urlscan.io logo urlscan.io
SecurityTrails logo

www.finilemaldedos.com Open in urlscan Pro
2606:4700:30::6812:29f9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://liens.toutsurlesabdos.com/a/262/click/8168101/742173912/_f881ebea29dfa6779941822eb36c14bebd580af1/85ce8a2e37113f2d0a299273...
Effective URL: https://www.finilemaldedos.com/?hop=frenchabs
Submission: On August 11 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 2606:4700:30::6812:29f9, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.finilemaldedos.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 5th 2018. Valid for: a year.
This is the only time www.finilemaldedos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.238.129.105 15169 (GOOGLE)
2 2 35.163.224.225 16509 (AMAZON-02)
10 2606:4700:30:... 13335 (CLOUDFLAR...)
1 205.185.208.52 20446 (HIGHWINDS3)
1 35.162.141.200 16509 (AMAZON-02)
2 159.122.87.148 36351 (SOFTLAYER)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.230.95.154 16509 (AMAZON-02)
21 8
1    35.238.129.105 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 105.129.238.35.bc.googleusercontent.com
liens.toutsurlesabdos.com
2    35.163.224.225 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-163-224-225.us-west-2.compute.amazonaws.com
frenchabs.btlifefra.hop.clickbank.net
10    2606:4700:30::6812:29f9 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.finilemaldedos.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
1    35.162.141.200 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-162-141-200.us-west-2.compute.amazonaws.com
cbtb.clickbank.net
2    159.122.87.148 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
3    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
1    54.230.95.154 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-154.fra2.r.cloudfront.net
prod.cbstatic.net
Domain Requested by
10 www.finilemaldedos.com www.finilemaldedos.com
3 www.google-analytics.com www.finilemaldedos.com
www.google-analytics.com
2 www.youtube.com www.finilemaldedos.com
s.ytimg.com
2 dev.visualwebsiteoptimizer.com www.finilemaldedos.com
2 frenchabs.btlifefra.hop.clickbank.net 2 redirects
1 prod.cbstatic.net cbtb.clickbank.net
1 s.ytimg.com www.youtube.com
1 cbtb.clickbank.net www.finilemaldedos.com
1 code.jquery.com www.finilemaldedos.com
1 liens.toutsurlesabdos.com 1 redirects
21 10

This site contains links to these domains. Also see Links.

Domain
btlifefra.pay.clickbank.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-11-05 -
2019-11-05		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.clickbank.net
Amazon		 2019-06-23 -
2020-07-23		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.cbstatic.net
Amazon		 2018-12-12 -
2020-01-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.finilemaldedos.com/?hop=frenchabs
Frame ID: 786FF35D26E2BDA7A099B523A72B8977
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NhfUJnIWGhA?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.finilemaldedos.com&widgetid=1
Frame ID: D3310FD905B95D639D18763B90D67327
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://liens.toutsurlesabdos.com/a/262/click/8168101/742173912/_f881ebea29dfa6779941822eb36c14bebd580af1/85ce... HTTP 302
    http://frenchabs.btlifefra.hop.clickbank.net/?tid=btlife01 HTTP 301
    http://frenchabs.btlifefra.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fwww.finilemaldedos.com%3Fhop%3Dfrenchabs&hstr=... HTTP 301
    https://www.finilemaldedos.com/?hop=frenchabs Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:Start|End) Visual Website Optimizer A?Synchronous Code -->/i
  • script /dev\.visualwebsiteoptimizer\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

8
IPs

2
Countries

1416 kB
Transfer

1697 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://liens.toutsurlesabdos.com/a/262/click/8168101/742173912/_f881ebea29dfa6779941822eb36c14bebd580af1/85ce8a2e37113f2d0a2992730ad2a92677f73b77 HTTP 302
    http://frenchabs.btlifefra.hop.clickbank.net/?tid=btlife01 HTTP 301
    http://frenchabs.btlifefra.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fwww.finilemaldedos.com%3Fhop%3Dfrenchabs&hstr=1565526594064%7Cfrenchabs.btlife01%7C%7C7cf846bd-8691-4500-8962-39b0c0971126%7C%7Cbtlifefra&code=%7B%7D&key=BCDC154E&parms=&s=default&ds=2&ts=01.C4CE0B4E0C0D1FACCB61C89544EC7331D18EFFE8 HTTP 301
    https://www.finilemaldedos.com/?hop=frenchabs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.finilemaldedos.com/
Redirect Chain
  • http://liens.toutsurlesabdos.com/a/262/click/8168101/742173912/_f881ebea29dfa6779941822eb36c14bebd580af1/85ce8a2e37113f2d0a2992730ad2a92677f73b77
  • http://frenchabs.btlifefra.hop.clickbank.net/?tid=btlife01
  • http://frenchabs.btlifefra.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fwww.finilemaldedos.com%3Fhop%3Dfrenchabs&hstr=1565526594064%7Cfrenchabs.btlife01%7C%7C7cf846bd-8691-4500-8962-39b0c0971126...
  • https://www.finilemaldedos.com/?hop=frenchabs
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.30
Resource Hash
4dfd639f29f03f2d16e3f250adff6d020564d7542e329d4a6b6e517569fcb3df

