datingtopia.com
Open in
urlscan Pro
172.67.172.98
Public Scan
Submitted URL: http://clik.rfroute.com/aff_c?offer_id=6353&aff_id=4985&aff_sub3=15f0dd76771beb2.23690780&aff_sub=349&ocode=MzQ5LjIzOTYu...
Effective URL: https://datingtopia.com/ps88q/?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5049&zid=trynot...
Submission: On July 14 via manual from IN
Effective URL: https://datingtopia.com/ps88q/?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5049&zid=trynot...
Submission: On July 14 via manual from IN
Summary
This website contacted 16 IPs
in 6 countries
across 19 domains to perform 53 HTTP transactions.
The main IP is 172.67.172.98, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is datingtopia.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 8th 2019. Valid for: a year.
This is the only time datingtopia.com was scanned on urlscan.io!
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 8th 2019. Valid for: a year.
This is the only time datingtopia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
4
50.116.9.77
(Fremont, United States)
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li451-77.members.linode.com
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li451-77.members.linode.com
| hello.trymsg.com |
3
18.195.23.231
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-23-231.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-23-231.eu-central-1.compute.amazonaws.com
| kingered-banctours.com |
2
2a00:1450:4001:806::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
datingtopia.com
datingtopia.com |
898 KB |
| 4 |
yandex.ru
2 redirects
mc.yandex.ru |
4 KB |
| 4 |
trymsg.com
hello.trymsg.com |
10 KB |
| 3 |
webvisor.org
1 redirects
mc.webvisor.org |
2 KB |
| 3 |
fcdn.info
cdn-dt.fcdn.info |
16 KB |
| 3 |
kingered-banctours.com
2 redirects
kingered-banctours.com |
4 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
29 KB |
| 3 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
35 KB |
| 2 |
facebook.com
www.facebook.com |
403 B |
| 2 |
facebook.net
connect.facebook.net |
166 KB |
| 2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
| 2 |
trychk.com
chk.trychk.com |
23 KB |
| 2 |
ezofferz.com
2 redirects
ezofferz.com |
1 KB |
| 1 |
doubleclick.net
stats.g.doubleclick.net |
133 B |
| 1 |
swpush.com
app.swpush.com |
787 B |
| 1 |
jsdelivr.net
cdn.jsdelivr.net |
48 KB |
| 1 |
gambol.link
1 redirects
v.gambol.link |
982 B |
| 1 |
global-trk.com
1 redirects
clik.global-trk.com |
2 KB |
| 1 |
rfroute.com
1 redirects
clik.rfroute.com |
2 KB |
| 53 | 19 |
| Domain | Requested by | |
|---|---|---|
| 25 | datingtopia.com |
hello.trymsg.com
datingtopia.com ajax.googleapis.com |
| 4 | mc.yandex.ru |
2 redirects
datingtopia.com
cdn.jsdelivr.net |
| 4 | hello.trymsg.com |
hello.trymsg.com
|
| 3 | mc.webvisor.org |
1 redirects
datingtopia.com
|
| 3 | cdn-dt.fcdn.info |
datingtopia.com
cdn-dt.fcdn.info |
| 3 | kingered-banctours.com |
2 redirects
datingtopia.com
|
| 3 | fonts.gstatic.com |
hello.trymsg.com
ajax.googleapis.com |
| 2 | www.facebook.com |
datingtopia.com
