www.americascardroom.eu
Open in
urlscan Pro
104.16.209.45
Malicious Activity!
Public Scan
Effective URL: https://www.americascardroom.eu/ads/digital/warm-welcome/?utm_source=digital-adv
Submission: On May 03 via manual from US — Scanned from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.
This is the only time www.americascardroom.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 4 votes Show Verdicts
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-32-33.compute-1.amazonaws.com
ambiliarcarwin.com |
ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com | |
stackpath.bootstrapcdn.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-35.ewr53.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN11054 (LIVEPERSON, US)
PTR: lptag.liveperson.net
lptag.liveperson.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-25.ewr53.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-14.ewr53.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-142-136.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-100.ewr53.r.cloudfront.net
vc.hotjar.io |
ASN11054 (LIVEPERSON, US)
PTR: va-lpcdn.lpsnmedia.net
lpcdn.lpsnmedia.net |
ASN11054 (LIVEPERSON, US)
PTR: lo.v.liveperson.net
lo.v.liveperson.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
americascardroom.eu
www.americascardroom.eu — Cisco Umbrella Rank: 70417 |
1 MB |
9 |
lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 4140 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4175 |
408 KB |
7 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5764 |
111 KB |
4 |
liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 4296 lo.v.liveperson.net — Cisco Umbrella Rank: 13991 |
109 KB |
4 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 920 script.hotjar.com — Cisco Umbrella Rank: 1202 vars.hotjar.com — Cisco Umbrella Rank: 1251 in.hotjar.com — Cisco Umbrella Rank: 2229 |
67 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101 |
20 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1095 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3175 |
32 KB |
2 |
realsrv.com
1 redirects
syndication.realsrv.com — Cisco Umbrella Rank: 5597 |
2 KB |
1 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3009 |
256 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175 |
444 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142 |
62 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 432 |
33 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341 |
69 KB |
1 |
wpnetwork.eu
1 redirects
tracking.wpnetwork.eu — Cisco Umbrella Rank: 65817 |
234 B |
1 |
ambiliarcarwin.com
1 redirects
ambiliarcarwin.com — Cisco Umbrella Rank: 64306 |
654 B |
73 | 15 |
Domain | Requested by | |
---|---|---|
39 | www.americascardroom.eu |
syndication.realsrv.com
www.americascardroom.eu |
7 | lpcdn.lpsnmedia.net |
lptag.liveperson.net
|
7 | dev.visualwebsiteoptimizer.com |
syndication.realsrv.com
dev.visualwebsiteoptimizer.com |
2 | lo.v.liveperson.net |
lptag.liveperson.net
|
2 | accdn.lpsnmedia.net |
lptag.liveperson.net
|
2 | lptag.liveperson.net |
syndication.realsrv.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | syndication.realsrv.com | 1 redirects |
1 | vc.hotjar.io |
script.hotjar.com
|
1 | in.hotjar.com |
script.hotjar.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.americascardroom.eu
|
1 | ajax.googleapis.com |
www.americascardroom.eu
|
1 | stackpath.bootstrapcdn.com |
www.americascardroom.eu
|
1 | cdnjs.cloudflare.com |
www.americascardroom.eu
|
1 | maxcdn.bootstrapcdn.com |
www.americascardroom.eu
|
1 | tracking.wpnetwork.eu | 1 redirects |
1 | ambiliarcarwin.com | 1 redirects |
73 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
play.americascardroom.eu |
www.facebook.com |
www.youtube.com |
twitter.com |
psignup.americascardroom.eu |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
realsrv.com R3 |
2022-03-07 - 2022-06-05 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-02 - 2022-07-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2020-06-19 - 2022-07-06 |
2 years | crt.sh |
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2020-05-30 - 2022-05-30 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.hotjar.io Amazon |
2021-08-17 - 2022-09-15 |
a year | crt.sh |
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA |
2022-02-07 - 2023-02-07 |
a year | crt.sh |
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2022-03-22 - 2023-03-22 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.americascardroom.eu/ads/digital/warm-welcome/?utm_source=digital-adv
Frame ID: F15BCAFDC36223B9B44A1A9F4DA2BE92
Requests: 71 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 59C92167C74E880B5EC11912FFC6CA41
Requests: 1 HTTP requests in this frame
Frame:
https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.americascardroom.eu&site=90637832&env=prod
Frame ID: 328799B7CF04D2A7BCB1010F516F5808
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Venom - Americas CardroomPage URL History Show full URLs
- https://syndication.realsrv.com/splash.php?type=8&idzone=4669752&sub=44_animmo.fun Page URL
-
https://syndication.realsrv.com/splash.php?type=8&idzone=4669752&sub=44_animmo.fun&p=https%3A%2F%2Fanimmo.fu...
