urlscan.io logo urlscan.io
SecurityTrails logo

bluemediafiles.com Open in urlscan Pro
2606:4700:30::681b:9f4e  Public Scan

Go To Rescan Add Verdict Report
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz...
Submission: On January 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 35 HTTP transactions. The main IP is 2606:4700:30::681b:9f4e, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is bluemediafiles.com.
This is the only time bluemediafiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.224.197.182 16509 (AMAZON-02)
4 34.192.61.39 14618 (AMAZON-AES)
3 198.24.170.50 19437 (SS-ASH)
2 2a00:1450:400... 15169 (GOOGLE)
6 93.184.221.133 15133 (EDGECAST)
2 2606:2800:234... 15133 (EDGECAST)
2 2 37.252.173.27 29990 (ASN-APPNEXUS)
2 104.18.30.226 13335 (CLOUDFLAR...)
35 9
13    2606:4700:30::681b:9f4e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
bluemediafiles.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    13.224.197.182 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-182.fra2.r.cloudfront.net
d3al52d8cojds7.cloudfront.net
4    34.192.61.39 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-192-61-39.compute-1.amazonaws.com
consorcraightyc.info
3    198.24.170.50 (Ashburn, United States)

ASN19437 (SS-ASH - SECURED SERVERS LLC, US)
server.cpmstar.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
6    93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ec.cdne.cpmstar.com
cdn.cpmstar.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
2    37.252.173.27 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    104.18.30.226 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rnorlexanderly.info
Domain Requested by
13 bluemediafiles.com bluemediafiles.com
4 consorcraightyc.info bluemediafiles.com
3 cdn.cpmstar.com bluemediafiles.com
cdn.cpmstar.com
3 ec.cdne.cpmstar.com bluemediafiles.com
3 server.cpmstar.com bluemediafiles.com
2 rnorlexanderly.info bluemediafiles.com
2 secure.adnxs.com 2 redirects
2 platform.twitter.com bluemediafiles.com
platform.twitter.com
2 www.google-analytics.com www.googletagmanager.com
bluemediafiles.com
2 d3al52d8cojds7.cloudfront.net bluemediafiles.com
1 www.googletagmanager.com bluemediafiles.com
35 11

This site contains links to these domains. Also see Links.

Domain
mega.nz
server.cpmstar.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-01 -
2020-10-09		 9 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh

This page contains 2 frames:

Primary Page: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Frame ID: D4A20EC3B6510871B18F8E0983312D63
Requests: 34 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html?origin=http%3A%2F%2Fbluemediafiles.com
Frame ID: 88980CDB83A0BF7E70B9FD5122950285
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
  • html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
  • script /jquery\.prettyPhoto\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
  • script /jquery\.prettyPhoto\.js/i

Page Statistics

35
Requests

17 %
HTTPS

40 %
IPv6

9
Domains

11
Subdomains

9
IPs

4
Countries

605 kB
Transfer

1141 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://secure.adnxs.com/getuid?https://rnorlexanderly.info/s?a=$UID&b=637116428443 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frnorlexanderly.info%2Fs%3Fa%3D%24UID%26b%3D637116428443 HTTP 302
  • https://rnorlexanderly.info/s?a=6189869510449779101&b=637116428443

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3
bluemediafiles.com/ 		313 KB
142 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4fad0325946afc32a8f43daaa9c6dffa530747b560e7e4e59b66eb61edd1da

Request headers

Host
bluemediafiles.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d78f655159882fe3051840bbc7f5194091579073170; expires=Fri, 14-Feb-20 07:26:10 GMT; path=/; domain=.bluemediafiles.com; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<http://bluemediafiles.com/wp-json/>; rel="https://api.w.org/"
X-SRCache-Fetch-Status
BYPASS
X-SRCache-Store-Status
BYPASS
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
55561eb09dc3d6dd-FRA
Content-Encoding
gzip
style.css
bluemediafiles.com/wp-content/themes/sunrise/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-content/themes/sunrise/style.css
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
447176cb80e095868c39a3d15affbae3446c31377ac711f75861209de2cfefbe

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:10:54 GMT
Server
cloudflare
Age
6744348
ETag
W/"57b74bae-7e88"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb15c70dfa9-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
prettyPhoto.css
bluemediafiles.com/wp-content/themes/sunrise/lib/prettyphoto/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-content/themes/sunrise/lib/prettyphoto/css/prettyPhoto.css?ver=4.6.17
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06fe5c2ab19218047836088ea033908c99b21ae210e081e2ee0217c95862e247

