urlscan.io logo urlscan.io
SecurityTrails logo

cadencelenses.shop Open in urlscan Pro
192.25.14.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlz.fr/p2UL
Effective URL: http://cadencelenses.shop/optdown.php?n=6
Submission: On December 30 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 16 domains to perform 32 HTTP transactions. The main IP is 192.25.14.26, located in Naaldwijk, Netherlands and belongs to HOSTROUND-LLC, US. The main domain is cadencelenses.shop.
This is the only time cadencelenses.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 6 192.25.14.26 397666 (HOSTROUND...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 1 2600:9000:211... 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
2 54.38.64.100 16276 (OVH)
32 7
1    2606:4700:3038::6815:ead6 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
2    2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
6    192.25.14.26 (Naaldwijk, Netherlands)

ASN397666 (HOSTROUND-LLC, US)
PTR: cadencelenses.shop
cadencelenses.shop
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ads.themoneytizer.com
1    2600:9000:211e:a800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    2600:9000:218e:8c00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
2    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
Apex Domain
Subdomains		 Transfer
10 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 43722
63 KB
6 cadencelenses.shop
cadencelenses.shop
188 KB
3 urlz.fr
urlz.fr — Cisco Umbrella Rank: 705685
8 KB
2 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 39874
562 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
148 KB
1 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 3926
2 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3555
559 B
0 adleadevent.com Failed
adtrack.adleadevent.com Failed
0 pbstck.com Failed
boot.pbstck.com Failed
0 cpx.to Failed
p.cpx.to Failed
0 quantserve.com Failed
secure.quantserve.com Failed
0 onetag-sys.com Failed
onetag-sys.com Failed
0 leadplace.fr Failed
tag.leadplace.fr Failed
0 criteo.com Failed
gum.criteo.com Failed
0 sascdn.com Failed
ced.sascdn.com Failed
0 google-analytics.com Failed
region1.google-analytics.com Failed
32 16
Domain Requested by
10 ads.themoneytizer.com urlz.fr
ads.themoneytizer.com
6 cadencelenses.shop 3 redirects urlz.fr
3 urlz.fr 1 redirects urlz.fr
2 c.tmyzer.com ads.themoneytizer.com
2 www.googletagmanager.com urlz.fr
www.googletagmanager.com
1 cmp.inmobi.com cmp.quantcast.com
1 cmp.quantcast.com 1 redirects
0 adtrack.adleadevent.com Failed ads.themoneytizer.com
0 boot.pbstck.com Failed ads.themoneytizer.com
0 p.cpx.to Failed ads.themoneytizer.com
0 secure.quantserve.com Failed ads.themoneytizer.com
0 onetag-sys.com Failed ads.themoneytizer.com
0 tag.leadplace.fr Failed ads.themoneytizer.com
0 gum.criteo.com Failed ads.themoneytizer.com
0 ced.sascdn.com Failed ads.themoneytizer.com
0 region1.google-analytics.com Failed www.googletagmanager.com
32 16

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.tmyzer.com
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
1266287590.rsc.cdn77.org
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://cadencelenses.shop/optdown.php?n=6
Frame ID: 8C0658EC593BB89DA64C4640FD08520B
Requests: 29 HTTP requests in this frame

Frame: http://cadencelenses.shop/optdown.php?n=5
Frame ID: 8ECEAEF5DBDCCC50EA475CA7C97182C4
Requests: 1 HTTP requests in this frame

Frame: http://cadencelenses.shop/optdown.php?n=8
Frame ID: 5A7B2551D9ACBC7F7FC5DC61B91EDE4B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1703973778273
Frame ID: AC0B446C78039167783F4A0C4311DFC4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Email Subscription

Page URL History Show full URLs

  1. https://urlz.fr/p2UL HTTP 301
    http://urlz.fr/p2UL Page URL
  2. http://cadencelenses.shop/xWIOKTEx1GSG3b4EXYL4b7dYr4a3a3b7Qb1jf6n1wkb8lW2dyqc7k HTTP 302
    http://cadencelenses.shop/optdown.php?n=6 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js

