www.farorites.com Open in urlscan Pro
43.153.107.150 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.farorites.com/verify/
Submission: On July 01 via manual (July 1st 2024, 10:28:48 pm UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 43.153.107.150, located in United States and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.farorites.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on October 26th 2023. Valid for: a year.

This is the only time www.farorites.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
20	43.153.107.150 43.153.107.150		132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2a00:1450:400... 2a00:1450:4001:829::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003		15169 (GOOGLE) (GOOGLE)
1	5.10.25.108 5.10.25.108		12703 (PULSANT-AS) (PULSANT-AS)
24	5

20 43.153.107.150 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.farorites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.10.25.108 (Bognor Regis, United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: server.scanacart.com

byfavorites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	farorites.com www.farorites.com	1 MB
1	byfavorites.com byfavorites.com	2 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	732 B
0	dafontfree.net Failed www.dafontfree.net Failed
24	5

	Domain	Requested by
20	www.farorites.com	www.farorites.com
1	byfavorites.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.farorites.com
0	www.dafontfree.net Failed	www.farorites.com
24	5

This site contains links to these domains. Also see Links.

Domain
go.150.f2.org.cn

Subject Issuer	Validity	Valid
www.farorites.com TrustAsia RSA DV TLS CA G2	`2023-10-26` - `2024-10-25`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
byfavorites.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.farorites.com/verify/
Frame ID: 964257AE5C568B06B5F4044389E67A9B
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

By Favorites

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1092 kB
Transfer

1490 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://go.150.f2.org.cn/index.php?url=https://byfavorites.com/
Title: HOME

Search URL Search Domain Scan URL

URL: http://go.150.f2.org.cn/index.php?url=https://byfavorites.com/liquid-diamond.cfm
Title: LIQUID DIAMOND

Search URL Search Domain Scan URL

URL: http://go.150.f2.org.cn/index.php?url=https://byfavorites.com/live-resin.cfm
Title: LIVE RESIN

Search URL Search Domain Scan URL

URL: http://go.150.f2.org.cn/index.php?url=https://www.byfavorites.com/redirect/?type=ig&url=https%3A%2F%2Fwww.instagram.com%2Fbyfavorites&client=Favorites
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.farorites.com/verify/ 14 KB
14 KB 1235ms
247ms Document
text/html 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 092bb40d9d655d706ad417b9bd149afbd5b4dfd496e7032e621cf444f1fed112

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: text/html; charset=utf-8
Date: Mon, 01 Jul 2024 22:28:42 GMT
Server: kangle/3.5
Transfer-Encoding: chunked
X-Cache: MISS from kangle web server

GET
H/1.1 200
OK css
www.farorites.com/vxvx_files/ 8 KB
8 KB 355ms
181ms Stylesheet
text/plain 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/css
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:42 GMT
Last-Modified: Tue, 24 Oct 2023 15:09:32 GMT
Server: kangle/3.5
Age: 2353473
Content-Length: 8256
X-Cache: HIT from kangle web server
Content-Type: text/plain

GET
H/1.1 200
OK style.css
www.farorites.com/vxvx_files/ 83 KB
13 KB 536ms
182ms Stylesheet
text/css 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/style.css
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 38a3f3e90bcc42315b32c38f465c18027f2cea7f9af3b9b124d5040de29e8b42

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:42 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:32 GMT
Server: kangle/3.5
Age: 2353473
X-Cache: HIT from kangle web server
Content-Type: text/css
Content-Length: 13219

GET
H/1.1 200
OK bootstrap.css
www.farorites.com/vxvx_files/ 181 KB
22 KB 547ms
182ms Stylesheet
text/css 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/bootstrap.css
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 96aee6f1cc4e133bc85fedac5fc222d71a3ee81161db0b831f444a1bc3e1cc8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:42 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:32 GMT
Server: kangle/3.5
Age: 2353473
X-Cache: HIT from kangle web server
Content-Type: text/css
Content-Length: 22218

GET
H/1.1 200
OK owl.carousel.min.css
www.farorites.com/vxvx_files/ 3 KB
1 KB 548ms
183ms Stylesheet
text/css 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/owl.carousel.min.css
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:42 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:32 GMT
Server: kangle/3.5
Age: 2353473
X-Cache: HIT from kangle web server
Content-Type: text/css
Content-Length: 918

GET
H/1.1 200
OK newstyle.css
www.farorites.com/vxvx_files/ 25 KB
4 KB 549ms
182ms Stylesheet
text/css 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/newstyle.css
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 5252720f993b590408762f5e5e18ccaf6140af31ec3fed9730dd6982283a1c87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:42 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:32 GMT
Server: kangle/3.5
Age: 2353473
X-Cache: HIT from kangle web server
Content-Type: text/css
Content-Length: 4356