Request headers

:method
GET
:authority
www.finilemaldedos.com
:scheme
https
:path
/?hop=frenchabs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 11 Aug 2019 12:29:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d57716b256a6b55220226461741c402731565526594; expires=Mon, 10-Aug-20 12:29:54 GMT; path=/; domain=.finilemaldedos.com; HttpOnly
x-powered-by
PHP/5.6.30
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
504a37bfcf65c2fe-FRA
content-encoding
br

Redirect headers

Cache-Control
no-store
Content-Type
text/html;charset=UTF-8
Date
Sun, 11 Aug 2019 12:29:54 GMT
Expires
0
Location
https://www.finilemaldedos.com?hop=frenchabs
P3P
CP="ADM OUR IND COM"
Pragma
no-cache
Server
Apache
Content-Length
0
Connection
keep-alive
bootstrap.css
www.finilemaldedos.com/css/ 		143 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.finilemaldedos.com/css/bootstrap.css
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jun 2018 11:32:16 GMT
server
cloudflare
age
1035
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
504a37c32ca4c2fe-FRA
expires
Sun, 11 Aug 2019 16:29:55 GMT
custom.css
www.finilemaldedos.com/css/ 		3 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.finilemaldedos.com/css/custom.css?v=1.5%20type=
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
048f25ad4488860643e5bb68b55c53890250e0bb0479f7f2e8dc26b161a43e26

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Feb 2019 14:58:50 GMT
server
cloudflare
age
1035
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
504a37c32ca7c2fe-FRA
expires
Sun, 11 Aug 2019 16:29:55 GMT
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
Origin
https://www.finilemaldedos.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 11 Aug 2019 12:29:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:18:54 GMT
Server
nginx
ETag
W/"573f46fe-17b8b"
Vary
Accept-Encoding
X-HW
1565526595.dop002.fr8.shc,1565526595.dop002.fr8.t,1565526595.cds139.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33738
jquery.glue.css
www.finilemaldedos.com/css/ 		3 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.finilemaldedos.com/css/jquery.glue.css
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cbf7a3d6926d9defe2566acd93688f9a8c4e4f50fe63b1a4fbc5dc615192496

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Nov 2018 09:51:50 GMT
server
cloudflare
age
1035
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
504a37c32ca8c2fe-FRA
expires
Sun, 11 Aug 2019 16:29:55 GMT
jquery.glue.min.js
www.finilemaldedos.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.finilemaldedos.com/js/jquery.glue.min.js
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f432618c60493b36aa1dfb1a540de1f961026c3f7a96c45979f17ec8a1d42b6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Jul 2018 09:27:04 GMT
server
cloudflare
age
1035
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
504a37c32cacc2fe-FRA
expires
Sun, 11 Aug 2019 16:29:55 GMT
speaker-on.png
www.finilemaldedos.com/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.finilemaldedos.com/images/speaker-on.png
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6880ca68988eb305a227966d09453f15be4be471f0a7a9223a4e7bd55c89b39

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Oct 2018 12:02:14 GMT
server
cloudflare
age
1035
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
504a37c32cafc2fe-FRA
content-length
36863
expires
Sun, 11 Aug 2019 16:29:55 GMT
button1.jpg
www.finilemaldedos.com/images/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.finilemaldedos.com/images/button1.jpg
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed641b2f5f7cdf8f1dcb0a3bc836524726c25b79d81c993492924d48019dfc55

