urlscan.io logo urlscan.io
SecurityTrails logo

freshnewest.com Open in urlscan Pro
8.29.152.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tbtrk.xyz/0/0/0/463eed8e3797400fbb54c038aa4362bb/onlyinyourstate/dJ5Q85OGG61EPUUGHM46HC7U/CjBmYWViN2Y5Mi0w...
Effective URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Submission: On September 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 8.29.152.47, located in West Chester, United States and belongs to BEYOND-HOSTING - Beyond Hosting, LLC, US. The main domain is freshnewest.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 11th 2018. Valid for: 3 months.
This is the only time freshnewest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 174.139.202.5 35908 (VPLSNET)
13 8.29.152.47 30152 (BEYOND-HO...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.251.65.156 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
20 6
1    174.139.202.5 (Orange, United States)

ASN35908 (VPLSNET - Krypt Technologies, US)
tbtrk.xyz
13    8.29.152.47 (West Chester, United States)

ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US)
PTR: 8-29-152-47.bhsrv.net
freshnewest.com
1    2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:811::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    34.251.65.156 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-65-156.eu-west-1.compute.amazonaws.com
i.giddyuptrk.com
1    2a00:1450:4001:812::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
3    2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
13 freshnewest.com freshnewest.com
3 fonts.gstatic.com freshnewest.com
1 www.youtube.com freshnewest.com
1 i.giddyuptrk.com freshnewest.com
1 ajax.googleapis.com freshnewest.com
1 fonts.googleapis.com freshnewest.com
1 tbtrk.xyz 1 redirects
20 7

This site contains links to these domains. Also see Links.

Domain
giddyuptrk.com
Subject Issuer Validity Valid
freshnewest.com
cPanel, Inc. Certification Authority		 2018-07-11 -
2018-10-09		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.giddyuptrk.com
AlphaSSL CA - SHA256 - G2		 2018-03-14 -
2019-03-15		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Frame ID: AFCE53C2294556A1AF2BFD295D3F2D88
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gQxr_dkx_IA?showinfo=0&controls=1&autoplay=0&modestbranding=2&rel=0
Frame ID: 94001C7DC4182191838730E37A23F55C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tbtrk.xyz/0/0/0/463eed8e3797400fbb54c038aa4362bb/onlyinyourstate/dJ5Q85OGG61EPUUGHM46H... HTTP 302
    https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

20
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

620 kB
Transfer

814 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tbtrk.xyz/0/0/0/463eed8e3797400fbb54c038aa4362bb/onlyinyourstate/dJ5Q85OGG61EPUUGHM46HC7U/CjBmYWViN2Y5Mi0wZmU2LTRiNjEtYWFkOC1lYzg4NWFhMWM4OGEtdHVjdDI5MjMzZWMSDGlucXVpc2l0ci1zYw HTTP 302
    https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
freshnewest.com/dodow/
Redirect Chain
  • http://tbtrk.xyz/0/0/0/463eed8e3797400fbb54c038aa4362bb/onlyinyourstate/dJ5Q85OGG61EPUUGHM46HC7U/CjBmYWViN2Y5Mi0wZmU2LTRiNjEtYWFkOC1lYzg4NWFhMWM4OGEtdHVjdDI5MjMzZWMSDGlucXVpc2l0ci1zYw
  • https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed / PHP/5.4.40
Resource Hash
d2f37ca0cfdcd7c67c09956896b54ba5c42c192beda8392a338bad2a2c3933d7

Request headers

:method
GET
:authority
freshnewest.com
:scheme
https
:path
/dodow/?1=onlyinyourstate&2=490007&3=580712473
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-powered-by
PHP/5.4.40
content-type
text/html
content-length
5887
content-encoding
gzip
vary
Accept-Encoding
date
Fri, 21 Sep 2018 07:04:19 GMT
accept-ranges
bytes
server
LiteSpeed

Redirect headers

Date
Fri, 21 Sep 2018 07:04:19 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Server
Apache
Set-Cookie
uid694=580712473-20180921030418-ee1a1d06345a3bd15409c1f7660093ae-; path=/
Location
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
css
fonts.googleapis.com/ 		7 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c2ed2a80ababc29d39be8443aa0788233e1550e92d38f1e80fa955d4e196b2d4
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Fri, 21 Sep 2018 07:04:20 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 21 Sep 2018 07:04:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Fri, 21 Sep 2018 07:04:20 GMT
nav1.css
freshnewest.com/dodow/vtc_files/ 		2 KB
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freshnewest.com/dodow/vtc_files/nav1.css
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
e6ee05482a2f8877a4d5e9ecbd69720690f749ce8322a02f39b8aa70a5bf0dfa