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:10:54 GMT
Server
cloudflare
Age
2855805
ETag
W/"57b74bae-49a9"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb15baad6bd-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
bluemediafiles.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 05 Sep 2019 06:06:36 GMT
Server
cloudflare
Age
6646044
ETag
W/"5d70a5ec-17a6a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb15b82c2a4-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
bluemediafiles.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:06:29 GMT
Server
cloudflare
Age
10091427
ETag
W/"57b74aa5-2748"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb15c3b97a2-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr.custom.js
bluemediafiles.com/wp-content/themes/sunrise/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-content/themes/sunrise/js/modernizr.custom.js?ver=4.6.17
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
99898cef751160f11afa98561bb5c966bfc061c255fb09fc108fd96e9100233c

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:10:54 GMT
Server
cloudflare
Age
2855771
ETag
W/"57b74bae-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb15a6adfb1-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.js
bluemediafiles.com/wp-content/themes/sunrise/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-content/themes/sunrise/js/custom.js?ver=4.6.17
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c92f51cb3404e1544f69d53a33c95b7bac0e6ae73881d1ef09e202ba3cdfa4ea

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:10:54 GMT
Server
cloudflare
Age
2855771
ETag
W/"57b74bae-6d4"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb18c0fd6bd-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
superfish.js
bluemediafiles.com/wp-content/themes/sunrise/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-content/themes/sunrise/js/superfish.js?ver=4.6.17
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f7402f10f0981a6b31dffcf1a61262bb1a954f38ecb0ed86e1eb813c2965f

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:10:54 GMT
Server
cloudflare
Age
2855805
ETag
W/"57b74bae-efb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb18ff2d6dd-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.prettyPhoto.js
bluemediafiles.com/wp-content/themes/sunrise/lib/prettyphoto/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-content/themes/sunrise/lib/prettyphoto/jquery.prettyPhoto.js?ver=3.1.4
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:10:54 GMT
Server
cloudflare
Age
6566581
ETag
W/"57b74bae-5402"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb18c6297a2-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-155998700-1
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b70a1e364b192e3265330059c22fea930cb564fd50b28c896a538c445e37345
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 07:26:10 GMT
content-encoding
br
last-modified
Wed, 15 Jan 2020 06:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27820
x-xss-protection
0
expires
Wed, 15 Jan 2020 07:26:10 GMT
FNF-1.jpg
bluemediafiles.com/wp-content/uploads/2016/08/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bluemediafiles.com/wp-content/uploads/2016/08/FNF-1.jpg
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa56cb5c62db759c27abc6480b293f300421769e69d0fbaa97643393e16ee74

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:57:34 GMT
Server
cloudflare
Age
6651825
ETag
"57b7569e-7bbb"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
55561eb18becc2a4-FRA
Content-Length
31675
Expires
Thu, 31 Dec 2037 23:55:55 GMT
count.js
bluemediafiles.com/wp-content/plugins/exit-strategy-pro/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-content/plugins/exit-strategy-pro/count.js
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad78b1c55e97fc84fd3045130b4406f3c17bb271c835069240b146d5bd80794d

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:57:22 GMT
Server
cloudflare
Age
6661231
ETag
W/"57b75692-7f4"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb1ececc2a4-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
d3al52d8cojds7.cloudfront.net/ 		103 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3al52d8cojds7.cloudfront.net/?tid=809779
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
13.224.197.182 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-197-182.fra2.r.cloudfront.net
Software
/
Resource Hash
6aae44cd9da38bb0644aafd4f6969b04c0ccbe419df25eb3082387a01506da06

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 07:26:10 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
38442
Via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
m3CHOuutuBzs4VhHsVjk_guiVnT2N0edQGVlOiAgptmPpCCIO-8xtA==
wp-emoji-release.min.js
bluemediafiles.com/wp-includes/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bluemediafiles.com/wp-includes/js/wp-emoji-release.min.js?ver=4.6.17
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29499e2b5d5cbd39647f55746440396d62f8c10c610e6e8bb4a2587030d986e1

