Submitted URL: http://qffhm.dearrefuse.link/235256643562325363523763622
Effective URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Submission: On September 12 via api from IE — Scanned from FR

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 32 HTTP transactions. The main IP is 34.155.24.251, located in Paris, France and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is fr.proposalreply.ink.
This is the only time fr.proposalreply.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 33 34.155.24.251 396982 (GOOGLE-CL...)
32 2
Apex Domain
Subdomains
Transfer
32 proposalreply.ink
fr.proposalreply.ink
1 MB
1 dearrefuse.link
qffhm.dearrefuse.link
356 B
32 2
Domain Requested by
32 fr.proposalreply.ink fr.proposalreply.ink
1 qffhm.dearrefuse.link 1 redirects
32 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Frame ID: CDBBD0459A56AC0D7A51ACAA78288992
Requests: 38 HTTP requests in this frame

Screenshot

Page Title

Karine Ferri révèle le secret de « la classe aisée » : une technologie qui permet à chacun de gagner des millions.

Page URL History Show full URLs

  1. http://qffhm.dearrefuse.link/235256643562325363523763622 HTTP 302
    http://fr.proposalreply.ink/FR/8118/?bet=283689223 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1112 kB
Transfer

1141 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qffhm.dearrefuse.link/235256643562325363523763622 HTTP 302
    http://fr.proposalreply.ink/FR/8118/?bet=283689223 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fr.proposalreply.ink/FR/8118/
Redirect Chain
  • http://qffhm.dearrefuse.link/235256643562325363523763622
  • http://fr.proposalreply.ink/FR/8118/?bet=283689223
31 KB
11 KB
Document
General
Full URL
http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
1d16bcdafb7b32a3ca5ab40710c363270c487fb01565f1c26d14926bba3d26e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 07:41:35 GMT
server
nginx/1.10.3
transfer-encoding
chunked

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 07:41:35 GMT
location
http://fr.proposalreply.ink/FR/8118/?bet=283689223
server
Apache/2.4.38 (Debian)
fonts.css
fr.proposalreply.ink/FR/8118/css/
2 KB
2 KB
Stylesheet
General
Full URL
http://fr.proposalreply.ink/FR/8118/css/fonts.css
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
93f4e71914cc11d2d281887ea4c69102c1620a975178fba6f123a167fe858b83

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-6d8"
content-length
1752
content-type
text/css
style.css
fr.proposalreply.ink/FR/8118/css/
26 KB
26 KB
Stylesheet
General
Full URL
http://fr.proposalreply.ink/FR/8118/css/style.css
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
f7fb86ec1bfefe2113414396d40ff1d8ae32825427a8fd27d91e8b8b78709fe2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-6818"
content-length
26648
content-type
text/css
footer.css
fr.proposalreply.ink/FR/8118/css/
982 B
1 KB
Stylesheet
General
Full URL
http://fr.proposalreply.ink/FR/8118/css/footer.css
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
247e36eab202183891384828505e16a737662c5fac12db7c7ca074a882c847d9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-3d6"
content-length
982
content-type
text/css
header-desktop.svg
fr.proposalreply.ink/FR/8118/images/
21 KB
21 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/header-desktop.svg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
2ca50b9bdfe9245fcb7c3db38cf93823f7671c016f879c1d9ba566a99a15deb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-53c5"
content-length
21445
content-type
image/svg+xml
header-tablet.svg
fr.proposalreply.ink/FR/8118/images/
19 KB
19 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/header-tablet.svg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
fed013eb69b21fb51d844d5e34917192fe55ed96e425f500883255aaddd44ef7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-4cf3"
content-length
19699
content-type
image/svg+xml
header-mob.svg
fr.proposalreply.ink/FR/8118/images/
2 KB
2 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/header-mob.svg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
b13a2644903b54387b13e1d4bffcfe614d234675d5f96f154984bd238aab8424

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-800"
content-length
2048
content-type
image/svg+xml
1.jpg
fr.proposalreply.ink/FR/8118/images/
107 KB
107 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/1.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
66d1a9f28e05efdae38ba8483dd51796a4f67c4d08d535b45751e73ab755b398