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Jun 2018 11:37:05 GMT
server
cloudflare
age
1035
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
504a37c32cb1c2fe-FRA
content-length
120490
expires
Sun, 11 Aug 2019 16:29:55 GMT
/
cbtb.clickbank.net/ 		936 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbtb.clickbank.net/?vendor=btlifefra
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.141.200 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-162-141-200.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 11 Aug 2019 12:29:55 GMT
Cache-Control
max-age=900, no-cache="set-cookie"
Server
Apache
Connection
keep-alive
Content-Length
936
Content-Type
text/javascript;charset=UTF-8
j.php
dev.visualwebsiteoptimizer.com/ 		901 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=54472&u=https%3A%2F%2Fwww.finilemaldedos.com%2F%3Fhop%3Dfrenchabs&r=0.6914975012425353
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
dd1bb9c4ce6ab0f4e1092d81901dd5e3e866c0c8cba3722b52ecf2253fc79846

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 11 Aug 2019 12:29:54 GMT
content-encoding
gzip
server
fra1dacdn
content-type
application/javascript; charset=UTF-8
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
6167
date
Sun, 11 Aug 2019 10:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17724
expires
Sun, 11 Aug 2019 12:47:08 GMT
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=54472&d=finilemaldedos.com&u=DE694201D474D9F559AE53801BB83EA50&h=ccc6f81318da1b6382867c02a661a03d&t=false&r=0.36296689816217276
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Aug 2019 12:29:54 GMT
x-content-type-options
nosniff
server
fra1dacdn
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
js
www.google-analytics.com/gtm/ 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NXXF3HZ&cid=1928590639.1565526595
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f690a972496497262ccccd200baa02b0ec61e9c9ba9bc15e420c38a06e8dc4a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
21819
x-xss-protection
0
expires
Sun, 11 Aug 2019 12:29:55 GMT
pop20.jpg
www.finilemaldedos.com/images/ 		217 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.finilemaldedos.com/images/pop20.jpg
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c94c19f3056f5c891a51ef5d74d1af08fd7cc018de8f43750376edcbb004fa7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Nov 2018 10:05:30 GMT
server
cloudflare
age
1034
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
504a37c3ef50c2fe-FRA
content-length
222059
expires
Sun, 11 Aug 2019 16:29:55 GMT
back1.jpg
www.finilemaldedos.com/images/ 		446 KB
447 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.finilemaldedos.com/images/back1.jpg
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c21f8f4aa37c1e55c9ab145ea7d3f22d8be1622b39797001bb8621c6616b11d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/css/custom.css?v=1.5%20type=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Jun 2018 11:37:03 GMT
server
cloudflare
age
1034
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
504a37c3ef54c2fe-FRA
content-length
456630
expires
Sun, 11 Aug 2019 16:29:55 GMT
fini-le-mal-de-dos.png
www.finilemaldedos.com/images/ 		483 KB
483 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.finilemaldedos.com/images/fini-le-mal-de-dos.png?v=1.5
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:29f9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e580cc2a75b37c44e5017e631f95569f63c908db42ca907467693c117c68b8b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 08:09:45 GMT
server
cloudflare
age
1034
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
504a37c3ef56c2fe-FRA
content-length
494459
expires
Sun, 11 Aug 2019 16:29:55 GMT
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
f46ebe43fe896f9747ba95a8113895e0552bf0fd70bbcf0757f3a30022c6d173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 12:29:55 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j78&a=385680754&t=pageview&_s=1&dl=https%3A%2F%2Fwww.finilemaldedos.com%2F%3Fhop%3Dfrenchabs&ul=en-us&de=UTF-8&dt=Fini%20Le%20Mal%20De%20Dos%20%E2%80%93%20Emily%20Lark&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQ~&jid=1874878897&gjid=221046107&cid=1928590639.1565526595&tid=UA-62882424-22&_gid=1559848252.1565526595&_r=1&z=400675889
Requested by
Host: www.finilemaldedos.com
URL: https://www.finilemaldedos.com/?hop=frenchabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Aug 2019 12:29:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflC6bXIS/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflC6bXIS/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ca7f5426047d10106041f2ffa49170bebdc90004cd78fe7810b42026ff10a630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 11 Aug 2019 10:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8098
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9747
x-xss-protection
0
last-modified
Fri, 09 Aug 2019 21:51:13 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Mon, 19 Aug 2019 10:14:57 GMT
NhfUJnIWGhA
www.youtube.com/embed/ Frame D331 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NhfUJnIWGhA?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.finilemaldedos.com&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflC6bXIS/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/NhfUJnIWGhA?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fwww.finilemaldedos.com&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.finilemaldedos.com/?hop=frenchabs
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.finilemaldedos.com/?hop=frenchabs

