.2
2606:4700:3035::6815:3570
2606:4700::6811:ca6e
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a04:4e42:400::649
2a06:98c1:3121::3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f9053cc65c3478b06280c16b3310cb095ef84c39bb5491bac4546b738fbc00f
1131f045ddc50292cb1ed4af9659a0850359a37bc401e4a9ef7062a52abb836f
120980ff146ecf078f74150fff78e15f3a0275c2393b6fac57da5896094f0145
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904
1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
27ce170f477b80957c55e1939c87820de82f8ce1bc71571477bf78de9ba34ed4
2d930af4bd5419bf72222580b88380a552e44fc551211bea4f14fee9800c4c59
308052b1bf48d457ff68c33a498c882f75beaae17118485be2dd3163fe0c7c11
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a4f41e3768d7420cd17ccd325823b9de898158ebe80648ff5af97ed39ea3547
3d1f0679c3082153a2ad78a08f490c96d014201f430b9f26d47ccf619d58c559
3d322485983f9bf6aa843345c3eb6dcc06b6d60555c849a778133ac335aa4251
3e9b495ee1d095c9283fd99f53d412318b0b2acaac07cfe745d82bb3aec1970a
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474914fafff1161475c6119c7a50e10893f3555c32c660caae8dc709b89b87f7
4a702df55789f44d2bc3456d2de41a5926bb27287b482a925539aa264cd6064f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
53880fbe381b283df3b581d35ddbb6ef3a68a6a88703151afeeb4bfd597a5629
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585168ae97d82b0b947ddd6f8a1d2e45035bc5c0f92945f577fa413479166f8c
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
5e5ce83a1abacd834f7e44a3be40475fdbb8034a7a1f1da33ab6ad985d0b94a2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641a5cc6cf249c42765e4ef582bafb93cd233db87de4fc7fd65f3838ab267185
64a0c38e91767fafc305dc34e65c52834e5d4772cd3a4c17a7662b0981055ff7
6625d59fa505def8eea58f489c5a7b77e6bb69b564e8f20fffbd3bb0cd2c67bd
66ea8b8e5fb63e30170770409f524bac18a024b210d690fa0db919212269a14a
6bd415fb0978ecddc6a9a1e77da54a17e77044f2a7c3d1fb9c6dbe82d2a5dbeb
710e4849b25e3323f1d7a06ca0c1386ee835e081b4964c7b29890f52f2f23c3a
72855f862df04b84b9755977382129f3f7f22f188f02686807e0eb5df1916155
72863df27774cdc732cd14c6373ed2fbb25b7baaba2456673bf8685e784e6e83
77cecd7c6278c55d385ae85fd5cc894fd72081cd0622bc692d4b06dfd4fb28bd
783361ed917fad413a4249d12774f5b0be1e4e75495da00e3b3e9edb1e10926f
825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87
825ff853ab6a0e6bd94ab3b5d2fb9870bc3005947e76ea12287374258bb4a2eb
899cd99a24a6950e11055aef298623208bde99364981f3a8b48b2c8580ca3d14
8adcf95b4db2c2e31573f6134949cb24cbd21ad970a17419bc0a12486b2f8404
9132d829bdc5601750177f6c4b039fb24a2c405a196d31857fcb4d7b0000e9f3
9b26993cbd5bc223bb4e0b46eff08871b24ebfcdb98f13b76d8bb44645698ef6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4d9e2cbab3e0d55a661df4ffba7c67a137191d93b5e1714cf56b5eafb052c07
ad8a1e3ef1505dc7a7ef74c590cd68358bb01e59aa7c10b6bdb375c3c1a9c44f
ade5687d38454f0cb0ea755086e412ea425a4d0d2dcfd8cc13133ab7720fcec9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bf0d6da2b17b813749a8b61047b209827603fb1fdff3ef336df7e67fe16aefe9
c573896132e78bc495b409acae0a58930235404857d720d862856cad24524bbb
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cf18a9ed9a6aa889d227de181fe071fe47062764cacd90c4423b81b6bbbee834
cf2b04e65eac6603f6472fe3b58bda2918c4a4fdbe0a5878eda75da7d43b4925
d22868dbb660acc95fec8868fbbcf2979c3ec66becf9a1e9b64c8a2252553196
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
da6d111c07706ad06e5b73197d1a6c42d46492db80063a858879ca3bdac7fae2
e1bdc4c80ed0efafe91180d84a9516d1b468a47ec7bf03db4230e527e014cdd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7985a42dd917c9daf4cd2288e298caab5320df9927ee0ccdf43fed99f2cacf2
e8a57e51ca4ccf80a78e91a18e4a45c93f6f266a7d9d8ff54c93d2f7bd33ccd5
eb45f8a14ff8a7017713e3ea91a06e273931998de2015ec5bccab23baf07b63c
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e54d3733153667e0c73b418b4a4219087f69af048f715e8c0d360112b0571
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f34285967052f4d10e4732af244d5db654ab1b685b9f505cf770dbc186bc7171
f89a06d4661e5607389bec9499b0d799fb723f1319cdb5fd1024fa5d70161075
fc09f0c3d4e12d3ecf37f8cad84638ff0de4264cc1003052f8b3dcc258c1ba1f
fd3a78c44240fc968612ed1a66b1ddf9f2e88ee172a587673e20a3d2709194c3