favidicaleganii.com
Open in
urlscan Pro
85.17.80.23
Public Scan
Effective URL: https://favidicaleganii.com/click.php?key=xo020rj9esxcl3dn90ri&SUB_ID_SHORT=395be98d8e50c0ed10a491e7f291e478&PLACEMENT_ID=20...
Submission: On April 30 via api from US — Scanned from SG
Summary
TLS certificate: Issued by R3 on March 24th 2024. Valid for: 3 months.
This is the only time favidicaleganii.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 188.166.236.231 188.166.236.231 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 172.67.184.190 172.67.184.190 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 192.243.59.12 192.243.59.12 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 172.67.180.87 172.67.180.87 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 52.74.85.120 52.74.85.120 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.20.66.115 104.20.66.115 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.240.108.68 172.240.108.68 | 7979 (SERVERS-COM) (SERVERS-COM) | |
11 | 192.243.61.225 192.243.61.225 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
2 | 45.133.44.3 45.133.44.3 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
12 | 172.67.141.24 172.67.141.24 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 64.233.170.95 64.233.170.95 | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 172.240.108.76 172.240.108.76 | 7979 (SERVERS-COM) (SERVERS-COM) | |
5 | 85.17.80.23 85.17.80.23 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
4 | 178.162.215.162 178.162.215.162 | 28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10) | |
2 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
83 | 17 |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
tse1.mm.bing.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-85-120.ap-southeast-1.compute.amazonaws.com
proftrafficcounter.com |
Domain | Requested by | |
---|---|---|
12 | cdn.creative-bars1.com |
satisfactorymetalrub.com
abe.msh-niagatelecom.com |
12 | tse1.mm.bing.net |
abe.msh-niagatelecom.com
|
11 | ransomsection.com |
satisfactorymetalrub.com
abe.msh-niagatelecom.com |
8 | abe.msh-niagatelecom.com |
abe.msh-niagatelecom.com
|
5 | favidicaleganii.com |
abe.msh-niagatelecom.com
favidicaleganii.com |
4 | pupspu.com |
favidicaleganii.com
pupspu.com |
3 | disclosestockingsprestigious.com |
1 redirects
abe.msh-niagatelecom.com
pennytugoneself.com |
2 | cdnjs.cloudflare.com |
favidicaleganii.com
|
2 | fonts.googleapis.com |
satisfactorymetalrub.com
|
2 | cdn.barscreative1.com |
satisfactorymetalrub.com
|
2 | proftrafficcounter.com |
satisfactorymetalrub.com
|
1 | pennytugoneself.com |
garukra.com
|
1 | s10.histats.com |
abe.msh-niagatelecom.com
|
1 | downstairsnegotiatebarren.com |
satisfactorymetalrub.com
|
1 | satisfactorymetalrub.com |
abe.msh-niagatelecom.com
|
1 | garukra.com |
abe.msh-niagatelecom.com
|
0 | s4.histats.com Failed |
s10.histats.com
|
83 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
nze0xw.favidicaleganii.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
abe.msh-niagatelecom.com R3 |
2024-04-23 - 2024-07-22 |
3 months | crt.sh |
garukra.com GTS CA 1P5 |
2024-03-12 - 2024-06-10 |
3 months | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 01 |
2024-04-30 - 2024-06-27 |
2 months | crt.sh |
satisfactorymetalrub.com R3 |
2024-04-08 - 2024-07-07 |
3 months | crt.sh |
downstairsnegotiatebarren.com E1 |
2024-03-04 - 2024-06-02 |
3 months | crt.sh |
proftrafficcounter.com Amazon RSA 2048 M02 |
2023-11-21 - 2024-12-19 |
a year | crt.sh |
s10.histats.com E1 |
2024-04-11 - 2024-07-10 |
3 months | crt.sh |
pennytugoneself.com R3 |
2024-03-26 - 2024-06-24 |
3 months | crt.sh |
ransomsection.com R3 |
2024-04-29 - 2024-07-28 |
3 months | crt.sh |
cdn.barscreative1.com R3 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
creative-bars1.com GTS CA 1P5 |
2024-04-15 - 2024-07-14 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
disclosestockingsprestigious.com R3 |
2024-04-29 - 2024-07-28 |
3 months | crt.sh |
favidicaleganii.com R3 |
2024-03-24 - 2024-06-22 |
3 months | crt.sh |
pupspu.com R3 |