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:06:29 GMT
Server
cloudflare
Age
2855770
ETag
W/"57b74aa5-28ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55561eb24db4c2a4-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
I1knc2FnCXR5YHFAKipkZhYwOjgjRTBzaHFZLSg2ahY1c2h5A3dgaGcedWgtJ1Ekc2hxQDc6NWoBdnlgZwdwf25nAnR8
consorcraightyc.info/MENOWVcffC0qalQFGDQBABEIABZ+NgcxEgACfG05Yi4fHw4DEQt/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://consorcraightyc.info/MENOWVcffC0qalQFGDQBABEIABZ+NgcxEgACfG05Yi4fHw4DEQt/I1knc2FnCXR5YHFAKipkZhYwOjgjRTBzaHFZLSg2ahY1c2h5A3dgaGcedWgtJ1Ekc2hxQDc6NWoBdnlgZwdwf25nAnR8
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
34.192.61.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-192-61-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 15 Jan 2020 07:26:10 GMT
popunder.gif
consorcraightyc.info/ 		35 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://consorcraightyc.info/popunder.gif
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
34.192.61.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-192-61-39.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
public
Date
Wed, 15 Jan 2020 07:26:10 GMT
content-encoding
gzip
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Connection
keep-alive
Content-Length
58
view.aspx
server.cpmstar.com/ 		571 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://server.cpmstar.com/view.aspx?poolid=73150&script=1&rnd=397096
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
198.24.170.50 Ashburn, United States, ASN19437 (SS-ASH - SECURED SERVERS LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
394dceb077f85b1670666cdf3deda734722e7e395ae0bb274b933069e796acb2

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 07:26:09 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control
private,no-store, no-cache, must-revalidate
Content-Type
text/html; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155998700-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6476
date
Wed, 15 Jan 2020 05:38:14 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 15 Jan 2020 07:38:14 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=374137676&t=pageview&_s=1&dl=http%3A%2F%2Fbluemediafiles.com%2Fcreatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3%3Fxurl%3Ds%253A%252F%252Fmega.nz%252F%2523%2521iboFmSSK%252152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys&ul=en-us&de=UTF-8&dt=Loading%20your%20links%20-%20Blue%20Media%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=502747265&gjid=1712211675&cid=2012924305.1579073170&tid=UA-155998700-1&_gid=1199702186.1579073170&_r=1&gtm=2ou181&z=338283872
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 07:26:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmcxcXhdWFICRT0vVR0pCCJ7IB8wUWdASCUmeQErMQxoNhwFInhXDBsDDElIS1AGSF4CDlVMSVQURRAMBxQMR0pUDl8XF09BR0xJXFQFX0lCSQdXDAIGVkxJVBdFBRRPVgRGQUJQAkBPQlMJRQ
consorcraightyc.info/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://consorcraightyc.info/cmcxcXhdWFICRT0vVR0pCCJ7IB8wUWdASCUmeQErMQxoNhwFInhXDBsDDElIS1AGSF4CDlVMSVQURRAMBxQMR0pUDl8XF09BR0xJXFQFX0lCSQdXDAIGVkxJVBdFBRRPVgRGQUJQAkBPQlMJRQ
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
34.192.61.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-192-61-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 15 Jan 2020 07:26:10 GMT
300_x_250_-_12.09.2019.jpg
ec.cdne.cpmstar.com/cached/creatives/1214722/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ec.cdne.cpmstar.com/cached/creatives/1214722/300_x_250_-_12.09.2019.jpg
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8ADD) /
Resource Hash
47870d21f79cba2e96554729d8f3573633d0d7622470fab566564d82c8858895

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Last-Modified
Tue, 14 Jan 2020 10:32:45 GMT
Server
ECAcc (ama/8ADD)
X-Cache
HIT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Disposition
inline;filename=1214722_300_x_250_-_12.09.2019.jpg
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
107138
Expires
Thu, 16 Jan 2020 07:26:10 GMT
view.aspx
server.cpmstar.com/ 		556 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://server.cpmstar.com/view.aspx?poolid=73148&script=1&rnd=447217
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
198.24.170.50 Ashburn, United States, ASN19437 (SS-ASH - SECURED SERVERS LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e96919aa28c83ee36cab10b9c03cd1e761da352f5339770b3c39535a6bd74bfe

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 07:26:09 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control
private,no-store, no-cache, must-revalidate
Content-Type
text/html; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
160-600.jpg
ec.cdne.cpmstar.com/cached/creatives/1157774/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ec.cdne.cpmstar.com/cached/creatives/1157774/160-600.jpg
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8A8A) /
Resource Hash
a37e83676d4aee5b173f3abef1618fd55ebab78c775662426e3dd00bde798647