|
| 2 | connect.facebook.net |
datingtopia.com
connect.facebook.net |
| 2 | www.google-analytics.com |
1 redirects
datingtopia.com
|
| 2 | chk.trychk.com |
hello.trymsg.com
|
| 2 | fonts.googleapis.com |
hello.trymsg.com
datingtopia.com |
| 2 | ezofferz.com | 2 redirects |
| 1 | stats.g.doubleclick.net |
datingtopia.com
|
| 1 | app.swpush.com |
cdn-dt.fcdn.info
|
| 1 | cdn.jsdelivr.net |
datingtopia.com
|
| 1 | ajax.googleapis.com |
datingtopia.com
|
| 1 | v.gambol.link | 1 redirects |
| 1 | clik.global-trk.com | 1 redirects |
| 1 | clik.rfroute.com | 1 redirects |
| 53 | 20 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| kingered-banctours.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.trymsg.com Let's Encrypt Authority X3 |
2020-06-18 - 2020-09-16 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-01-04 - 2020-10-09 |
9 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
| kingered-banctours.com Let's Encrypt Authority X3 |
2020-06-01 - 2020-08-30 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
| f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-07-08 - 2021-04-17 |
9 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-06-30 - 2020-09-22 |
3 months | crt.sh |
| mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
| mc.webvisor.org Yandex CA |
2020-04-21 - 2021-04-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://datingtopia.com/ps88q/?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5049&zid=trynotify&bid=%7BbannerID%7D&email=%7Bemail%7D&data2=wp_u&data3=&data4=wp_u_3&bt=bt1&cep=G3Qa3KzVDergQG88qrkYRlXIRUOezqk3fd1VuwZM2NHlXA-rx_SLy71G2WTCg5NdrplW7OjOS-ZrXeMGq0azvuhIsQC5n6KfInTwzDkV0oF6NMMctu61s4cZpfsiv2iNQOLmErW0yLOTIv7UG7nWIHHsXq7sbRkkfAQZuzDS4xjd9uM6nq3v2AgZNs-rYMuESPaiRkTQUk81GF6pu7zFHwO5XohrY3Jshv45K2yp923L_ucAx1I-tKOrsj-F6dK2b4y9AubeJjPl0F1xkKaozkodg5xO91iHPydwx8hUo1ADayb3oraX7iBT65NdDIdgZVlHdtMri8PdMGybADv0-UxQEi8fxZQQc9koKcKlDGhgPqzDSetO5pX3qSFuPvsrrqKTv1-L0W6pFqmK_IdKZyQdTNdwFmQ5Ja7RbWl6rIlbuRn1WqBSbQAEjQt94rGEMLNqXUEeKdXPwHnvQNn93nu1TRGQYiuNzSDgMywxkTH0-W_h0zNvxWqMdZ0PenUWgbyzacCD91H60AXgrJxcMZLq8DtsVQL-LJH3otD5zJdtSFlmvmRiCJ2TrYjGL5Um&lptoken=15d99464743a66079553&cid=w946mmp976nn2of027mvodgi
Frame ID: C0FC37E28882DF5366FAD436F74FEB4F
Requests: 53 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://clik.rfroute.com/aff_c?offer_id=6353&aff_id=4985&aff_sub3=15f0dd76771beb2.23690780&aff_sub=34...
HTTP 302
http://ezofferz.com/crDLO2GSL.php?cid=125&aff_id=4985&aff_sub=349&aff_sub2=&aff_sub3=15f0dd76771... HTTP 302
http://ezofferz.com/cr.php?cid=4542&aff_id=5049&aff_sub=349&aff_sub2=&aff_sub3=15f0dd76771beb2.2... HTTP 302
https://clik.global-trk.com/aff_c?offer_id=6601&aff_unique4=4044:23531&aff_unique5=CRPX&aff_id=5049&aff_... HTTP 302
https://v.gambol.link/86d58f08-f4a3-44d1-9fe4-ff0def6287a9?utm_source=86d58f08&utm_medium=64&utm_c... HTTP 302
https://hello.trymsg.com/?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5... Page URL
-
https://kingered-banctours.com/0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=86d58f08&utm_medium=trynotif...