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-1ac4a"
content-length
109642
content-type
image/jpeg
pop1.jpg
fr.proposalreply.ink/FR/8118/images/
11 KB
11 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/pop1.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
b35b4cac61f6ed5df23c037c36eed6c1e8bb354f83d9e97b2067e459aabcdeee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-2af0"
content-length
10992
content-type
image/jpeg
pop2.jpg
fr.proposalreply.ink/FR/8118/images/
12 KB
12 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/pop2.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
3bab95f1a5595cedb4ae923b19a99eb07db3972a5890b496575f003c8a6deed8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-2f36"
content-length
12086
content-type
image/jpeg
pop3.jpg
fr.proposalreply.ink/FR/8118/images/
12 KB
12 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/pop3.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
d4861a0cb063d9a8f98a750ebe30b6c05103b8ab3b7495308a0b4094ef20591f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-2ffa"
content-length
12282
content-type
image/jpeg
pop4.jpg
fr.proposalreply.ink/FR/8118/images/
15 KB
15 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/pop4.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
7c1d97134ef8fa08fd8dfb1c90c9f22b4e0b6d0ac55004499320cd9dbdc70599

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-3ae4"
content-length
15076
content-type
image/jpeg
pop5.jpg
fr.proposalreply.ink/FR/8118/images/
16 KB
17 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/pop5.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
3da7a0c69e30a986246753e1b3d3a719872aaad903fafa160431e971f4df9b0f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-415e"
content-length
16734
content-type
image/jpeg
2.jpg
fr.proposalreply.ink/FR/8118/images/
47 KB
47 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/2.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
c57e943fb3cdba026384881b5a4ca284ce894659aeacd1a075c1885439d9968d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-bada"
content-length
47834
content-type
image/jpeg
3.jpg
fr.proposalreply.ink/FR/8118/images/
89 KB
89 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/3.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
336bd7c17330d90016b309ecfa81ccb4e61666dfb801792e7567579a7c6da8b9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-1635a"
content-length
90970
content-type
image/jpeg
4.jpg
fr.proposalreply.ink/FR/8118/images/
43 KB
44 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/4.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
0d3d5f29c4ed670aeab87b1a2392e78832f0d4dc2073232ea8f276d5d9179bf7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-adca"
content-length
44490
content-type
image/jpeg
5.jpg
fr.proposalreply.ink/FR/8118/images/
104 KB
104 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/5.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
a318e4b7856cce1e3e148fb087ca42faf37fe411db7e9158da8aa49969df6845

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-1a04f"
content-length
106575
content-type
image/jpeg
6.jpg
fr.proposalreply.ink/FR/8118/images/
28 KB
29 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/6.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
8028e76924d9ea9a0056ec15dae8fff01b112be2bda3674ac61ed0f25f813346

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-7185"
content-length
29061
content-type
image/jpeg
7.jpg
fr.proposalreply.ink/FR/8118/images/
43 KB
43 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/7.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
c68db5a3113c7a5b9b9b34cffbeb142cf79ec1cfd6f9adbf199d55d8cecbb76c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-aad4"
content-length
43732
content-type
image/jpeg
reg.jpg
fr.proposalreply.ink/FR/8118/images/
43 KB
43 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/reg.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
d4733a2aa46de3f3668522fca3b815a2337765856ea38e0fb0f11069534473d3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-ab88"
content-length
43912
content-type
image/jpeg
deposit-background.jpg
fr.proposalreply.ink/FR/8118/images/
23 KB
24 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/deposit-background.jpg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
579d9755daf0f4022261255757a9a1e43151520e5cba38a88f3b94ee80e36b68

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-5d93"
content-length
23955
content-type
image/jpeg
Country-logo.svg
fr.proposalreply.ink/FR/8118/images/
781 B
999 B
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/Country-logo.svg
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
befcd7968c05e6eb43e67e4260524bfef58800b4f608a0b347669a3c6aee7d4e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-30d"
content-length
781
content-type
image/svg+xml
twitterF.png
fr.proposalreply.ink/FR/8118/images/
2 KB
2 KB
Image
General
Full URL
http://fr.proposalreply.ink/FR/8118/images/twitterF.png
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
d555261b5bc8f8746f340b284ed2057440306304d4e4cd5d40230b6080f11e51