HTTP 302
https://ambiliarcarwin.com/bf9f2710-0a11-47fd-9404-6a6b7149550b?zoneid=4669752&source=animmo.fun&varid=... HTTP 302
https://tracking.wpnetwork.eu/api/TrackAffiliateToken?token=woin047q9elddetf2ilk78ha&skin=ACR&url=https://... HTTP 302
https://www.americascardroom.eu/ads/digital/warm-welcome/?utm_source=digital-adv Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
VWO (Analytics) Expand
Detected patterns
- dev\.visualwebsiteoptimizer\.com/?([\d.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Mac
Search URL Search Domain Scan URL
Title: Windows
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://syndication.realsrv.com/splash.php?type=8&idzone=4669752&sub=44_animmo.fun Page URL
-
https://syndication.realsrv.com/splash.php?type=8&idzone=4669752&sub=44_animmo.fun&p=https%3A%2F%2Fanimmo.fun&tested=1&check=aaa1f96961302bb0fefc388bc973dff2&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0
HTTP 302
https://ambiliarcarwin.com/bf9f2710-0a11-47fd-9404-6a6b7149550b?zoneid=4669752&source=animmo.fun&varid=48388988&keyword=&tags=animmo,fun&siteid=937905&campid=4273874&catid=517&country=USA&format=&cost=0.0009&tag=ooc45c3U113WVTuptottuttdK51U1jqZnTupldK6V0rrKZnVTT210WuqmntqtmdK6V07p3SuldM6V0rpnVz2TaS8SzVTb7XR0S20zVW0zWzzU11WVUO2l40ptqon1m0r2lz3slpzm3tu3s1t4zmdTS7MHf_4Y.DgdNXLKqaeWVzpXSuldK6V0rpXSulcH2A- HTTP 302
https://tracking.wpnetwork.eu/api/TrackAffiliateToken?token=woin047q9elddetf2ilk78ha&skin=ACR&url=https://www.americascardroom.eu/ads/digital/warm-welcome/?utm_source=digital-adv&utm_medium=cpc&utm_campaign=masks HTTP 302
https://www.americascardroom.eu/ads/digital/warm-welcome/?utm_source=digital-adv Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
splash.php
syndication.realsrv.com/ |
1 KB 867 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.americascardroom.eu/ads/digital/warm-welcome/ Redirect Chain
|
25 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ |
119 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css-popup-landing.css
www.americascardroom.eu/wp-content/themes/americascardroom/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing-venom-8million.css
www.americascardroom.eu/wp-content/themes/americascardroom/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Flecha-Abajo-Der-02-02.png
www.americascardroom.eu/wp-content/uploads/2020/05/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Americas-cardroom.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
girl2.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/ |
225 KB 225 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
girl1.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/ |
273 KB 273 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boy.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/ |
268 KB 269 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Iconos-landing-page-02.svg
www.americascardroom.eu/wp-content/themes/americascardroom/images/site/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ACR-Slider-2.gif
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
71 KB 71 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
welcome-bonus-2000.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get-me-started.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
854 B 988 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FB.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/ |
624 B 746 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon-Youtube.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
586 B 756 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/ |
580 B 702 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Download-now.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon-Bitcoin.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DL.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/ |
688 B 809 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EM.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/ |
482 B 604 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BTC.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo-ACR.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/mobile/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
girl2.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/Mobile-Rus/ |
103 KB 103 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
girl1.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/Mobile-Rus/ |