2024-03-27 - 2024-06-25 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://favidicaleganii.com/click.php?key=xo020rj9esxcl3dn90ri&SUB_ID_SHORT=395be98d8e50c0ed10a491e7f291e478&PLACEMENT_ID=20050017&CAMPAIGN_ID=874615&PUBLISHER_ID=24973&ZONE_ID=2792733
Frame ID: 400DDEBCB55032D058BFDC2DE92C4892
Requests: 76 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Frame ID: 42AE96F767112298CEDB72676D5FB379
Requests: 4 HTTP requests in this frame
Frame:
https://cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/close.svg
Frame ID: 9CDE9C746D86E987B1BA53DD9D447B93
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
按下允许Page URL History Show full URLs
- https://abe.msh-niagatelecom.com/ Page URL
- https://favidicaleganii.com/click.php?key=xo020rj9esxcl3dn90ri&SUB_ID_SHORT=395be98d8e50c0ed10a491e7f291... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Nuxt.js (JavaScript Frameworks) Expand
Detected patterns
- <div [^>]*id="__nuxt"
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://abe.msh-niagatelecom.com/ Page URL
- https://favidicaleganii.com/click.php?key=xo020rj9esxcl3dn90ri&SUB_ID_SHORT=395be98d8e50c0ed10a491e7f291e478&PLACEMENT_ID=20050017&CAMPAIGN_ID=874615&PUBLISHER_ID=24973&ZONE_ID=2792733 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 66- https://disclosestockingsprestigious.com/watch.1352593895414.js?key=f34a2b077d81aadd3ffab44af1d61e17&kw=%5B%22traveltrove%22%5D&refer=https%3A%2F%2Fabe.msh-niagatelecom.com%2F&tz=8&dev=r&res=14.4127&uuid=824a507b-66f0-4fc5-9cd3-bce1a0a644f7%3A2%3A1 HTTP 307
- https://disclosestockingsprestigious.com/watch.1352593895414.js?dev=r&key=f34a2b077d81aadd3ffab44af1d61e17&kw=%5B%22traveltrove%22%5D&pst=1714485035&refer=https%3A%2F%2Fabe.msh-niagatelecom.com%2F&res=14.4127&rmtc=t&shu=424760b080ac6565e70f0bc3c217cffe85ada6eea82b3d77feb761f7d2f0eea0b15e5e78ddd1002e39afdf427c0c06bb5aace419aa6e80833bdb4fc5ec5681946603500f9911a58115cf4499d283937583f87511949827cbf6a1da81aecb5c912f&tz=8&uuid=824a507b-66f0-4fc5-9cd3-bce1a0a644f7%3A2%3A1
83 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
abe.msh-niagatelecom.com/ |
33 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-exclude.css
abe.msh-niagatelecom.com/assets/devlin/css/ |
20 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
floating.js
garukra.com/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th
tse1.mm.bing.net/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3a785e60028ecc444408788918fd896d.js
satisfactorymetalrub.com/3a/78/5e/ |
43 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-min.js
abe.msh-niagatelecom.com/assets/devlin/js/ |
825 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-regular-cc46322d.woff2
abe.msh-niagatelecom.com/assets/devlin/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fjalla-one-regular-54eb546b.woff2
abe.msh-niagatelecom.com/assets/devlin/fonts/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-bold-0eaeadb5.woff2
abe.msh-niagatelecom.com/assets/devlin/fonts/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-3c4a1bb7.woff2
abe.msh-niagatelecom.com/assets/devlin/fonts/ |
63 KB 63 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raleway-2101735d.woff2
abe.msh-niagatelecom.com/assets/devlin/fonts/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sfp.js
downstairsnegotiatebarren.com/ |
84 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stats
proftrafficcounter.com/ |
40 B 307 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stats
proftrafficcounter.com/ |
40 B 306 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
pennytugoneself.com/f34a2b077d81aadd3ffab44af1d61e17/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbar.json
ransomsection.com/ |
12 KB 9 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbar.json
ransomsection.com/ |
12 KB 8 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/wind/multi/2/ |
3 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ren.gif
ransomsection.com/ |
7 B 670 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/wind/multi/2/ |
3 KB 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ren.gif
ransomsection.com/ |
7 B 670 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/css/ |