Page Statistics

32
Requests

25 %
HTTPS

75 %
IPv6

16
Domains

16
Subdomains

7
IPs

4
Countries

408 kB
Transfer

1632 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlz.fr/p2UL HTTP 301
    http://urlz.fr/p2UL Page URL
  2. http://cadencelenses.shop/xWIOKTEx1GSG3b4EXYL4b7dYr4a3a3b7Qb1jf6n1wkb8lW2dyqc7k HTTP 302
    http://cadencelenses.shop/optdown.php?n=6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://urlz.fr/p2UL HTTP 301
  • http://urlz.fr/p2UL
Request Chain 2
  • http://cadencelenses.shop/xWIOKTEx1GSG3b4EXYL4b7dYr4a3a3b7Qb1jf6n1wkb8lW2dyqc7k HTTP 302
  • http://cadencelenses.shop/optdown.php?n=5
Request Chain 10
  • https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP 301
  • https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Request Chain 17
  • http://cadencelenses.shop/xWIOKTEx1GSG3b4EXYL4b7dYr4a3a3b7Qb1jf6n1wkb8lW2dyqc7k HTTP 302
  • http://cadencelenses.shop/optdown.php?n=8

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
p2UL
urlz.fr/
Redirect Chain
  • https://urlz.fr/p2UL
  • http://urlz.fr/p2UL
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/p2UL
Protocol
HTTP/1.1
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5973c050d947fbeb84ef450cda80e0975ff24b56c05d4a042fe4b2ae39653890

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
83dd91f02c3e6f0a-CDG
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Dec 2023 22:02:57 GMT
Expires
Sat, 30 Dec 2023 22:03:57 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFlc4FxIqx3%2FCl2VeKaYZ%2BVLQv37QOA7uLbHUyK%2FcacMOtEy5ZdC98oxtOd4GMRqHY0UGgoAUDY2CVLfnn0CrpgsSs3hMh1v6G750p%2FVUqZgDcdipBC%2Bq3xkO8g4ttwwQA0tpZzo"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-FastCGI-Cache
MISS
alt-svc
h3=":443"; ma=86400

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
83dd91efccc7d642-CDG
content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 22:02:57 GMT
expires
Sat, 30 Dec 2023 22:03:57 GMT
location
http://urlz.fr/p2UL
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfJcOFtRt6ReekGl0fjbq9UJy5AGG7p%2Fd%2BOemDZSgipVKwnpG8GGLkk9bfzInXYL9Mo30Bk4bZBEZKzpuWNSPxd44gm6UzHVhNEUFdbPX4EDcpdmRQQN7Jy81500ibi%2BkQkGWNbJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
HIT
rocket-loader.min.js
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/p2UL
Protocol
HTTP/1.1
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/p2UL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 22:02:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 19 Dec 2023 14:09:38 GMT
Server
cloudflare
ETag
W/"6581a422-302c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWh%2BUTVBf0Yo4J8TmTULzLLlDIvSEo0vkilN7LIEyxxdqbnhM2Hyui9eocXG1qFay1Ji2ziAsimG84PCIaf6gdmKlDbO1DBv%2FazEoSyA%2F3EC9Mljfl1kuwWbNDT36tTDHEOH1%2BgP"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
83dd91f06ca06f0a-CDG
Expires
Mon, 01 Jan 2024 22:02:57 GMT
optdown.php
cadencelenses.shop/ Frame 8ECE
Redirect Chain
  • http://cadencelenses.shop/xWIOKTEx1GSG3b4EXYL4b7dYr4a3a3b7Qb1jf6n1wkb8lW2dyqc7k
  • http://cadencelenses.shop/optdown.php?n=5
251 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cadencelenses.shop/optdown.php?n=5
Requested by
Host: urlz.fr
URL: http://urlz.fr/p2UL
Protocol
HTTP/1.1
Server
192.25.14.26 Naaldwijk, Netherlands, ASN397666 (HOSTROUND-LLC, US),
Reverse DNS
cadencelenses.shop
Software
nginx / PHP/5.4.16
Resource Hash
9d6b0aeec8924eac9b923f3a3a4b64524391377668fba65add385bf2b41b1020

Request headers

Referer
http://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 30 Dec 2023 22:02:58 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.16