HTTP 302
https://kingered-banctours.com/0b957200-9585-4000-8cf2-511ad3874c89?utm_source=86d58f08&utm_medium=trynotif... HTTP 302
https://datingtopia.com/ps88q/?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content... Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /cdn\.jsdelivr\.net\/npm\/yandex-metrica-watch\/watch\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://kingered-banctours.com/click?$_clickCode=1
Search URL Search Domain Scan URL
URL: https://kingered-banctours.com/click?zid=92b535e40d85789c4d406ea601a0af88
Title: Continue
Title: Continue
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://clik.rfroute.com/aff_c?offer_id=6353&aff_id=4985&aff_sub3=15f0dd76771beb2.23690780&aff_sub=349&ocode=MzQ5LjIzOTYuMjEuMjIuMTMuMC4wLjAuMC4wLjAuMA
HTTP 302
http://ezofferz.com/crDLO2GSL.php?cid=125&aff_id=4985&aff_sub=349&aff_sub2=&aff_sub3=15f0dd76771beb2.23690780&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=102966616839ecd6e7bd9bd62cad83 HTTP 302
http://ezofferz.com/cr.php?cid=4542&aff_id=5049&aff_sub=349&aff_sub2=&aff_sub3=15f0dd76771beb2.23690780&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=102966616839ecd6e7bd9bd62cad83 HTTP 302
https://clik.global-trk.com/aff_c?offer_id=6601&aff_unique4=4044:23531&aff_unique5=CRPX&aff_id=5049&aff_sub=349&aff_sub2=&aff_sub3=15f0dd76771beb2.23690780&aff_sub4=&aff_sub5=&aff_unique5=dLya071460093&trn=102966616839ecd6e7bd9bd62cad83 HTTP 302
https://v.gambol.link/86d58f08-f4a3-44d1-9fe4-ff0def6287a9?utm_source=86d58f08&utm_medium=64&utm_campaign=349&utm_content=GSL-5049&zid={zoneid}&bid={bannerID}&email={email}&cid=1023bfe7929dee1c787a3c946c7a05&data4=1023bfe7929dee1c787a3c946c7a05 HTTP 302
https://hello.trymsg.com/?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5049&zid=trynotify&bid=%7BbannerID%7D&email=%7Bemail%7D&data2=&data3=&data4=1023bfe7929dee1c787a3c946c7a05&cid=w1jsck75r05jdof02cqt2smg Page URL
-
https://kingered-banctours.com/0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5049&cid=w1jsck75r05jdof02cqt2smg&data3=&bid={bannerID}&zid=trynotify&email={email}&data4=wp_u_3&data2=wp_u
HTTP 302
https://kingered-banctours.com/0b957200-9585-4000-8cf2-511ad3874c89?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5049&zid=trynotify&bid=%7BbannerID%7D&email=%7Bemail%7D&data2=wp_u&data3=&data4=wp_u_3&cid=w946mmp976nn2of027mvodgi HTTP 302
https://datingtopia.com/ps88q/?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5049&zid=trynotify&bid=%7BbannerID%7D&email=%7Bemail%7D&data2=wp_u&data3=&data4=wp_u_3&bt=bt1&cep=G3Qa3KzVDergQG88qrkYRlXIRUOezqk3fd1VuwZM2NHlXA-rx_SLy71G2WTCg5NdrplW7OjOS-ZrXeMGq0azvuhIsQC5n6KfInTwzDkV0oF6NMMctu61s4cZpfsiv2iNQOLmErW0yLOTIv7UG7nWIHHsXq7sbRkkfAQZuzDS4xjd9uM6nq3v2AgZNs-rYMuESPaiRkTQUk81GF6pu7zFHwO5XohrY3Jshv45K2yp923L_ucAx1I-tKOrsj-F6dK2b4y9AubeJjPl0F1xkKaozkodg5xO91iHPydwx8hUo1ADayb3oraX7iBT65NdDIdgZVlHdtMri8PdMGybADv0-UxQEi8fxZQQc9koKcKlDGhgPqzDSetO5pX3qSFuPvsrrqKTv1-L0W6pFqmK_IdKZyQdTNdwFmQ5Ja7RbWl6rIlbuRn1WqBSbQAEjQt94rGEMLNqXUEeKdXPwHnvQNn93nu1TRGQYiuNzSDgMywxkTH0-W_h0zNvxWqMdZ0PenUWgbyzacCD91H60AXgrJxcMZLq8DtsVQL-LJH3otD5zJdtSFlmvmRiCJ2TrYjGL5Um&lptoken=15d99464743a66079553&cid=w946mmp976nn2of027mvodgi Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://clik.rfroute.com/aff_c?offer_id=6353&aff_id=4985&aff_sub3=15f0dd76771beb2.23690780&aff_sub=349&ocode=MzQ5LjIzOTYuMjEuMjIuMTMuMC4wLjAuMC4wLjAuMA HTTP 302