Response headers

status
200
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
br
content-type
text/html; charset=utf-8
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 EST
date
Sun, 11 Aug 2019 12:29:55 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=CEhruMqBce8; path=/; domain=.youtube.com; expires=Fri, 07-Feb-2020 12:29:55 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Sun, 11-Aug-2019 12:59:55 GMT YSC=fpYohQwsHWc; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sat, 11-Apr-2020 00:22:55 GMT VISITOR_INFO1_LIVE=CEhruMqBce8; path=/; domain=.youtube.com; expires=Fri, 07-Feb-2020 12:29:55 GMT; httponly
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
injectable.js
prod.cbstatic.net/dist/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=btlifefra
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-154.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.finilemaldedos.com/?hop=frenchabs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| _vwo_code number| settings_timer number| _vwo_settings_timer string| GoogleAnalyticsObject function| ga undefined| b object| vwo_iehack_queue object| google_tag_data object| gaplugins object| gaGlobal function| $ function| jQuery object| cover_tap_bg_img object| tag object| firstScriptTag object| player boolean| youtube function| onYouTubePlayerAPIReady function| loadVimeo function| onPlayerReady boolean| done function| pauseOnce function| onPlayerStateChange function| stopVideo number| img_index object| google_tag_manager object| google_optimize object| gaData object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| jQuery1124044679808343496474

10 Cookies

Domain/Path Name / Value
.youtube.com/ Name: PREF
Value: f1=50000000
.youtube.com/ Name: GPS
Value: 1
www.finilemaldedos.com/ Name: timer_93_vsl
Value: 1
.finilemaldedos.com/ Name: _ga
Value: GA1.2.1928590639.1565526595
.finilemaldedos.com/ Name: _vwo_uuid_v2
Value: DE694201D474D9F559AE53801BB83EA50|ccc6f81318da1b6382867c02a661a03d
.youtube.com/ Name: YSC
Value: fpYohQwsHWc
.finilemaldedos.com/ Name: _gat
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: CEhruMqBce8
.finilemaldedos.com/ Name: _gid
Value: GA1.2.1559848252.1565526595
.finilemaldedos.com/ Name: __cfduid
Value: d57716b256a6b55220226461741c402731565526594

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbtb.clickbank.net
code.jquery.com
dev.visualwebsiteoptimizer.com
frenchabs.btlifefra.hop.clickbank.net
liens.toutsurlesabdos.com
prod.cbstatic.net
s.ytimg.com
www.finilemaldedos.com
www.google-analytics.com
www.youtube.com
159.122.87.148
205.185.208.52
2606:4700:30::6812:29f9
2a00:1450:4001:809::200e
2a00:1450:4001:817::200e
2a00:1450:4001:81a::200e
35.162.141.200
35.163.224.225
35.238.129.105
54.230.95.154
048f25ad4488860643e5bb68b55c53890250e0bb0479f7f2e8dc26b161a43e26
0e580cc2a75b37c44e5017e631f95569f63c908db42ca907467693c117c68b8b
2c94c19f3056f5c891a51ef5d74d1af08fd7cc018de8f43750376edcbb004fa7
2f432618c60493b36aa1dfb1a540de1f961026c3f7a96c45979f17ec8a1d42b6
4c21f8f4aa37c1e55c9ab145ea7d3f22d8be1622b39797001bb8621c6616b11d
4dfd639f29f03f2d16e3f250adff6d020564d7542e329d4a6b6e517569fcb3df
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7cbf7a3d6926d9defe2566acd93688f9a8c4e4f50fe63b1a4fbc5dc615192496
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c
ca7f5426047d10106041f2ffa49170bebdc90004cd78fe7810b42026ff10a630
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
dd1bb9c4ce6ab0f4e1092d81901dd5e3e866c0c8cba3722b52ecf2253fc79846
e6880ca68988eb305a227966d09453f15be4be471f0a7a9223a4e7bd55c89b39
ed641b2f5f7cdf8f1dcb0a3bc836524726c25b79d81c993492924d48019dfc55
f46ebe43fe896f9747ba95a8113895e0552bf0fd70bbcf0757f3a30022c6d173
f690a972496497262ccccd200baa02b0ec61e9c9ba9bc15e420c38a06e8dc4a6