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-62a"
content-length
1578
content-type
image/png
jquery.min.js
fr.proposalreply.ink/FR/8118/js/
94 KB
94 KB
Script
General
Full URL
http://fr.proposalreply.ink/FR/8118/js/jquery.min.js
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
3e058d034077746461bc5d8e041415e85ae7a49a46c5ef1fa0b5067c4bf585b7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-17816"
content-length
96278
content-type
application/javascript
getdetector.js
fr.proposalreply.ink/FR/8118/js/
216 B
442 B
Script
General
Full URL
http://fr.proposalreply.ink/FR/8118/js/getdetector.js
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-d8"
content-length
216
content-type
application/javascript
deposit_screen.js
fr.proposalreply.ink/FR/8118/js/
35 KB
35 KB
Script
General
Full URL
http://fr.proposalreply.ink/FR/8118/js/deposit_screen.js
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
567b4cd51956f584f9112ac55745877ce26cba14670b3b4d523bf5d0133c07f5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-8bed"
content-length
35821
content-type
application/javascript
script.js
fr.proposalreply.ink/FR/8118/js/
675 B
902 B
Script
General
Full URL
http://fr.proposalreply.ink/FR/8118/js/script.js
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/?bet=283689223
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
6f7bb348f38afdf3737120195e97c0344ceea77d98431ad1811957a08307b5c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/FR/8118/?bet=283689223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:35 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-2a3"
content-length
675
content-type
application/javascript
ProximaNova-Black.woff
fr.proposalreply.ink/FR/8118/fonts/
49 KB
49 KB
Font
General
Full URL
http://fr.proposalreply.ink/FR/8118/fonts/ProximaNova-Black.woff
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/css/fonts.css
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
819533bb4f83420808645a789d2d4e9bafc4afb7ec67026502876f88e1e107d9

Request headers

Referer
http://fr.proposalreply.ink/FR/8118/css/fonts.css
Origin
http://fr.proposalreply.ink
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-c508"
content-length
50440
content-type
application/font-woff
ProximaNova-Bold.woff
fr.proposalreply.ink/FR/8118/fonts/
51 KB
51 KB
Font
General
Full URL
http://fr.proposalreply.ink/FR/8118/fonts/ProximaNova-Bold.woff
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/css/fonts.css
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1

Request headers

Referer
http://fr.proposalreply.ink/FR/8118/css/fonts.css
Origin
http://fr.proposalreply.ink
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-cb64"
content-length
52068
content-type
application/font-woff
LyonText-Regular.woff
fr.proposalreply.ink/FR/8118/fonts/
80 KB
81 KB
Font
General
Full URL
http://fr.proposalreply.ink/FR/8118/fonts/LyonText-Regular.woff
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/css/fonts.css
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
30d9e3b509e441751098497abe49ce628277e1971595cc7a08c7ceb9d5a21959

Request headers

Referer
http://fr.proposalreply.ink/FR/8118/css/fonts.css
Origin
http://fr.proposalreply.ink
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-14164"
content-length
82276
content-type
application/font-woff
ProximaNova-Regular.woff
fr.proposalreply.ink/FR/8118/fonts/
51 KB
51 KB
Font
General
Full URL
http://fr.proposalreply.ink/FR/8118/fonts/ProximaNova-Regular.woff
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/css/fonts.css
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
81c6d1a13227777d009f275f5ecb80bd6c780d2843b9b18fe2809ff9822a2066

Request headers

Referer
http://fr.proposalreply.ink/FR/8118/css/fonts.css
Origin
http://fr.proposalreply.ink
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-ccac"
content-length
52396
content-type
application/font-woff
times-new-roman.ttf
fr.proposalreply.ink/FR/8118/fonts/
67 KB
67 KB
Font
General
Full URL
http://fr.proposalreply.ink/FR/8118/fonts/times-new-roman.ttf
Requested by
Host: fr.proposalreply.ink
URL: http://fr.proposalreply.ink/FR/8118/css/fonts.css
Protocol
HTTP/1.1
Server
34.155.24.251 Paris, France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.24.155.34.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
78ceba0105d46a592b9c84f7dc2ee802c4645c591fd7eadd1972f5663b3c4c4f

Request headers

Referer
http://fr.proposalreply.ink/FR/8118/css/fonts.css
Origin
http://fr.proposalreply.ink
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:41:36 GMT
last-modified
Thu, 09 Sep 2021 05:33:02 GMT
server
nginx/1.10.3
accept-ranges
bytes
etag
"61399c8e-10b14"
content-length
68372
content-type
application/octet-stream
truncated
/
968 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a8acaa312420be34462a134c8987dbbe895b2069761e7d995fe8f7cb8e401f4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
934 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
933d3ad60fa9665ab6a18c9db6fa52d62c6155f314e33348853657c3522b055f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3eed3b497aeb6687c9f2a8b09505ac07dfc4a347a9f5801e1025ee9a5cb0864

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b4de9cc4f36a42fc9b5dea1911bb939a8adc273e16c308aa658b783a3017153