GET
H/1.1 200
OK responsive.css
www.farorites.com/vxvx_files/ 6 KB
1 KB 552ms
184ms Stylesheet
text/css 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/responsive.css
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: b9737e9b9aec781b3a77db4a2b9e8e3dfa34d714a3b075b031bc432c127ef81d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:42 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:32 GMT
Server: kangle/3.5
Age: 2353473
X-Cache: HIT from kangle web server
Content-Type: text/css
Content-Length: 1122

GET YWlsZXJvbi1oZWF2eS1yZWd1bGFyJmRhdGEvMTkxL2EvMTcyNTY0L2FpbGVyb24uaGVhdnkub3Rm
www.dafontfree.net/embed/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 424 B
732 B 140ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fredoka+One&display=swap

Requested by

Host: www.farorites.com
URL: https://www.farorites.com/verify/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aff3aed487dddcbd72b3a7d41fb8b7e9b231a50c72146ff7c476577642b92a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 Jul 2024 22:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 Jul 2024 22:28:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Jul 2024 22:28:42 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.farorites.com/babimg/font-awesome-4.7.0/css/ 30 KB
7 KB 553ms
184ms Stylesheet
text/css 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/babimg/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:42 GMT
Content-Encoding: br
Last-Modified: Thu, 27 Oct 2016 08:51:46 GMT
Server: kangle/3.5
Age: 2353473
X-Cache: HIT from kangle web server
Content-Type: text/css
Content-Length: 6663

GET
H/1.1 200
OK css2
www.farorites.com/vxvx_files/ 424 B
644 B 717ms
181ms Stylesheet
text/plain 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/css2
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: aff3aed487dddcbd72b3a7d41fb8b7e9b231a50c72146ff7c476577642b92a9c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:42 GMT
Last-Modified: Tue, 24 Oct 2023 15:09:38 GMT
Server: kangle/3.5
Age: 2353473
Content-Length: 424
X-Cache: HIT from kangle web server
Content-Type: text/plain

GET
H/1.1 200
OK logo-new.png
www.farorites.com/vxvx_files/ 194 KB
195 KB 183ms
183ms Image
image/png 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farorites.com/vxvx_files/logo-new.png
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 2a77ec75b4d86423f4c5d7344d6633ca9468a6ba47d0293c8a8f2c195966bf29

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:27:56 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: image/png
Content-Length: 198998

GET
H/1.1 200
OK jquery.js Show response
www.farorites.com/vxvx_files/ 82 KB
28 KB 728ms
182ms Script
application/x-javascript 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/jquery.js
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:38 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: application/x-javascript
Content-Length: 28795

GET
H/1.1 200
OK bootstrap.min.js Show response
www.farorites.com/vxvx_files/ 36 KB
9 KB 183ms
182ms Script
application/x-javascript 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/bootstrap.min.js
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:38 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: application/x-javascript
Content-Length: 9458

GET
H/1.1 200
OK main.js Show response
www.farorites.com/vxvx_files/ 2 KB
897 B 183ms
183ms Script
application/x-javascript 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/main.js
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: e9db89daa2a879093475353818733db87da9920c645e40eb9927b4480aacfcff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:38 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: application/x-javascript
Content-Length: 641

GET
H/1.1 200
OK owl.carousel.min.js Show response
www.farorites.com/vxvx_files/ 43 KB
11 KB 184ms
184ms Script
application/x-javascript 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/owl.carousel.min.js
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:38 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: application/x-javascript
Content-Length: 11164

GET
H/1.1 200
OK verify_error.png
www.farorites.com/vxvx_files/ 19 KB
19 KB 184ms
184ms Image
image/png 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farorites.com/vxvx_files/verify_error.png
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 3d56579b85b9bf206025542c7c9c99ac6d55949f00f62daeb841bf1595cd6185

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:09:38 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: image/png
Content-Length: 18895

GET
H/1.1 200
OK authenicate1.jpg
www.farorites.com/vxvx_files/ 120 KB
118 KB 332ms
182ms Image
image/jpeg 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farorites.com/vxvx_files/authenicate1.jpg
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 369485872c6619eafa3e06cfbcf4d30d0cb4214662c0c09fd2f3859938708725

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:42:42 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: image/jpeg
Content-Length: 120431

GET
H/1.1 200
OK authenicate2.jpg
www.farorites.com/vxvx_files/ 119 KB
116 KB 664ms
185ms Image
image/jpeg 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farorites.com/vxvx_files/authenicate2.jpg
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 1895d1b572c9b9f6b4c24878f3d3137f017b5643061fd4070560daf02ce516ff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:42:56 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: image/jpeg
Content-Length: 118831