- http://ezofferz.com/crDLO2GSL.php?cid=125&aff_id=4985&aff_sub=349&aff_sub2=&aff_sub3=15f0dd76771beb2.23690780&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=102966616839ecd6e7bd9bd62cad83 HTTP 302
- http://ezofferz.com/cr.php?cid=4542&aff_id=5049&aff_sub=349&aff_sub2=&aff_sub3=15f0dd76771beb2.23690780&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=102966616839ecd6e7bd9bd62cad83 HTTP 302
- https://clik.global-trk.com/aff_c?offer_id=6601&aff_unique4=4044:23531&aff_unique5=CRPX&aff_id=5049&aff_sub=349&aff_sub2=&aff_sub3=15f0dd76771beb2.23690780&aff_sub4=&aff_sub5=&aff_unique5=dLya071460093&trn=102966616839ecd6e7bd9bd62cad83 HTTP 302
- https://v.gambol.link/86d58f08-f4a3-44d1-9fe4-ff0def6287a9?utm_source=86d58f08&utm_medium=64&utm_campaign=349&utm_content=GSL-5049&zid={zoneid}&bid={bannerID}&email={email}&cid=1023bfe7929dee1c787a3c946c7a05&data4=1023bfe7929dee1c787a3c946c7a05 HTTP 302
- https://hello.trymsg.com/?utm_source=86d58f08&utm_medium=trynotify&utm_campaign=349&utm_content=GSL-5049&zid=trynotify&bid=%7BbannerID%7D&email=%7Bemail%7D&data2=&data3=&data4=1023bfe7929dee1c787a3c946c7a05&cid=w1jsck75r05jdof02cqt2smg
- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2023518248&t=pageview&_s=1&dl=https%3A%2F%2Fdatingtopia.com%2Fps88q%2F%3Futm_source%3D86d58f08%26utm_medium%3Dtrynotify%26utm_campaign%3D349%26utm_content%3DGSL-5049%26zid%3Dtrynotify%26bid%3D%257BbannerID%257D%26email%3D%257Bemail%257D%26data2%3Dwp_u%26data3%3D%26data4%3Dwp_u_3%26bt%3Dbt1%26cep%3DG3Qa3KzVDergQG88qrkYRlXIRUOezqk3fd1VuwZM2NHlXA-rx_SLy71G2WTCg5NdrplW7OjOS-ZrXeMGq0azvuhIsQC5n6KfInTwzDkV0oF6NMMctu61s4cZpfsiv2iNQOLmErW0yLOTIv7UG7nWIHHsXq7sbRkkfAQZuzDS4xjd9uM6nq3v2AgZNs-rYMuESPaiRkTQUk81GF6pu7zFHwO5XohrY3Jshv45K2yp923L_ucAx1I-tKOrsj-F6dK2b4y9AubeJjPl0F1xkKaozkodg5xO91iHPydwx8hUo1ADayb3oraX7iBT65NdDIdgZVlHdtMri8PdMGybADv0-UxQEi8fxZQQc9koKcKlDGhgPqzDSetO5pX3qSFuPvsrrqKTv1-L0W6pFqmK_IdKZyQdTNdwFmQ5Ja7RbWl6rIlbuRn1WqBSbQAEjQt94rGEMLNqXUEeKdXPwHnvQNn93nu1TRGQYiuNzSDgMywxkTH0-W_h0zNvxWqMdZ0PenUWgbyzacCD91H60AXgrJxcMZLq8DtsVQL-LJH3otD5zJdtSFlmvmRiCJ2TrYjGL5Um%26lptoken%3D15d99464743a66079553%26cid%3Dw946mmp976nn2of027mvodgi&dr=https%3A%2F%2Fhello.trymsg.com%2F%3Futm_source%3D86d58f08%26utm_medium%3Dtrynotify%26utm_campaign%3D349%26utm_content%3DGSL-5049%26zid%3Dtrynotify%26bid%3D%257BbannerID%257D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D1023bfe7929dee1c787a3c946c7a05%26cid%3Dw1jsck75r05jdof02cqt2smg&ul=en-us&de=UTF-8&dt=focksi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=942451821&gjid=287443875&cid=447965983.1594744896&tid=UA-97359813-1&_gid=1987329069.1594744896&_r=1&z=1038620586 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97359813-1&cid=447965983.1594744896&jid=942451821&_gid=1987329069.1594744896&gjid=287443875&_v=j83&z=1038620586