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sat, 30 Dec 2023 22:02:58 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
location
http://cadencelenses.shop/optdown.php?n=5
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2dea86cbef3ea8afa6b0489049f8989ae2c770515e2a52a34af8a1bfcade2662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 22:02:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69053
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Dec 2023 22:02:58 GMT
requestform.js
ads.themoneytizer.com/s/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5d2faa51bcb0191ca5517403a2503f22ab76fedfb72f97ba13b3dfd8a5e443b2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Sat, 30 Dec 2023 22:02:58 GMT
Content-Encoding
gzip
X-Age-LB
140316
Transfer-Encoding
chunked
X-77-Cache
HIT
Connection
keep-alive
X-Accel-Date
1703833462
X-77-NZT
EgwBw7WqEQH3HCQCAAwBJRPCLgH3axsAAA
X-Accel-Expires
@1704431243
X-77-Age
147335
X-Cache-LB
HIT
Server
CDN77-Turbo
X-77-NZT-Ray
4c15622415471b5d92939065a3317202
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
gen.js
ads.themoneytizer.com/s/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Sat, 30 Dec 2023 22:02:58 GMT
Content-Encoding
gzip
X-Age-LB
147362
Transfer-Encoding
chunked
X-77-Cache
HIT
Connection
keep-alive
X-Accel-Date
1703826416
X-77-NZT
EgwBw7WqEQH3oj8CAAwBJRPCMQH3CQAAAA
X-Accel-Expires
@1704431207
X-77-Age
147371
X-Cache-LB
HIT
Server
CDN77-Turbo
X-77-NZT-Ray
4c15622424561a5d929390650f357002
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
requestform.js
ads.themoneytizer.com/s/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9ad0bc30b41dd6ad00fe80dec7dd49ebe4518cb3902da37343eb972652d63727

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Sat, 30 Dec 2023 22:02:58 GMT
Content-Encoding
gzip
X-Age-LB
141143
Transfer-Encoding
chunked
X-77-Cache
HIT
Connection
keep-alive
X-Accel-Date
1703832635
X-77-NZT
EgwBw7WqEQH3VycCAAwB1GY4mQH3MBgAAA
X-Accel-Expires
@1704431243
X-77-Age
147335
X-Cache-LB
HIT
Server
CDN77-Turbo
X-77-NZT-Ray
4c156224ea441f5d929390658fdd6f02
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
gen.js
ads.themoneytizer.com/s/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Sat, 30 Dec 2023 22:02:58 GMT
Content-Encoding
gzip
X-Age-LB
147357
Transfer-Encoding
chunked
X-77-Cache
HIT
Connection
keep-alive
X-Accel-Date
1703826421
X-77-NZT
EgwBw7WqEQH3nT8CAAwBJRPCMQH3DgAAAA
X-Accel-Expires
@1704431207
X-77-Age
147371
X-Cache-LB
HIT
Server
CDN77-Turbo
X-77-NZT-Ray
4c156224b4501c5d9293906549cd6e02
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
requestform.js
ads.themoneytizer.com/s/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f6563ac04ade0d9f3a00521865e0be2931c810eece342b69746a85ac68624536