GET
H/1.1 200
OK authenicate3.jpg
www.farorites.com/vxvx_files/ 131 KB
129 KB 477ms
323ms Image
image/jpeg 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farorites.com/vxvx_files/authenicate3.jpg
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/verify/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: c3f6328be6275807411350c0e1ab858823ebc41e8de70ae68f948fbe58f3f1c9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/verify/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Oct 2023 15:43:06 GMT
Server: kangle/3.5
Age: 2353474
X-Cache: HIT from kangle web server
Content-Type: image/jpeg
Content-Length: 131608

GET
H/1.1 200
OK icomoon.ttf
www.farorites.com/vxvx_files/fonts/ 300 KB
300 KB 315ms
181ms Font
application/octet-stream 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/vxvx_files/fonts/icomoon.ttf?10si43
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/vxvx_files/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: ba9f66e8a9ba6c03f4bd2acb263d493000ba0760eade817ada4c6ba160bbe2dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/vxvx_files/style.css
Origin: https://www.farorites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Last-Modified: Tue, 24 Oct 2023 15:40:20 GMT
Server: kangle/3.5
Age: 2353474
Content-Length: 307168
X-Cache: HIT from kangle web server
Content-Type: text/plain

GET
H2 200 k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
fonts.gstatic.com/s/fredokaone/v14/ 15 KB
16 KB 136ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fredoka+One&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.farorites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:51:09 GMT
x-content-type-options: nosniff
age: 545854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15596
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:35:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:51:09 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.farorites.com/babimg/font-awesome-4.7.0/fonts/ 75 KB
76 KB 330ms
183ms Font
application/octet-stream 43.153.107.150
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farorites.com/babimg/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.farorites.com
URL: https://www.farorites.com/babimg/font-awesome-4.7.0/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.153.107.150 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/babimg/font-awesome-4.7.0/css/font-awesome.min.css
Origin: https://www.farorites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 22:28:43 GMT
Last-Modified: Thu, 27 Oct 2016 08:51:44 GMT
Server: kangle/3.5
Age: 2353474
Content-Length: 77160
X-Cache: HIT from kangle web server
Content-Type: text/plain

GET
H/1.1 200
OK favicon-32x32.png
byfavorites.com/images/ 2 KB
2 KB 265ms
51ms Other
image/png 5.10.25.108
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://byfavorites.com/images/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.108 Bognor Regis, United Kingdom, ASN12703 (PULSANT-AS, GB),

Reverse DNS

server.scanacart.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0d5ed46ed8ba1f46bae4e65cea6099a5200ce1900a0b17c601805c476083a0a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.farorites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 01 Jul 2024 22:28:43 GMT
Last-Modified: Thu, 25 Jan 2024 00:16:58 GMT
Server: Microsoft-IIS/10.0
ETag: "d45fc1cf234fda1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1636

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dafontfree.net
URL: https://www.dafontfree.net/embed/YWlsZXJvbi1oZWF2eS1yZWd1bGFyJmRhdGEvMTkxL2EvMTcyNTY0L2FpbGVyb24uaGVhdnkub3Rm

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.farorites.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 800207d7445d84372cd537b039f5f2fd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

byfavorites.com
fonts.googleapis.com
fonts.gstatic.com
www.dafontfree.net
www.farorites.com
www.dafontfree.net
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
43.153.107.150
5.10.25.108
058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
092bb40d9d655d706ad417b9bd149afbd5b4dfd496e7032e621cf444f1fed112
0d5ed46ed8ba1f46bae4e65cea6099a5200ce1900a0b17c601805c476083a0a1
1895d1b572c9b9f6b4c24878f3d3137f017b5643061fd4070560daf02ce516ff
2a77ec75b4d86423f4c5d7344d6633ca9468a6ba47d0293c8a8f2c195966bf29
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
369485872c6619eafa3e06cfbcf4d30d0cb4214662c0c09fd2f3859938708725
38a3f3e90bcc42315b32c38f465c18027f2cea7f9af3b9b124d5040de29e8b42
3d56579b85b9bf206025542c7c9c99ac6d55949f00f62daeb841bf1595cd6185
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
5252720f993b590408762f5e5e18ccaf6140af31ec3fed9730dd6982283a1c87
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
96aee6f1cc4e133bc85fedac5fc222d71a3ee81161db0b831f444a1bc3e1cc8e
aff3aed487dddcbd72b3a7d41fb8b7e9b231a50c72146ff7c476577642b92a9c
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b9737e9b9aec781b3a77db4a2b9e8e3dfa34d714a3b075b031bc432c127ef81d
ba9f66e8a9ba6c03f4bd2acb263d493000ba0760eade817ada4c6ba160bbe2dd
c3f6328be6275807411350c0e1ab858823ebc41e8de70ae68f948fbe58f3f1c9
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
e9db89daa2a879093475353818733db87da9920c645e40eb9927b4480aacfcff