- https://mc.yandex.ru/watch/3?wmode=7&page-ref=https%3A%2F%2Fdatingtopia.com%2Fps88q%2F%3Futm_source%3D86d58f08%26utm_medium%3Dtrynotify%26utm_campaign%3D349%26utm_content%3DGSL-5049%26zid%3Dtrynotify%26bid%3D%257BbannerID%257D%26email%3D%257Bemail%257D%26data2%3Dwp_u%26data3%3D%26data4%3Dwp_u_3%26bt%3Dbt1%26cep%3DG3Qa3KzVDergQG88qrkYRlXIRUOezqk3fd1VuwZM2NHlXA-rx_SLy71G2WTCg5NdrplW7OjOS-ZrXeMGq0azvuhIsQC5n6KfInTwzDkV0oF6NMMctu61s4cZpfsiv2iNQOLmErW0yLOTIv7UG7nWIHHsXq7sbRkkfAQZuzDS4xjd9uM6nq3v2AgZNs-rYMuESPaiRkTQUk81GF6pu7zFHwO5XohrY3Jshv45K2yp923L_ucAx1I-tKOrsj-F6dK2b4y9AubeJjPl0F1xkKaozkodg5xO91iHPydwx8hUo1ADayb3oraX7iBT65NdDIdgZVlHdtMri8PdMGybADv0-UxQEi8fxZQQc9koKcKlDGhgPqzDSetO5pX3qSFuPvsrrqKTv1-L0W6pFqmK_IdKZyQdTNdwFmQ5Ja7RbWl6rIlbuRn1WqBSbQAEjQt94rGEMLNqXUEeKdXPwHnvQNn93nu1TRGQYiuNzSDgMywxkTH0-W_h0zNvxWqMdZ0PenUWgbyzacCD91H60AXgrJxcMZLq8DtsVQL-LJH3otD5zJdtSFlmvmRiCJ2TrYjGL5Um%26lptoken%3D15d99464743a66079553%26cid%3Dw946mmp976nn2of027mvodgi&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A3%3Av%3A1894%3Arqnl%3A1%3Ast%3A1594744896%3Au%3A1594744896649026670%3Ahi%3A HTTP 302
- https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fdatingtopia.com%2Fps88q%2F%3Futm_source%3D86d58f08%26utm_medium%3Dtrynotify%26utm_campaign%3D349%26utm_content%3DGSL-5049%26zid%3Dtrynotify%26bid%3D%257BbannerID%257D%26email%3D%257Bemail%257D%26data2%3Dwp_u%26data3%3D%26data4%3Dwp_u_3%26bt%3Dbt1%26cep%3DG3Qa3KzVDergQG88qrkYRlXIRUOezqk3fd1VuwZM2NHlXA-rx_SLy71G2WTCg5NdrplW7OjOS-ZrXeMGq0azvuhIsQC5n6KfInTwzDkV0oF6NMMctu61s4cZpfsiv2iNQOLmErW0yLOTIv7UG7nWIHHsXq7sbRkkfAQZuzDS4xjd9uM6nq3v2AgZNs-rYMuESPaiRkTQUk81GF6pu7zFHwO5XohrY3Jshv45K2yp923L_ucAx1I-tKOrsj-F6dK2b4y9AubeJjPl0F1xkKaozkodg5xO91iHPydwx8hUo1ADayb3oraX7iBT65NdDIdgZVlHdtMri8PdMGybADv0-UxQEi8fxZQQc9koKcKlDGhgPqzDSetO5pX3qSFuPvsrrqKTv1-L0W6pFqmK_IdKZyQdTNdwFmQ5Ja7RbWl6rIlbuRn1WqBSbQAEjQt94rGEMLNqXUEeKdXPwHnvQNn93nu1TRGQYiuNzSDgMywxkTH0-W_h0zNvxWqMdZ0PenUWgbyzacCD91H60AXgrJxcMZLq8DtsVQL-LJH3otD5zJdtSFlmvmRiCJ2TrYjGL5Um%26lptoken%3D15d99464743a66079553%26cid%3Dw946mmp976nn2of027mvodgi&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A3%3Av%3A1894%3Arqnl%3A1%3Ast%3A1594744896%3Au%3A1594744896649026670%3Ahi%3A
- https://mc.webvisor.org/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=8969.MOg1K35TEPTjhL4VWICHcsdFYHGMs14RGk5BWXIWCbZ76C9Ds502Ehjvbf7aYst6.eWXfINipKEyWpt0-7iEfwP9I2qY%2C HTTP 302
- https://mc.webvisor.org/sync_cookie_image_decide?token=8969.Cu8z9NryCyhGATQt6kUWSs5cRnHHDLkjJMdB1MsxufyQVqk2ZMUILfKDjLD_k9zKBL82uZ50xeiHPlXA7DeNM3pyRSK_IwxCWb9dmitPRs4%2C.7xISxTmLq33yrOWRciFQMWKrKgo%2C
53 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
hello.trymsg.com/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.min.css
hello.trymsg.com/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow.png
hello.trymsg.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
swp-w.min.js
hello.trymsg.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
5 KB 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