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Last-Modified
Wed, 15 Jan 2020 05:10:00 GMT
Server
ECAcc (ama/8A8A)
X-Cache
HIT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Disposition
inline;filename=1157774_160-600.jpg
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
62164
Expires
Thu, 16 Jan 2020 07:26:10 GMT
view.aspx
server.cpmstar.com/ 		556 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://server.cpmstar.com/view.aspx?poolid=73151&script=1&rnd=285220
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
198.24.170.50 Ashburn, United States, ASN19437 (SS-ASH - SECURED SERVERS LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a7d22db4a1a1f7811b9f36791bf84045193ca7ad53b3b38498c422979858c043

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 07:26:09 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control
private,no-store, no-cache, must-revalidate
Content-Type
text/html; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
120x600.jpg
ec.cdne.cpmstar.com/cached/creatives/1213378/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ec.cdne.cpmstar.com/cached/creatives/1213378/120x600.jpg
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8AE9) /
Resource Hash
03c97da5721b9f92c294c97d9141bc42b0eb57ae1c48202e799fc05ad31be0b5

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Last-Modified
Tue, 14 Jan 2020 19:21:38 GMT
Server
ECAcc (ama/8AE9)
X-Cache
HIT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Disposition
inline;filename=1213378_120x600.jpg
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
26850
Expires
Thu, 16 Jan 2020 07:26:11 GMT
popunder_v101.pack.js
cdn.cpmstar.com/cached/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.cpmstar.com/cached/js/popunder_v101.pack.js
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8A87) /
Resource Hash
9c6d3089a5b2e0c1fbcd448a8a52c5ae1c281e9d812cf0f1937f9fe371bf24f2

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jul 2019 22:10:18 GMT
Server
ECAcc (ama/8A87)
Etag
"2e9dd9675a46d51:0+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Content-Type
application/javascript
Content-Length
917
VhQnVnwGFXo
d3al52d8cojds7.cloudfront.net/bMnBCY0hRHywFd0YZJl5wAkl1VHEUGjEMJkJNEAwvcRo7CiB6SC0HMVodGkU8SBR/Um5eESwEdRQVLAB1A1YjByoPQGQXOF0bfwohSgEkCz5DACpFPVNNLwwyWxwuAm0ANndNeBdCckslUxMrDTxdAypGe3BVcFMhXAQnD2... 		604 B
825 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d3al52d8cojds7.cloudfront.net/bMnBCY0hRHywFd0YZJl5wAkl1VHEUGjEMJkJNEAwvcRo7CiB6SC0HMVodGkU8SBR/Um5eESwEdRQVLAB1A1YjByoPQGQXOF0bfwohSgEkCz5DACpFPVNNLwwyWxwuAm0ANndNeBdCckslUxMrDTxdAypGe3BVcFMhXAQnD20AQC8CKxdCcgw7F0JyG20AQH-NTFwNEHVVhF0JyAjhCHCcULVAbKxdtADZ3UH8cQ3RGegJYKQs8XxxnUQsXQnIPIVkVZ1F4VRUhCCcbVXBTK1oCLQ4tF0IEVHEcQGxQcQZFbFtwF0JyEClUETAKbQA2d1B/HEN0RT0PQXEFLQUUelV+CkQjUH8LEnVRelAWcQJ/VhQnVnwGFXo
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
13.224.197.182 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-197-182.fra2.r.cloudfront.net
Software
/
Resource Hash
fbe25c02a74f26dae26a7964a402e5a6a3bf7aa5ae1644470ac55b1d0b54bde4

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:11 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
439
Via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
oXTdwSqjTEBX_6XYXTh6Bm4UkDKgTJcFrePesfMIy85C9JcAlKTh5Q==
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js?_=1579073170218
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4193) /
Resource Hash
4dced00354b099d831f860145bbd0149f99889d4c45632e4d9e849f008123866

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jan 2020 22:50:12 GMT
Server
ECS (fcn/4193)
Etag
"09356930f7674f04e767f5b1203faeb7+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28838
s
rnorlexanderly.info/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rnorlexanderly.info/s?a=$UID&b=637116428443
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frnorlexanderly.info%2Fs%3Fa%3D%24UID%26b%3D637116428443
  • https://rnorlexanderly.info/s?a=6189869510449779101&b=637116428443
43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rnorlexanderly.info/s?a=6189869510449779101&b=637116428443
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.226 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 07:26:11 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
accept-ranges
bytes
cf-ray
55561eb80af9c771-AMS
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 15 Jan 2020 07:26:13 GMT
AN-X-Request-Uuid
64fb474e-1771-431f-99e5-592cb4f8f907
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://rnorlexanderly.info/s?a=6189869510449779101&b=637116428443
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.117:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
puptc1.js
cdn.cpmstar.com/cached/js/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.cpmstar.com/cached/js/puptc1.js
Requested by
Host: cdn.cpmstar.com
URL: http://cdn.cpmstar.com/cached/js/popunder_v101.pack.js
Protocol
HTTP/1.1
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2287381999a00adef29d52763ad7ec5a8f877f5e8b208a0fd48d20006861efd2