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Sat, 30 Dec 2023 22:02:58 GMT
Content-Encoding
gzip
X-Age-LB
139335
Transfer-Encoding
chunked
X-77-Cache
HIT
Connection
keep-alive
X-Accel-Date
1703834443
X-77-NZT
EgwBw7WqEQH3RyACAAwBJRPCLgH3QB8AAA
X-Accel-Expires
@1704431243
X-77-Age
147335
X-Cache-LB
HIT
Server
CDN77-Turbo
X-77-NZT-Ray
4c156224b4501d5d9293906531347702
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
gen.js
ads.themoneytizer.com/s/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Sat, 30 Dec 2023 22:02:58 GMT
Content-Encoding
gzip
X-Age-LB
147357
Transfer-Encoding
chunked
X-77-Cache
HIT
Connection
keep-alive
X-Accel-Date
1703826421
X-77-NZT
EgwBw7WqEQH3nT8CAAwB1GY4CQH3EQAAAA
X-Accel-Expires
@1704431204
X-77-Age
147374
X-Cache-LB
HIT
Server
CDN77-Turbo
X-77-NZT-Ray
4c15622424561e5d92939065d0927a02
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
choice.js
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
Redirect Chain
  • https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
  • https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Protocol
H2
Server
2600:9000:218e:8c00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 22:02:35 GMT
content-encoding
br
via
1.1 25ad1b0937f8931040e6831f872b7398.cloudfront.net (CloudFront)
last-modified
Wed, 22 Nov 2023 13:52:21 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P1
age
25
x-amz-server-side-encryption
AES256
etag
W/"ec43dec37a4eaf8ca7b754d3aee53c47"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
nA_9K6F1pV_t0RhuI2XF3KjKJiZGVnjH6uLCAnTJbNXJVoePf8xyMw==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
date
Sat, 30 Dec 2023 22:02:56 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 20:03:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
3
etag
"408e9e32ff11d19e90e67eb67eb171dc"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
location
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
pE9qtgScMW0F_6iwWBHG4VHUVTXKozdmJdpYrKkeX9x1hE7f685RMQ==
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 22:02:58 GMT
server
nginx
x-iplb-request-id
253BA46E:AD02_36264064:01BB_65909392_34E09708:0BB8
x-iplb-instance
58123
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
requestform3.js
ads.themoneytizer.com/s/ 		107 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt
EgwBw7WqEQH3VycCAAwB1GY4CQH3JxgAAA
x-accel-expires
@1704431252
date
Sat, 30 Dec 2023 22:02:58 GMT
content-encoding
gzip
x-77-age
147326
x-cache-lb
HIT
server
CDN77-Turbo
x-age-lb
141143
x-77-pop
frankfurtDE
x-77-nzt-ray
4c156224b55c276092939065fb96200c
vary
Accept-Encoding
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
x-accel-date
1703832635
/
c.tmyzer.com/c/ 		0
0
requestform3.js
ads.themoneytizer.com/s/ 		106 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=28
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt
EgwBw7WqEQH3VicCAAwBJRPCMQH3KBgAAA
x-accel-expires
@1704431252
date
Sat, 30 Dec 2023 22:02:58 GMT
content-encoding
gzip
x-77-age
147326
x-cache-lb
HIT
server
CDN77-Turbo
x-age-lb
141142
x-77-pop
frankfurtDE
x-77-nzt-ray
4c156224b55c2760929390657fa0270c
vary
Accept-Encoding
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
x-accel-date
1703832636
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 22:02:58 GMT
server
nginx
x-iplb-request-id
253BA46E:AD08_36264064:01BB_65909392_27BC75B7:3F43
x-iplb-instance
57933
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
requestform3.js
ads.themoneytizer.com/s/ 		106 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-nzt
EgwBw7WqEQH3VycCAAwB1GY4AQH3JhgAAA
x-accel-expires
@1704431253
date
Sat, 30 Dec 2023 22:02:58 GMT
content-encoding
gzip
x-77-age
147325
x-cache-lb
HIT
server
CDN77-Turbo
x-age-lb
141143
x-77-pop
frankfurtDE
x-77-nzt-ray
4c156224b55c27609293906530cd2c0c
vary
Accept-Encoding
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
x-accel-date
1703832635
optdown.php
cadencelenses.shop/ Frame 5A7B
Redirect Chain
  • http://cadencelenses.shop/xWIOKTEx1GSG3b4EXYL4b7dYr4a3a3b7Qb1jf6n1wkb8lW2dyqc7k
  • http://cadencelenses.shop/optdown.php?n=8
252 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cadencelenses.shop/optdown.php?n=8
Requested by
Host: urlz.fr
URL: http://urlz.fr/p2UL
Protocol
HTTP/1.1
Server
192.25.14.26 Naaldwijk, Netherlands, ASN397666 (HOSTROUND-LLC, US),
Reverse DNS
cadencelenses.shop
Software
nginx / PHP/5.4.16
Resource Hash
e81107eb3cebea4408c4c7f08d5e1ce6e93ca878bf68f2e976813c1a7f9bb31f

Request headers

Referer
http://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 30 Dec 2023 22:02:58 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.16

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sat, 30 Dec 2023 22:02:58 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
location
http://cadencelenses.shop/optdown.php?n=8
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YETLCG4WNK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
884e7c2c3e835522893bcaa661496e780ddc7ba17496352f2db3228b5c763be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 22:02:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81735
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Dec 2023 22:02:58 GMT
Primary Request optdown.php
cadencelenses.shop/
Redirect Chain
  • http://cadencelenses.shop/xWIOKTEx1GSG3b4EXYL4b7dYr4a3a3b7Qb1jf6n1wkb8lW2dyqc7k
  • http://cadencelenses.shop/optdown.php?n=6
251 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cadencelenses.shop/optdown.php?n=6
Requested by
Host: urlz.fr
URL: http://urlz.fr/p2UL
Protocol
HTTP/1.1
Server
192.25.14.26 Naaldwijk, Netherlands, ASN397666 (HOSTROUND-LLC, US),
Reverse DNS
cadencelenses.shop
Software
nginx / PHP/5.4.16
Resource Hash
eb576d6395c30bd3f63d4e9a0363904dbbb07d7bc0d046d699a193d6cd18a9bc

Request headers

Referer
http://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 30 Dec 2023 22:02:58 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.16