molon.php
chk.trychk.com/ |
68 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
molon.php
chk.trychk.com/ |
43 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
datingtopia.com/ps88q/ Redirect Chain
|
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
datingtopia.com/ps88q/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
datingtopia.com/ps88q/js/ |
831 B 446 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fgp.min.js
datingtopia.com/js/ |
29 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hp
kingered-banctours.com/ |
382 B 635 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swpush.min.js
cdn-dt.fcdn.info/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
datingtopia.com/ps88q/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
7 KB 819 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
134 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ |
141 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
get-keys
app.swpush.com/ |
552 B 787 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg.jpg
datingtopia.com/ps88q/img/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg-2.jpg
datingtopia.com/ps88q/img/ |
70 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11.jpg
datingtopia.com/ps88q/img/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
12.jpg
datingtopia.com/ps88q/img/ |
49 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13.jpg
datingtopia.com/ps88q/img/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
14.jpg
datingtopia.com/ps88q/img/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow.png
datingtopia.com/ps88q/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
21.jpg
datingtopia.com/ps88q/img/ |
41 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
22.jpg
datingtopia.com/ps88q/img/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
23.jpg
datingtopia.com/ps88q/img/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
24.jpg
datingtopia.com/ps88q/img/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
31.jpg
datingtopia.com/ps88q/img/ |
70 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
32.jpg
datingtopia.com/ps88q/img/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
33.jpg
datingtopia.com/ps88q/img/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
34.jpg
datingtopia.com/ps88q/img/ |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
41.jpg
datingtopia.com/ps88q/img/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
42.jpg
datingtopia.com/ps88q/img/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
43.jpg
datingtopia.com/ps88q/img/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
44.jpg
datingtopia.com/ps88q/img/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 133 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1426921724108509
connect.facebook.net/signals/config/ |
523 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1
mc.yandex.ru/watch/3/ Redirect Chain
|
35 B 585 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
advert.gif
mc.webvisor.org/metrika/ |