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 21:39:42 GMT
Server
Microsoft-IIS/10.0
Etag
"023684d6842d51:0"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
24407
widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html
platform.twitter.com/widgets/ Frame 8898 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html?origin=http%3A%2F%2Fbluemediafiles.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js?_=1579073170218
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/419E) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Jan 2020 07:26:11 GMT
Etag
"4b563298f37eb3ef2a2f8897be83c714+gzip"
Last-Modified
Thu, 09 Jan 2020 22:38:16 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/419E)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
eAUYTjMPCjMmFXYkPzcaNy0TJgkKCwAGASwBWykYdidNBzkjW1NDaXBRUlUgLgJWQnY0EgoHJTRbX0F2LggNHG12XllVJnpXRUBkaVdbXWZhEhsSN3pXTQMkMwpWQmVwX1tEY3ZRWkFidw
consorcraightyc.info/UEdma3N/ 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
http://consorcraightyc.info/UEdma3N/eAUYTjMPCjMmFXYkPzcaNy0TJgkKCwAGASwBWykYdidNBzkjW1NDaXBRUlUgLgJWQnY0EgoHJTRbX0F2LggNHG12XllVJnpXRUBkaVdbXWZhEhsSN3pXTQMkMwpWQmVwX1tEY3ZRWkFidw
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
HTTP/1.1
Server
34.192.61.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-192-61-39.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Origin
http://bluemediafiles.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 15 Jan 2020 07:26:11 GMT
puptc2.js
cdn.cpmstar.com/cached/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.cpmstar.com/cached/js/puptc2.js
Requested by
Host: cdn.cpmstar.com
URL: http://cdn.cpmstar.com/cached/js/popunder_v101.pack.js
Protocol
HTTP/1.1
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8AC9) /
Resource Hash
5e360bd32abf03814b4f8edd833619247e8971db8cf6bee87f8195ab4e94d0f5

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 21:39:42 GMT
Server
ECAcc (ama/8AC9)
Etag
"e380884d6842d51:0+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Content-Type
application/javascript
Content-Length
1088
p
rnorlexanderly.info/ 		26 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rnorlexanderly.info/p?b=637116428443&c=28961698
Requested by
Host: bluemediafiles.com
URL: http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.226 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72cce34514337c1efbf2d3717f59a2b169395ef3912baa9d65fdad9f82b41dfe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
Origin
http://bluemediafiles.com

Response headers

date
Wed, 15 Jan 2020 07:26:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
55561ec3dbc7c85f-AMS
NUTDL-1.jpg
bluemediafiles.com/wp-content/uploads/2016/08/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bluemediafiles.com/wp-content/uploads/2016/08/NUTDL-1.jpg
Protocol
HTTP/1.1
Server
2606:4700:30::681b:9f4e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccefb83cf153a6be8895ac390c17ea7b4ee2814f3a5baedab6355afb4e0c89dc

Request headers

Referer
http://bluemediafiles.com/creatinglinks8qJG9LfyFidlaldiwli1kTUSkSn82FylsejFCipVsahU2r2FXfgX2LgYHme3?xurl=s%3A%2F%2Fmega.nz%2F%23%21iboFmSSK%2152xrz84cpvsqGbxrTeY_9VGmWHTraK-OL8Q1K5h3Iys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 07:26:17 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 19 Aug 2016 18:57:36 GMT
Server
cloudflare
Age
10091436
ETag
"57b756a0-684b"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
55561eddaf7cc2a4-FRA
Content-Length
26699
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope boolean| pp_alreadyInitialized function| Fingerprint2 boolean| A4 number| _1672489966 function| plusClick number| gsecs boolean| CountActive number| CountStepper boolean| LeadingZero string| DisplayFormat string| FinishMessage function| gtag object| dataLayer number| time string| initialOffset number| interval object| google_tag_manager function| calcage function| CountBack function| putspan number| SetTimeOutPeriod string| BackColor string| ForeColor string| TargetDate number| DisplayStr number| cpmstar_rnd number| cpmstar_pid string| GoogleAnalyticsObject function| ga object| twemoji object| wp object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| cpmstar_str object| cpmstar_popunder_settings object| t object| s function| RogCjyihH8odyhmX boolean| doresize object| scroll_pos object| jQuery11240562822119140642 boolean| hashtag object| elem number| a object| __twttrll object| twttr object| __twttr function| l9cc object| BetterJsPop function| y1eeee