77 KB 5 KB |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/css/ |
9 KB 3 KB |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbls
ransomsection.com/pixel/ |
0 469 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/css/ |
77 KB 0 |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/css/ |
9 KB 0 |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 42AE |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close.svg
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/ Frame 42AE |
1 KB 892 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Chrome.png
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/ Frame 42AE |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/js/ Frame 42AE |
82 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close.svg
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/ Frame 9CDE |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Chrome.png
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/img/ Frame 9CDE |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 9CDE |
7 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/js/ Frame 9CDE |
82 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbls
ransomsection.com/pixel/ |
0 469 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbls
ransomsection.com/pixel/ |
0 469 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/js/ |
23 KB 9 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/wind/multi/2/js/ |
23 KB 0 |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.1352593895414.js
disclosestockingsprestigious.com/ Redirect Chain
|
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aac40fbbbda4110dfb46a758b01cefc8.js
disclosestockingsprestigious.com/aa/c4/0f/ |
45 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbls
ransomsection.com/pixel/ |
0 469 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
impr.gif
ransomsection.com/ |
7 B 670 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbs
ransomsection.com/pixel/ |
0 469 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
impr.gif
ransomsection.com/ |
7 B 670 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
click.php
favidicaleganii.com/ |
32 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sdk.js
pupspu.com/ |
59 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extjs.js
favidicaleganii.com/ |
114 KB 115 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custjs_new.js
favidicaleganii.com/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
hit
pupspu.com/ |
2 B 391 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
click.php
favidicaleganii.com/ |
0 225 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
click.php
favidicaleganii.com/ |
0 225 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
report
pupspu.com/api/ |
2 B 304 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
report
pupspu.com/api/ |
2 B 304 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4812980&@f16&@g1&@h1&@i1&@j1714484969544&@k0&@l1&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:-64900682&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4859325&@f16&@g1&@h1&@i1&@j1714484969544&@k0&@l1&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:165152602&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4812980&@f16&@g1&@h1&@i1&@j1714484969544&@k0&@l1&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:-76930192&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4859325&@f16&@g1&@h1&@i1&@j1714484969544&@k0&@l1&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:-178354327&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4812980&@f16&@g0&@h2&@i1&@j1714484969550&@k6&@l2&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:90954921&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4859325&@f16&@g0&@h2&@i1&@j1714484969550&@k6&@l2&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:126388867&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4812980&@f16&@g0&@h2&@i1&@j1714484969550&@k6&@l2&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:-80914872&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4859325&