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sinfo
datingtopia.com/ |
2 B 877 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync_cookie_image_decide
mc.webvisor.org/ Redirect Chain
|
43 B 665 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fgpt.min.js
cdn-dt.fcdn.info/ |
29 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads-banner.js
cdn-dt.fcdn.info/ |
0 145 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
48184178
mc.yandex.ru/watch/ |
171 B 722 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| Fingerprint2 string| AFKClickUrl string| sCity string| uHash function| getURLParameter function| genUrl number| rTimeout string| redirectUrl function| ready function| addGeo string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| WPush boolean| exit object| container object| link object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter48184178 function| FGPT12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| datingtopia.com/ | Name: datingum_session Value: eyJpdiI6InFwdmRYYnRYaitiWXVpclpNYnV3Z2c9PSIsInZhbHVlIjoiNlFZK1ViK212ZmJxalp4RTF4OUlDMWhBWFVVUDBDVE9ZSUJBZmNMNVRjMCtYL0hWVmYvUGRqY0srdnF6MWhJayIsIm1hYyI6IjgwYjIzN2UwODQ4ZTM5M2IzODU1NDJjYjc1MGExNGZjOTU1NGFhNDUwZTllYzYwYzkwYjg0NzMxYzVhYWJmZjMifQ%3D%3D |
|
| datingtopia.com/ | Name: PHPSESSID Value: 3fe136dda9a05479e3ce8183ece82635 |
|
| datingtopia.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IitvbUUvcUEvZkNYTG5qRlFQd1NtZ3c9PSIsInZhbHVlIjoiZUEreFJNejFrOHJxV3Z6OFZHYXdBVzIvakdVSW5vZ1V6Z0dGbCs4MVppMFBLS0dlLzJpZ3M4WUJqVHNMY2pTbiIsIm1hYyI6IjAzZTE1MTQ3ZmZjZTQzZWFhMmQ1OWZiMTg4YTM0MTAxNGI1ZjBiODBhZGE0MWUzZTQzMzEyNWE5Mjk0ZTY1ODkifQ%3D%3D |
|
| .datingtopia.com/ | Name: _ym_isad Value: 2 |
|
| .datingtopia.com/ | Name: _fbp Value: fb.1.1594744896179.2074570411 |
|
| .datingtopia.com/ | Name: _ym_d Value: 1594744896 |
|
| .datingtopia.com/ | Name: _ym_uid Value: 1594744896649026670 |
|
| .datingtopia.com/ | Name: _ym_wasSynced Value: %7B%22time%22%3A1594744896437%2C%22params%22%3A%7B%22eu%22%3A1%7D%2C%22bkParams%22%3A%7B%7D%7D |
|
| .datingtopia.com/ | Name: __cfduid Value: d4181fbccdd5a5ef20704b521273269e01594744895 |
|
| .datingtopia.com/ | Name: _gat Value: 1 |
|
| .datingtopia.com/ | Name: _gid Value: GA1.2.1987329069.1594744896 |
|
| .datingtopia.com/ | Name: _ga Value: GA1.2.447965983.1594744896 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src * data: 'unsafe-eval' 'unsafe-inline' |
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
app.swpush.com
cdn-dt.fcdn.info
cdn.jsdelivr.net
chk.trychk.com
clik.global-trk.com
clik.rfroute.com
connect.facebook.net
datingtopia.com
ezofferz.com
fonts.googleapis.com
fonts.gstatic.com
hello.trymsg.com
kingered-banctours.com
mc.webvisor.org
mc.yandex.ru
stats.g.doubleclick.net
v.gambol.link
www.facebook.com
www.google-analytics.com
104.27.191.126
154.47.36.20
172.67.172.98
18.195.23.231
18.195.30.247
2606:4700:3032::6812:3783
2606:4700:3034::ac43:9ad8
2606:4700:3037::681b:8953
2a00:1450:4001:800::200a
2a00:1450:4001:801::200a
2a00:1450:4001:806::200e