Request headers

:path
/dodow/vtc_files/nav1.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
content-encoding
gzip
last-modified
Tue, 13 Mar 2018 22:05:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
664
expires
Fri, 28 Sep 2018 07:04:20 GMT
app.css
freshnewest.com/dodow/vtc_files/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freshnewest.com/dodow/vtc_files/app.css
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
65b02b7a9a181c71abc2126a2ca5f00d566d76f24bd6238a01f009487e3bd97d

Request headers

:path
/dodow/vtc_files/app.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
content-encoding
gzip
last-modified
Wed, 24 Jan 2018 05:54:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2652
expires
Fri, 28 Sep 2018 07:04:20 GMT
bootstrap.css
freshnewest.com/dodow/vtc_files/ 		140 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freshnewest.com/dodow/vtc_files/bootstrap.css
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
0bca3182689a7efe5758e4432a07d5cf018dcfd5ff26d496301e3d4e23e9e388

Request headers

:path
/dodow/vtc_files/bootstrap.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
content-encoding
gzip
last-modified
Wed, 24 Jan 2018 05:54:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
27221
expires
Fri, 28 Sep 2018 07:04:20 GMT
style.css
freshnewest.com/dodow/vtc_files/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freshnewest.com/dodow/vtc_files/style.css
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
e42a19655bcf4fc06cb20d54fe38eb9696cc5799e9a7c4c74178d577cd3dd99f

Request headers

:path
/dodow/vtc_files/style.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
content-encoding
gzip
last-modified
Thu, 08 Mar 2018 16:05:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1586
expires
Fri, 28 Sep 2018 07:04:20 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:811::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 09 Sep 2018 17:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
997857
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
30306
x-xss-protection
1; mode=block
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Sep 2019 17:53:23 GMT
logo.png
freshnewest.com/dodow/vtc_files/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freshnewest.com/dodow/vtc_files/logo.png
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
440abbb41f10fc259c51e5cc7c3b22cffce0c71010312a690f1a008eb0966182

Request headers

:path
/dodow/vtc_files/logo.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
last-modified
Tue, 13 Mar 2018 22:05:43 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33042
expires
Fri, 28 Sep 2018 07:04:20 GMT
f.png
freshnewest.com/dodow/vtc_files/ 		319 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freshnewest.com/dodow/vtc_files/f.png
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
d981edf72c1a7a8d9b78de591ed0548f052f8e254f43906a65a5e25ee65a10df

Request headers

:path
/dodow/vtc_files/f.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
last-modified
Wed, 24 Jan 2018 05:54:44 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
319
expires
Fri, 28 Sep 2018 07:04:20 GMT
t.png
freshnewest.com/dodow/vtc_files/ 		644 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freshnewest.com/dodow/vtc_files/t.png
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
7a2cade0edcf176f9720a7f50b68cf0c9463cd9bea4dd86aef5251c353855c82

Request headers

:path
/dodow/vtc_files/t.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
last-modified
Wed, 24 Jan 2018 05:54:44 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
644
expires
Fri, 28 Sep 2018 07:04:20 GMT
g.png
freshnewest.com/dodow/vtc_files/ 		855 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freshnewest.com/dodow/vtc_files/g.png
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
6613048ad4c5b9cd3cfcaa279e14515985e1be5425aefbaf61c60d88760639c5

Request headers

:path
/dodow/vtc_files/g.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
last-modified
Wed, 24 Jan 2018 05:54:44 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
855
expires
Fri, 28 Sep 2018 07:04:20 GMT
dd1.jpg
freshnewest.com/dodow/vtc_files/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freshnewest.com/dodow/vtc_files/dd1.jpg
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
86d2f42bdc80c5f3356b9707997c65d51c434827f910918852ba075ddece1ca2

Request headers

:path
/dodow/vtc_files/dd1.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
last-modified
Tue, 13 Mar 2018 22:10:10 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
111776
expires
Fri, 28 Sep 2018 07:04:20 GMT
dd2.jpg
freshnewest.com/dodow/vtc_files/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freshnewest.com/dodow/vtc_files/dd2.jpg
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
854cfe206eea2da5b608f6f7e94a585bfc531d281cb7e5f92024bb2e86fc7b91

Request headers

:path
/dodow/vtc_files/dd2.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
last-modified
Tue, 13 Mar 2018 22:21:34 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
89741
expires
Fri, 28 Sep 2018 07:04:20 GMT
dd3.jpg
freshnewest.com/dodow/vtc_files/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freshnewest.com/dodow/vtc_files/dd3.jpg
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
fae8b0cdce9212f6c5f9aab7fb0f65fc485997a8d6e8a7a46c2d276e136261a4

Request headers

:path
/dodow/vtc_files/dd3.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
last-modified
Tue, 13 Mar 2018 22:25:55 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
83820
expires
Fri, 28 Sep 2018 07:04:20 GMT
dd4.jpg
freshnewest.com/dodow/vtc_files/ 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freshnewest.com/dodow/vtc_files/dd4.jpg
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.29.152.47 West Chester, United States, ASN30152 (BEYOND-HOSTING - Beyond Hosting, LLC, US),
Reverse DNS
8-29-152-47.bhsrv.net
Software
LiteSpeed /
Resource Hash
9541cbdde26f7a509b5e6660769ea8ecd5e231d6c6dc3ff6a88960805ef51e8e