131 KB 131 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boy.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/7million-ruso/Mobile-Rus/ |
130 KB 130 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
welcome-bonus-2000.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/mobile/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get-me-started.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/mobile/ |
854 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ACR-Slider-2.gif
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/mobile/ |
71 KB 71 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-social-fb.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/landing-digital-welcome-poker/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67x67-ig.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/landing-digital-welcome-poker/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-social-yt.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/landing-digital-welcome-poker/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-social-tw.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/landing-digital-welcome-poker/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-social-dl.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/landing-digital-welcome-poker/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-social-em.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/landing-digital-welcome-poker/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ |
281 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/ |
39 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tpl-acr.net-mobile.js
www.americascardroom.eu/wp-content/themes/americascardroom/js/ |
645 B 428 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
175 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Background-Desktop.jpg
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
58 KB 59 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gif.gif
www.americascardroom.eu/wp-content/themes/americascardroom/images/site/ |
8 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
teko-light-webfont.woff
www.americascardroom.eu/wp-content/themes/americascardroom/fonts/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Step-download.png
www.americascardroom.eu/wp-content/themes/americascardroom/images/venom8m/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tungsten-Medium.woff2
www.americascardroom.eu/wp-content/themes/americascardroom/fonts/ |
13 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-822961.js
static.hotjar.com/c/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.ddabd1511044f1aea3ae.js
script.hotjar.com/ |
238 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 212 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ |
221 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
dev.visualwebsiteoptimizer.com/7.0/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opa-608d8314e5c4b9c6caefe04b8ad484ca.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ |
104 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 444 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame 59C9 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
settings.js
dev.visualwebsiteoptimizer.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ |
47 KB 13 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/822961/ |
147 B 322 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
822961
vc.hotjar.io/sessions/ |
0 256 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/90637832/configuration/applications/taglets/ |
273 KB 99 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
accdn.lpsnmedia.net/api/account/90637832/configuration/setting/accountproperties/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/ |
39 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/ |
92 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.17.0.8-release_5442/ |
934 KB 292 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zones
accdn.lpsnmedia.net/api/account/90637832/configuration/le-campaigns/ |
41 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ Frame 3287 |
39 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ |
38 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
90637832
lo.v.liveperson.net/api/js/ |
246 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
90637832
lo.v.liveperson.net/api/js/ |