2a00:1450:4001:815::2003
2a00:1450:400c:c04::9b
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
50.116.9.77
63.32.205.138
05a575c351ff0174704f7552bb9a5215802a168e51fbd97deca949be0e5417cd
094e7ac686dd3da3233e794100dacf3579595384330c7fe8deab56a586f276b6
0e2499cdc9abf82888db600dd48f54eb0548820c0e26270670e1f43828199d87
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a7a98b73cd77e652a3fa407c459c71166c1a049cebc21150821c6fed62511ca
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee
229b17da4720da0a4a516db54cbfbbaae96cd4a2102041486fdeb06921e365dc
2337ddf19c9ac84216c6a9e35ae150ce49b170e6d0a7d1b14f7daa7d82dc5bc8
246ef4b088b11a4bdf0a2770e2725e00e5fe76d4d769eb23f2cf7a222acfbd51
25719bbeeec3dcace448f560fdc028944181edaf14e9ed550d7b61e761475d92
305987f43ec94f07d15c494f811aa7aeb9f68b4f5f4ba2d65b6b7b1f5d2a6f68
38a4a0616eec7a64dc1b6a5c034eab3d054af0bd040c1c0d41df6435e905499a
42a0f39a002ed2c619d1f9c509181c49a83274c3c2d1ebaafa2995396fc312c2
4aafb463576907c5f0ae60559f68a975646c1e1a6f4b45087a12f7a4c95e2f25
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52d605051384c175504536706bbdfef8f15417ab9d8fb4a08a2083a42bc9f6de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56abcaeb7062d1a6eea4948909e0d6aa2379d1479e91e210e9aea43c468b5f57
62081a46cf154cc82e382d35ba1b2419c23dc70cfb36d1f4fb0e792981a2d869
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66deed93bb488df3115736bfc3a0665b2a41b7d840f506cc1234bcd73178fab0
682e88edb7a6c94603c14b037657a6c7f9ebbea690f1b2c057953f34eb1ac438
76c0d0c224459610d74795520ea2a893cede54677a3228e2d0641fef64f485b1
79fe873fa3671027e9f4442e8e97654bcabff5a3acff18af7864faf569e0dde2
7cb087d9023243df1f15c77d84864d64f0c15222bc4ae4409cc2f7e483bbae8d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856c17cb65b8b961e2ea4c4c83d2ee021ff1f2453ce14c5db6e35cf355c3537f
903ed964c577b0e23e311d110a9fa07f15abebc5cbc22674cba3e46069571e4c
a2a82ba94258941085dbf623b3be00496edfbaa5141b72b8438f48a38a517078
b157f41fcfae09a9c3415d326ae27222af2abaee8eb3c114c17881c89cd31ee5
b6e9c5e0cc8f8afbd2201d05b307264cbcf63eb8565c6de7194e8fe3743669dc
b74c53b83275539f5180de251e4746b8626971a9d6929def61a8fe4bc2ad29a0
bdaa96e18bf5d95147982db86b13a155b3070661680e8fc074f1a6188eb68795
bdca9f865e1babd041ea66f29b96bc53260182e2184134d8c350962ad18abb6f
be549d4d9e8f7fa5f80ae50898c1147072b32b34b3823d9c28464e13c9fb3e85
bfad739e3074717d69b02434cb5ea47ac29766b721b58f2aa2dbbd8033aa96e8
c1c0f88d712c2154cf53080d0c839e28cd459db16bc305d295fc047d5a88517c
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d0d2c136fb021d8dd1fb816b1651798bee461825d0f98b19362baa12d3c668f3
d41d778e70eaf12152da488481133e85d0b71907bae8b547ba5225465a8a7fbb
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
db6b521ef133feb28674def7a6a7a86c5be2e7b90ab18650011fd9dbad46fb7f
dcc43ceca652cbaa2ed6f03f6b32acc49a31cbde81c9037c5430e10c55b8afda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65862ec46960dc2c866f9670ad7632b6b6a40912cafab30451575de499272b9
eea21e7cf379f6c0065694b3fbc46f7fc77e9446ce8585e84dd08bde15a27368
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955