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5a4e185d2e5f83fd38492570eb29eeb316a0a659432fc58634fec2ab62664ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
569 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96e4fedf98f8ebd4887004521d1b32b5384bf02c2c1ad32d48e25f4a5d08f548

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://fr.proposalreply.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| code_attr function| $ function| jQuery function| sfd function| rty function| glob function| scaleBlock string| backgroundImg function| formatAMPM

1 Cookies

Domain/Path Name / Value
qffhm.dearrefuse.link/ Name: zcknrt_235256643562325363523763622
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fr.proposalreply.ink
qffhm.dearrefuse.link
34.155.24.251
0d3d5f29c4ed670aeab87b1a2392e78832f0d4dc2073232ea8f276d5d9179bf7
1d16bcdafb7b32a3ca5ab40710c363270c487fb01565f1c26d14926bba3d26e6
247e36eab202183891384828505e16a737662c5fac12db7c7ca074a882c847d9
2ca50b9bdfe9245fcb7c3db38cf93823f7671c016f879c1d9ba566a99a15deb7
30d9e3b509e441751098497abe49ce628277e1971595cc7a08c7ceb9d5a21959
336bd7c17330d90016b309ecfa81ccb4e61666dfb801792e7567579a7c6da8b9
3a8acaa312420be34462a134c8987dbbe895b2069761e7d995fe8f7cb8e401f4
3bab95f1a5595cedb4ae923b19a99eb07db3972a5890b496575f003c8a6deed8
3da7a0c69e30a986246753e1b3d3a719872aaad903fafa160431e971f4df9b0f
3e058d034077746461bc5d8e041415e85ae7a49a46c5ef1fa0b5067c4bf585b7
567b4cd51956f584f9112ac55745877ce26cba14670b3b4d523bf5d0133c07f5
579d9755daf0f4022261255757a9a1e43151520e5cba38a88f3b94ee80e36b68
66d1a9f28e05efdae38ba8483dd51796a4f67c4d08d535b45751e73ab755b398
6b4de9cc4f36a42fc9b5dea1911bb939a8adc273e16c308aa658b783a3017153
6f7bb348f38afdf3737120195e97c0344ceea77d98431ad1811957a08307b5c1
78ceba0105d46a592b9c84f7dc2ee802c4645c591fd7eadd1972f5663b3c4c4f
7c1d97134ef8fa08fd8dfb1c90c9f22b4e0b6d0ac55004499320cd9dbdc70599
8028e76924d9ea9a0056ec15dae8fff01b112be2bda3674ac61ed0f25f813346
819533bb4f83420808645a789d2d4e9bafc4afb7ec67026502876f88e1e107d9
81c6d1a13227777d009f275f5ecb80bd6c780d2843b9b18fe2809ff9822a2066
933d3ad60fa9665ab6a18c9db6fa52d62c6155f314e33348853657c3522b055f
93f4e71914cc11d2d281887ea4c69102c1620a975178fba6f123a167fe858b83
96e4fedf98f8ebd4887004521d1b32b5384bf02c2c1ad32d48e25f4a5d08f548
99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1
a318e4b7856cce1e3e148fb087ca42faf37fe411db7e9158da8aa49969df6845
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
b13a2644903b54387b13e1d4bffcfe614d234675d5f96f154984bd238aab8424
b35b4cac61f6ed5df23c037c36eed6c1e8bb354f83d9e97b2067e459aabcdeee
befcd7968c05e6eb43e67e4260524bfef58800b4f608a0b347669a3c6aee7d4e
c57e943fb3cdba026384881b5a4ca284ce894659aeacd1a075c1885439d9968d
c68db5a3113c7a5b9b9b34cffbeb142cf79ec1cfd6f9adbf199d55d8cecbb76c
d4733a2aa46de3f3668522fca3b815a2337765856ea38e0fb0f11069534473d3
d4861a0cb063d9a8f98a750ebe30b6c05103b8ab3b7495308a0b4094ef20591f
d555261b5bc8f8746f340b284ed2057440306304d4e4cd5d40230b6080f11e51
e3eed3b497aeb6687c9f2a8b09505ac07dfc4a347a9f5801e1025ee9a5cb0864
f5a4e185d2e5f83fd38492570eb29eeb316a0a659432fc58634fec2ab62664ac
f7fb86ec1bfefe2113414396d40ff1d8ae32825427a8fd27d91e8b8b78709fe2
fed013eb69b21fb51d844d5e34917192fe55ed96e425f500883255aaddd44ef7