111 B 854 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
task.url
Submitted on
May 3rd 2022, 10:49:45 pm
UTC —
From United States
Threats:
Misc
Comment: Malicious Ad server spawned from malicious 3xx redirect stack.
Malicious
page.url
Submitted on
May 3rd 2022, 10:48:17 pm
UTC —
From United States
Threats:
Social Engineering
Scam
Comment: Social Engineering / Scam - Illegal Gambling Scam.
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
95 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer function| $ function| jQuery function| openNav function| openNav1 function| closeNav function| redirect object| google_tag_manager function| hj object| _hjSettings object| google_tag_data string| GoogleAnalyticsObject function| ga number| settings_timer number| _vwo_settings_timer object| _vwo_code object| lpTag function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa object| VWOOmni string| _vwo_opa_cb string| _vwo_worker_cb function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| __nls number| ___vwo function| _typeof function| _extends object| lpTaglogListeners object| lpMTagConfig function| createFrameworkGlobals object| liveperson function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| __core-js_shared__ object| lpIntlTelInputUtils object| lpIntlTelInputGlobals23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.realsrv.com/ | Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226271b0f0151ed9.308415841821465753%22%3B%7D |
|
.realsrv.com/ | Name: impressions Value: meoxmmaenxgxarxrlssrogxcceirlclsmsonxgxarxrlssrsgxcceicbsbblbbnxgxarxaxbesogmoe |
|
.realsrv.com/ | Name: c-tag Value: %7B%22tag-link%22%3A%22v3%7C%7CUSA%7C4669752%7C48388988%7C0%7C%7C517%7C41%7C2%7C40%7C0%7C0%7C0%7C741%7C5128638%7C5128581%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C6271b0f0151ed9.308415841821465753%7Cd0fb48532c1b6d0ae704a1e89e7c8fa1%7C44%7Canimmo.fun%7C1600x1200%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D |
|
.ambiliarcarwin.com/ | Name: bf9f2710-0a11-47fd-9404-6a6b7149550b-v4 Value: CjFewhZqAm7W4vnvqxZkg9hr9Zuu4WDa1aybN6F-I-Y |
|
.ambiliarcarwin.com/ | Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22woin047q9elddetf2ilk78ha%22%2C%22caid%22%3A%22bf9f2710-0a11-47fd-9404-6a6b7149550b%22%7D |
|
.americascardroom.eu/ | Name: __cf_bm Value: 6tBj_uqPGCEcvRz9xJtX6McpIEcfQ3F0kAPUzOzjFKA-1651618032-0-AbAH85b2AS7eLiGg6bF5fLcJ8CL8Iwhsu38xkdPUBPzGiUE490W+RR7tD1g2arl6lrDtOqvDJU+amKDrPaPngxI= |
|
.americascardroom.eu/ | Name: _ga Value: GA1.2.1356737192.1651618033 |
|
.americascardroom.eu/ | Name: _gid Value: GA1.2.200312418.1651618033 |
|
.americascardroom.eu/ | Name: _gat_UA-36534718-33 Value: 1 |
|
.americascardroom.eu/ | Name: _vwo_uuid_v2 Value: D74EA9642AD30F58D34A2C86BD98D2FEA|ba4fa48a6b0b56a6b1a071ee8addfe0e |
|
.americascardroom.eu/ | Name: _vis_opt_s Value: 1%7C |
|
.americascardroom.eu/ | Name: _vis_opt_test_cookie Value: 1 |
|
.americascardroom.eu/ | Name: _vwo_uuid Value: D74EA9642AD30F58D34A2C86BD98D2FEA |
|
.americascardroom.eu/ | Name: _vwo_sn Value: 0%3A1 |
|
.americascardroom.eu/ | Name: _hjSessionUser_822961 Value: eyJpZCI6IjNmZTllYWY5LWFlNzUtNTRlMi1iZjgwLWJmMWE1ZTJlZmRhNCIsImNyZWF0ZWQiOjE2NTE2MTgwMzI4MDUsImV4aXN0aW5nIjpmYWxzZX0= |
|
.americascardroom.eu/ | Name: _hjFirstSeen Value: 1 |
|
www.americascardroom.eu/ | Name: _hjIncludedInSessionSample Value: 1 |
|
.americascardroom.eu/ | Name: _hjSession_822961 Value: eyJpZCI6IjZkYTVjOGE2LTFmMmMtNDE0Yi1iMzZkLTkxZWQxOTZmZTQ3MiIsImNyZWF0ZWQiOjE2NTE2MTgwMzI5MDEsImluU2FtcGxlIjp0cnVlfQ== |
|
www.americascardroom.eu/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.americascardroom.eu/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
|
.americascardroom.eu/ | Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241651618032%3A49.28393549%3A%3A%3A72_0%2C71_0%3A0 |
|
.americascardroom.eu/ | Name: LPVID Value: EzNDVkMmZkYzBiMWVlYmMw |
|
.americascardroom.eu/ | Name: LPSID-90637832 Value: vyrh1MY2SgasRtaRYD5WNQ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accdn.lpsnmedia.net
ajax.googleapis.com
ambiliarcarwin.com
cdnjs.cloudflare.com
dev.visualwebsiteoptimizer.com
in.hotjar.com
lo.v.liveperson.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
maxcdn.bootstrapcdn.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
syndication.realsrv.com
tracking.wpnetwork.eu
vars.hotjar.com
vc.hotjar.io
www.americascardroom.eu