@f16&@g0&@h2&@i1&@j1714484969550&@k6&@l2&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:103186481&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4812980&@f16&@g0&@h3&@i1&@j1714484969558&@k8&@l3&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:150177953&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4859325&@f16&@g0&@h3&@i1&@j1714484969558&@k8&@l3&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:-166017521&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4812980&@f16&@g0&@h3&@i1&@j1714484969558&@k8&@l3&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:69311730&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4859325&@f16&@g0&@h3&@i1&@j1714484969558&@k8&@l3&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:179336943&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4812980&@f16&@g0&@h4&@i1&@j1714484969562&@k4&@l4&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:67398035&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4859325&@f16&@g0&@h4&@i1&@j1714484969562&@k4&@l4&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:90516338&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4812980&@f16&@g0&@h4&@i1&@j1714484969562&@k4&@l4&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:168570231&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
- Domain
- s4.histats.com
- URL
- https://s4.histats.com/stats/0.php?4859325&@f16&@g0&@h4&@i1&@j1714484969562&@k4&@l4&@mTravelTrove&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:-82894321&@b3:1714484970&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fabe.msh-niagatelecom.com%2F&@w
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| regeneratorRuntime string| _uid object| AltPushPush object| AltPush object| Morath function| $ function| jQuery object| Cookies function| bowser string| landing_position number| site_id function| rl function| updateURLParameter function| lp_update_token string| tracker_url function| pushOnSubscribed function| pushOnFailed function| pushOnAlreadySubscribed function| pushOnDenied28 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
proftrafficcounter.com/ | Name: uid_id2 Value: 824a507b-66f0-4fc5-9cd3-bce1a0a644f7:2:1 |
|
abe.msh-niagatelecom.com/ | Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 824a507b-66f0-4fc5-9cd3-bce1a0a644f7%3A2%3A1 |
|
abe.msh-niagatelecom.com/ | Name: sb_main_3a785e60028ecc444408788918fd896d Value: 1 |
|
abe.msh-niagatelecom.com/ | Name: sb_count_3a785e60028ecc444408788918fd896d Value: 2 |
|
abe.msh-niagatelecom.com/ | Name: HstCfa4812980 Value: 1714484969544 |
|
abe.msh-niagatelecom.com/ | Name: HstCmu4812980 Value: 1714484969544 |
|
abe.msh-niagatelecom.com/ | Name: HstCnv4812980 Value: 1 |
|
abe.msh-niagatelecom.com/ | Name: HstCns4812980 Value: 1 |
|
abe.msh-niagatelecom.com/ | Name: HstCla4812980 Value: 1714484969562 |
|
abe.msh-niagatelecom.com/ | Name: HstPn4812980 Value: 4 |
|
abe.msh-niagatelecom.com/ | Name: HstPt4812980 Value: 4 |
|
ransomsection.com/ | Name: u_pl Value: 20050024 |
|
ransomsection.com/ | Name: pdhtkv Value: true |
|
ransomsection.com/ | Name: uncs Value: 1 |
|
ransomsection.com/ | Name: pdhtkv29 Value: true |
|
ransomsection.com/ | Name: uncs29 Value: 1 |
|
ransomsection.com/ | Name: uid_id2 Value: 824a507b-66f0-4fc5-9cd3-bce1a0a644f7:2:1 |
|
disclosestockingsprestigious.com/ | Name: u_pl Value: 20050017 |
|
disclosestockingsprestigious.com/ | Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDA1MDAxNywiayI6ImYzNGEyYjA3N2Q4MWFhZGQzZmZhYjQ0YWYxZDYxZTE3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzkyNzMzLCJwaWQiOjI0OTczLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjUsInB0Ijo0LCJwayI6Im10eGFxdDhubTYiLCJjcGtzIjp7IjI4IjoiYWFjNDBmYmJiZGE0MTEwZGZiNDZhNzU4YjAxY2VmYzgiLCIyOSI6Ijk5NTVlMjRiOWZjOGZlNjFhYzMzYThlYTExZjU3NjFmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyMzkxNjYzODgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzI1MzUsImJuIjoiQ2hyb21lIiwiYnYiOiIxMjQiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxOTEsImMiOiJTRyIsIm4iOiJTaW5nYXBvcmUifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJTdGFySHViIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hYmUubXNoLW5pYWdhdGVsZWNvbS5jb20vIiwiYXIiOltdfX0.U2YLAVEUVNIaaMsK-9sDOucgQZz_-GMgB1rRDTfQhTw |