Request headers

:path
/dodow/vtc_files/dd4.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
freshnewest.com
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
:scheme
https
:method
GET
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 07:04:20 GMT
last-modified
Tue, 13 Mar 2018 22:25:58 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
216751
expires
Fri, 28 Sep 2018 07:04:20 GMT
/
i.giddyuptrk.com/ 		49 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.giddyuptrk.com/?a=4710&oc=820&c=1268&E=23kV6oRmg5D6ObM3jIBvH9OyeNe2jpkx&s1=SUB_ID
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.65.156 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-251-65-156.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Sep 2018 07:04:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
gQxr_dkx_IA
www.youtube.com/embed/ Frame 9400 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/gQxr_dkx_IA?showinfo=0&controls=1&autoplay=0&modestbranding=2&rel=0
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/gQxr_dkx_IA?showinfo=0&controls=1&autoplay=0&modestbranding=2&rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473

Response headers

status
200
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
content-encoding
gzip
cache-control
no-cache
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
expires
Tue, 27 Apr 1971 19:44:06 EST
strict-transport-security
max-age=31536000
date
Fri, 21 Sep 2018 07:04:20 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=AvPJlX21Lkg; path=/; domain=.youtube.com; expires=Wed, 20-Mar-2019 07:04:20 GMT; httponly YSC=bRd19AQDOb8; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 22-May-2019 18:57:20 GMT VISITOR_INFO1_LIVE=AvPJlX21Lkg; path=/; domain=.youtube.com; expires=Wed, 20-Mar-2019 07:04:20 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Fri, 21-Sep-2018 07:34:20 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aba39538917b175fff6f11826f69f919b890d0214f16dac5d2238e279514bf0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800
Origin
https://freshnewest.com

Response headers

date
Wed, 29 Aug 2018 22:59:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
age
1929880
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8924
x-xss-protection
1; mode=block
expires
Thu, 29 Aug 2019 22:59:40 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800
Origin
https://freshnewest.com

Response headers

date
Sun, 09 Sep 2018 17:53:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:39 GMT
server
sffe
age
997858
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8800
x-xss-protection
1; mode=block
expires
Mon, 09 Sep 2019 17:53:22 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: freshnewest.com
URL: https://freshnewest.com/dodow/?1=onlyinyourstate&2=490007&3=580712473
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800
Origin
https://freshnewest.com

Response headers

date
Sun, 09 Sep 2018 17:53:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
997858
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8892
x-xss-protection
1; mode=block
expires
Mon, 09 Sep 2019 17:53:22 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| dayNames object| monthNames object| now function| PopupCenter object| menu number| menuHeight

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: PREF
Value: f1=50000000
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: bRd19AQDOb8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: AvPJlX21Lkg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
freshnewest.com
i.giddyuptrk.com
tbtrk.xyz
www.youtube.com
174.139.202.5
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
34.251.65.156
8.29.152.47
0bca3182689a7efe5758e4432a07d5cf018dcfd5ff26d496301e3d4e23e9e388
440abbb41f10fc259c51e5cc7c3b22cffce0c71010312a690f1a008eb0966182
65b02b7a9a181c71abc2126a2ca5f00d566d76f24bd6238a01f009487e3bd97d
6613048ad4c5b9cd3cfcaa279e14515985e1be5425aefbaf61c60d88760639c5
7a2cade0edcf176f9720a7f50b68cf0c9463cd9bea4dd86aef5251c353855c82
854cfe206eea2da5b608f6f7e94a585bfc531d281cb7e5f92024bb2e86fc7b91
86d2f42bdc80c5f3356b9707997c65d51c434827f910918852ba075ddece1ca2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9541cbdde26f7a509b5e6660769ea8ecd5e231d6c6dc3ff6a88960805ef51e8e
aba39538917b175fff6f11826f69f919b890d0214f16dac5d2238e279514bf0d
c2ed2a80ababc29d39be8443aa0788233e1550e92d38f1e80fa955d4e196b2d4
d2f37ca0cfdcd7c67c09956896b54ba5c42c192beda8392a338bad2a2c3933d7
d981edf72c1a7a8d9b78de591ed0548f052f8e254f43906a65a5e25ee65a10df
e42a19655bcf4fc06cb20d54fe38eb9696cc5799e9a7c4c74178d577cd3dd99f
e6ee05482a2f8877a4d5e9ecbd69720690f749ce8322a02f39b8aa70a5bf0dfa
fae8b0cdce9212f6c5f9aab7fb0f65fc485997a8d6e8a7a46c2d276e136261a4
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be