www.google-analytics.com
www.googletagmanager.com
104.16.209.45
178.249.97.70
208.89.12.153
208.89.12.90
208.89.12.91
2606:4700::6811:180e
2606:4700::6811:273e
2606:4700::6812:bcf
2607:f8b0:4004:c09::9d
2607:f8b0:4006:816::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:821::200e
34.207.32.33
34.96.102.137
52.85.61.100
52.85.61.14
52.85.61.25
52.85.61.35
54.77.142.136
68.169.106.40
02a91fbf4b416737f5a8a17ea98accb4b3bf4ab7cfaeb085be8d4e70d381d64e
08cffab1dd52321cd190fa23e37cd1483e8a9e19b366fe0e9436a304ab476798
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0eebda397fab4fbfe3f8d84a421480148e99d09b977b51a98e2268c1751037a0
106afbda6af4bef27e44941c6db5ae9a9a620c310cb0c8c19a560f014274bbb7
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
1afa8c0a4c6ebcace1e31aa3e6aa4a6f2f625a7ca6729abaee8c300dcd5ef663
1f22672d08cb2937b8bfcfca881b95700ee2a6cc3cf47dffb1d7eca1d36ae04e
1f29b7b017adc79c2a93681253f0a9fcfd27981df40eb78ef1b73c96aeb474f3
2835a124d631ee75116fa37567387bf85c75fbfce1285cf75315505dcffde2e1
2db4ce7789844e318b8b454bb39a49eb0a0fcba1b7feeab71cefcbc6b2014c62
2dba3270519c4525e721a95313761dc950b3e7112566c04ff271aa9bf6c7de27
31cd7d985316c33487a5cbf0be67fc464f3915e016ff547cf32e10ae22e4b093
3c7d175b20fa3f86b1ac64faf2e638bb95d77382508328c05472314409642142
3f64448a89bf718b69caa40b8f8f231446a5c56fe22481b389357e5eed160978
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
452bff5d92cb2f2f2be607e244dbe58c196aab032b341aa8c00671af82a51a46
45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8
46bf8d91ad144c9cb1a314dddd074a85fdd3b28b6f555fb8933a2f55c23adee0
4b8bae21677070f7770915a90bf69fca45dfd7b07537e5e44f4f1957d7421fe4
4b97255231bcbadd0fb6ae67b7cf037fdf8a58ca5a82d8dea89f8cec500363b1
4e090f6a578d113e69fe042b81dfcd12c30e05e1b275e75376746712f2138552
52987f413db54b0930213c7be2821c76ab3bf7fd3f6fd6345b16dd89cd4bb3a3
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5f7daeb43279d954ab0a3af21b6d1aaee4ccbcced25adc08c9dff04ca86ba9a4
60fdcc4b7418bdcc34b6eb2f9a037f4e05650bb6186526d9881cb242c9425d4d
61528439e8ceb02e16dc66ea60bc8a01d5dfca7a35bcd293d72e0b1b530fc1bc
66e68db94d902878274336f336ba3afa1ce8357c53946704f78554915291de7e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e84a8e74d5d88b2850f02833042c1650227cd7467e84f4918e05202d4a9ec13
6f0f64faa2c8f7b4d4c0c7610e38117df2a7c9ef970ee1f7f19490f9715cec8e
75acffc3136e7fa7d195314ede0c1ac2d660183b7c6519d9eb58ad1dcaa24954
768ff8600ef91f4dee81a47ccc64cfca89c9acd9fb731dfceb1c2f04b9f00e9a
79b607ed3e1bef902264bd6c94e50ee3a4cf0193d83ffccecc10aa4eb86cad12
7c00eb4c556bbdbf45130d4fb2f23afd85c9a166bede4c6cf9a7debcce4eaf82
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837315ed8a8496514cb53356ed78503e0e2c1dcbd58bf62fcba82ec95248d0a5
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
95db50e723dce28fc4d2490a72ea54d8a23c06dedeafae3db99c8a6bae791b2b
97a4abca0cf571deeacbff9b4ed8ea5056dfdc8f9f6d0aaa29348e7f93be3eef
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
adeae33a5ef14da4fb338380b4a6e6d9d2cac90de95ff89d91e0a71f41f30d7f
b297eb9f5eb2daf7a6a31773a7b9a050a6b558664898939c6b6c8b614d168ac7
b63f89d6dcd110cb478c104f41dcd423b98afb1b3cd889e9daf4a490b023e415
b7ba80b122cf02a6ac4bbcc5d515cedb023d66749fcc9c24e619770d62bf2fb3
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c769f10b51a72470af7bd98fc1ee4dab60e356c2b10b4a65a5429ab394e4ec35
c7d8aac957f7ce42f13d126ef009d78f2693a083ac0e3be836b0689184645d1a
c7fc957c65c9ac85f3c0cd6e597b95277197993246555f672ebf6ce816bd166b
c8d21ad80ea40e776cec9d985bba82da78ae7b796830e66ddcbf559994dccd6d
d9316c316a03461bbc83b5a05f97d12aaf21a3b9956f72ab52925f978d7ddfa7
d95ed4c081ca9fe2506568edb4913aa2c88cba3d34d2787ac1747d77f5bdb4fa
dac35f8e3501ded167fe5871ca6b2d7cad8c25d2eef8fb2f035b124f3b52f800
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e247849fe93f714b90647119d604cebb92fb7038a9a2bc37688cbcd7a0d83a78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96fee26d6a8e41f2b9b2dd6c4f94233bce494fd91d9cd955c2d3b9274ecf835
ebadec282d0e4a79061a76ababe48763dbdb2d57b00180ea2accd5e0bf2021e5
ee9348899c10da79c9f85afeb6d9aacb6b5b7403137a86d5246f151e6ed112e5
f06928c6df5f13835d574b554a84f49863a943b898e2351c64cf9682cc8b9917
f16684f9d90eaf23fa4c85ad8a5deb22ad0d6bf2a5cc3814c9ca1400dc88f8bd
f527c8ecd718837424227d139302123bd59624543ecd82624bfcd3a36dbb8065
f78eb4ce20752da9038c39bf9a72e5be0c5b6b407410b13ce3ada59970809706
fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73