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sat, 30 Dec 2023 22:02:58 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
location
http://cadencelenses.shop/optdown.php?n=6
collect
region1.google-analytics.com/g/ 		0
0
smart.js
ced.sascdn.com/tag/1097/ 		0
0
sync
gum.criteo.com/ 		0
0
libJsLP.js
tag.leadplace.fr/ 		0
0
/
onetag-sys.com/usync/ Frame AC0B 		0
0
quant.js
secure.quantserve.com/ 		0
0
px.js
p.cpx.to/p/12773/ 		0
0
d086759d-86af-4b34-852b-bb5d4c87aa38
boot.pbstck.com/v1/tag/ 		0
0
mailNotification.php
adtrack.adleadevent.com/ 		0
0
prebid.js
ads.themoneytizer.com/moneybid8_17/build/dist/ 		99 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Dec 2023 22:02:58 GMT
content-encoding
gzip
x-age-lb
60935
x-77-cache
HIT
x-accel-date
1703912843
x-77-nzt
EgwBw7WqEQH3B+4AAAwBJRPCLgH3FwAAAA
pragma
public
x-accel-expires
@1703999242
x-cache-lb
HIT
x-77-age
60958
last-modified
Mon, 30 Oct 2023 21:04:41 GMT
server
CDN77-Turbo
x-77-nzt-ray
4c156224b55c276092939065708ad510
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 30 Dec 2023 05:06:45 GMT
lib_fs_close.js
ads.themoneytizer.com/ 		0
0
cmp2.js
cmp.inmobi.com/tcfv2/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.tmyzer.com
URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=99
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YETLCG4WNK&gtm=45je3bt0v9135308222&_p=1703973778151&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1613211938.1703973778&ul=en-us&sr=1600x1200&ir=1&_eu=EAAI&_s=1&sid=1703973778&sct=1&seg=0&dl=http%3A%2F%2Furlz.fr%2Fp2UL&dt=Email%20Subscription&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=430
Domain
ced.sascdn.com
URL
https://ced.sascdn.com/tag/1097/smart.js
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Domain
tag.leadplace.fr
URL
https://tag.leadplace.fr/libJsLP.js
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1703973778273
Domain
secure.quantserve.com
URL
https://secure.quantserve.com/quant.js
Domain
p.cpx.to
URL
https://p.cpx.to/p/12773/px.js
Domain
boot.pbstck.com
URL
https://boot.pbstck.com/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Domain
adtrack.adleadevent.com
URL
https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Domain
ads.themoneytizer.com
URL
https://ads.themoneytizer.com/lib_fs_close.js
Domain
cmp.inmobi.com
URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery111307344337674401704

2 Cookies

Domain/Path Name / Value
.urlz.fr/ Name: _ga_YETLCG4WNK
Value: GS1.1.1703973778.1.0.1703973778.0.0.0
.urlz.fr/ Name: _ga
Value: GA1.1.1613211938.1703973778

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
boot.pbstck.com
c.tmyzer.com
cadencelenses.shop
ced.sascdn.com
cmp.inmobi.com
cmp.quantcast.com
gum.criteo.com
onetag-sys.com
p.cpx.to
region1.google-analytics.com
secure.quantserve.com
tag.leadplace.fr
urlz.fr
www.googletagmanager.com
ads.themoneytizer.com
adtrack.adleadevent.com
boot.pbstck.com
c.tmyzer.com
ced.sascdn.com
cmp.inmobi.com
gum.criteo.com
onetag-sys.com
p.cpx.to
region1.google-analytics.com
secure.quantserve.com
tag.leadplace.fr
192.25.14.26
2600:9000:211e:a800:9:46dc:4700:93a1
2600:9000:218e:8c00:1b:cadc:ef40:93a1
2606:4700:3038::6815:ead6
2606:4700:3038::6815:ead7
2a00:1450:4001:80b::2008
2a02:6ea0:c700::19
54.38.64.100
2dea86cbef3ea8afa6b0489049f8989ae2c770515e2a52a34af8a1bfcade2662
5973c050d947fbeb84ef450cda80e0975ff24b56c05d4a042fe4b2ae39653890
5d2faa51bcb0191ca5517403a2503f22ab76fedfb72f97ba13b3dfd8a5e443b2
884e7c2c3e835522893bcaa661496e780ddc7ba17496352f2db3228b5c763be3
9ad0bc30b41dd6ad00fe80dec7dd49ebe4518cb3902da37343eb972652d63727
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
9d6b0aeec8924eac9b923f3a3a4b64524391377668fba65add385bf2b41b1020
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81107eb3cebea4408c4c7f08d5e1ce6e93ca878bf68f2e976813c1a7f9bb31f
eb576d6395c30bd3f63d4e9a0363904dbbb07d7bc0d046d699a193d6cd18a9bc
f6563ac04ade0d9f3a00521865e0be2931c810eece342b69746a85ac68624536