5 Cookies

Domain/Path Name / Value
bluemediafiles.com/ Name: cpmStarCookieTest73155
Value: test
.bluemediafiles.com/ Name: _gid
Value: GA1.2.1199702186.1579073170
.bluemediafiles.com/ Name: _ga
Value: GA1.2.2012924305.1579073170
.bluemediafiles.com/ Name: _gat_gtag_UA_155998700_1
Value: 1
.bluemediafiles.com/ Name: __cfduid
Value: d78f655159882fe3051840bbc7f5194091579073170

45 Console Messages

Source Level URL
Text
console-api log URL: http://bluemediafiles.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://cdn.cpmstar.com/cached/js/puptc1.js(Line 1)
Message:
console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluemediafiles.com
cdn.cpmstar.com
consorcraightyc.info
d3al52d8cojds7.cloudfront.net
ec.cdne.cpmstar.com
platform.twitter.com
rnorlexanderly.info
secure.adnxs.com
server.cpmstar.com
www.google-analytics.com
www.googletagmanager.com
104.18.30.226
13.224.197.182
198.24.170.50
2606:2800:234:59:254c:406:2366:268c
2606:4700:30::681b:9f4e
2a00:1450:4001:816::200e
2a00:1450:4001:821::2008
34.192.61.39
37.252.173.27
93.184.221.133
03c97da5721b9f92c294c97d9141bc42b0eb57ae1c48202e799fc05ad31be0b5
06fe5c2ab19218047836088ea033908c99b21ae210e081e2ee0217c95862e247
2287381999a00adef29d52763ad7ec5a8f877f5e8b208a0fd48d20006861efd2
29499e2b5d5cbd39647f55746440396d62f8c10c610e6e8bb4a2587030d986e1
394dceb077f85b1670666cdf3deda734722e7e395ae0bb274b933069e796acb2
3b70a1e364b192e3265330059c22fea930cb564fd50b28c896a538c445e37345
447176cb80e095868c39a3d15affbae3446c31377ac711f75861209de2cfefbe
47870d21f79cba2e96554729d8f3573633d0d7622470fab566564d82c8858895
47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4dced00354b099d831f860145bbd0149f99889d4c45632e4d9e849f008123866
5e360bd32abf03814b4f8edd833619247e8971db8cf6bee87f8195ab4e94d0f5
6aae44cd9da38bb0644aafd4f6969b04c0ccbe419df25eb3082387a01506da06
72cce34514337c1efbf2d3717f59a2b169395ef3912baa9d65fdad9f82b41dfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
911f7402f10f0981a6b31dffcf1a61262bb1a954f38ecb0ed86e1eb813c2965f
99898cef751160f11afa98561bb5c966bfc061c255fb09fc108fd96e9100233c
9c6d3089a5b2e0c1fbcd448a8a52c5ae1c281e9d812cf0f1937f9fe371bf24f2
a37e83676d4aee5b173f3abef1618fd55ebab78c775662426e3dd00bde798647
a7d22db4a1a1f7811b9f36791bf84045193ca7ad53b3b38498c422979858c043
ad78b1c55e97fc84fd3045130b4406f3c17bb271c835069240b146d5bd80794d
c92f51cb3404e1544f69d53a33c95b7bac0e6ae73881d1ef09e202ba3cdfa4ea
ccefb83cf153a6be8895ac390c17ea7b4ee2814f3a5baedab6355afb4e0c89dc
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
daa56cb5c62db759c27abc6480b293f300421769e69d0fbaa97643393e16ee74
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96919aa28c83ee36cab10b9c03cd1e761da352f5339770b3c39535a6bd74bfe
fbe25c02a74f26dae26a7964a402e5a6a3bf7aa5ae1644470ac55b1d0b54bde4
fc4fad0325946afc32a8f43daaa9c6dffa530747b560e7e4e59b66eb61edd1da