|
disclosestockingsprestigious.com/ | Name: uid_id2 Value: 824a507b-66f0-4fc5-9cd3-bce1a0a644f7:2:1 |
|
disclosestockingsprestigious.com/ | Name: iprcccc00cae5fffe6b27b4d7d9235ac4f1e Value: 4754724 |
|
disclosestockingsprestigious.com/ | Name: pdhtkv Value: true |
|
disclosestockingsprestigious.com/ | Name: uncs Value: 1 |
|
disclosestockingsprestigious.com/ | Name: pdhtkv5 Value: true |
|
disclosestockingsprestigious.com/ | Name: uncs5 Value: 1 |
|
favidicaleganii.com/ | Name: uclick Value: q51mk2tla7 |
|
favidicaleganii.com/ | Name: uclickhash Value: q51mk2tla7-q51mk2tla7-g6wf-y99l0-k29z0-2twfpm-2twfq5-c359b6 |
|
pupspu.com/ | Name: av_sw_hit Value: 1 |
98 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abe.msh-niagatelecom.com
cdn.barscreative1.com
cdn.creative-bars1.com
cdnjs.cloudflare.com
disclosestockingsprestigious.com
downstairsnegotiatebarren.com
favidicaleganii.com
fonts.googleapis.com
garukra.com
pennytugoneself.com
proftrafficcounter.com
pupspu.com
ransomsection.com
s10.histats.com
s4.histats.com
satisfactorymetalrub.com
tse1.mm.bing.net
s4.histats.com
104.17.24.14
104.20.66.115
172.240.108.68
172.240.108.76
172.67.141.24
172.67.180.87
172.67.184.190
178.162.215.162
188.166.236.231
192.243.59.12
192.243.61.225
204.79.197.200
45.133.44.3
52.74.85.120
64.233.170.95
85.17.80.23
09f428cdc40d34b914b70c2fd993bd3385f1d80228866a660acad66242dc10b7
0c44658d02ac847db2c809185ccf7d875dc6cae9ff52b633d074962a50cd5dc1
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f1a7f6f402d881f0a882c8e8bcb722552ead9f11c421bdcce6bfa68720bf6e1
159001311d57d1983fc126eff6aab9d862bde3ef5cb4a46e24c88fd21626ac6e
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
264e1e8bd43d575a63fa2c5d8915a381db5a2ef70d3ea4c1b3b46be977605dd1
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
36797c4ad44eec277621dc5a48d3bb070b725815544c4dc6229543481cd1c98b
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e3e21cf17f3b4480615792da62e84ef7727fd3a20c50acf5cb7a29c2bc0f2db
3f10086cd83ec7c74fd98e27f2b7fe4f1ece7661474a0a9f781bb1c5218ddf26
40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
45757255ad5843de3cfd15bfbe24738fe7d97166ec56a79ba7915d7f690c52a1
45e6b29d4c4c0dc8a321226affba14d58140b6eb05dcf70fc93c93560014d55c
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
556dcec62d7e5fc0f49ecd1e6eccba8d6c0c0b0f97961b5f2a8e6beea2fbb454
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
62c3659cd0086b51163762d6749a64be01524be22881e0db7fcc9617cf9fdf6f
6520421dcc70741b68be6b24e41f3fb8e575e8e6097b0d05d35bcf23d36c820f
6736b40db626020c4948a227a881ef502d278c81d3f506344d0d07af6bff3c56
723764e87835ca34ace6b5839bb35d022751d42c3ff787da6e26c69d290dbc63
7377ab893c6bbbf4d3ab7bec305cfa3e5eb5bcde00b414a8ccb4ffc27c75db8a
88d9ae1f2310401abb3418e49d863e9f1cb4ef2825d6ec87133745d20a7c1949
926ced13c6d1f8812977bd0b6402f121696b33ac42ecacd3f8ba07f13552a65a
9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21
977415b0acea8dfa3229748b4249267b2ac71df43ceebbc4ffcda09f42bcf519
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
c25369fd8f5a87ea9ab801ef028fafbdbc8bf6b7f60b6b732d05b5b3fece0ea7
c36b7b812180215af2265c50c89528b1697750957a3cb6f83de03e95558ae9ac
c8ca0baac0e68328cb4741664e75dce6b2d51bc175f3044863e7a1c5727f0e8f
c9f5602bf5a94b364fcfdb08ec141f77898a9f2b19d524c3242451bf518b7f57
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0f6bd9effe4b43da7b4439b9953d579214857c047332acb5d023b1b51695282
d5f5689ede59cc59e78059b38a0d0b8c8f808a37f2df973ecbcd706ca2cddc67
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea161ec96d061369c90e6ce1c9363f484430c6626c7d1019d7ded30ba1c8948f
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eba9e16e9f8323006435ea9db97356e7198a4b64e7ad3dc84a6319781c591575
f487ee83056197a164b41710a183887b7eaa5a06a27e958250c66d20346db106
f7559c23bedda21b2620b1d681b10f10a68f16451dfcbcef47108becc134fb1b
f7e966889389b845f4d31934ef031c43ead3db52ce5cd4d3a88e29a61973a65f
fcdc849f3ea0a275a26f1a2c26b83fbe12ca1505d0dd284faed841e73cd7d6fc