![](/screenshots/0ce25238-6e06-41d4-b164-1329ed2be625.png)
thehealthchanneltoday.com
Open in
urlscan Pro
2606:4700:3035::681f:5581
Malicious Activity!
Public Scan
Effective URL: https://thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/?cep=1qoNLRLTeN3G8akJpkkJImyOPAmKAJWml1vGQj...
Submission: On February 19 via manual from IN
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 24th 2020. Valid for: 9 months.
This is the only time thehealthchanneltoday.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Weightloss Scam (Online)Domain & IP information
ASN15169 (GOOGLE, US)
test-0-0-0-1.blogspot.com |
ASN15169 (GOOGLE, US)
sites.google.com | |
www.google-analytics.com |
ASN15169 (GOOGLE, US)
eca23055-a-62cb3a1a-s-sites.googlegroups.com |
ASN15169 (GOOGLE, US)
resources.blogblog.com | |
www.blogger.com |
ASN15169 (GOOGLE, US)
themes.googleusercontent.com | |
lh3.googleusercontent.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
stripe.rs-stripe.com | |
tr.rev-stripe.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-86-59.eu-central-1.compute.amazonaws.com
affbrain.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-10.fra6.r.cloudfront.net
api.pushnami.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress5
static.hotjar.com | |
script.hotjar.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16
vars.hotjar.com |
Domain | Requested by | |
---|---|---|
30 | thehealthchanneltoday.com |
thehealthchanneltoday.com
|
6 | images.1panel.io |
thehealthchanneltoday.com
|
5 | 3mazagy.com | 5 redirects |
3 | test-0-0-0-1.blogspot.com |
test-0-0-0-1.blogspot.com
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
2 | api.pushnami.com |
thehealthchanneltoday.com
test-0-0-0-1.blogspot.com |
2 | www.googletagmanager.com |
thehealthchanneltoday.com
www.googletagmanager.com |
2 | affbrain.com |
1 redirects
thehealthchanneltoday.com
|
2 | fonts.gstatic.com |
test-0-0-0-1.blogspot.com
|
2 | www.3mazagy.com |
test-0-0-0-1.blogspot.com
|
2 | sites.google.com | 2 redirects |
1 | www.google.de |
thehealthchanneltoday.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
thehealthchanneltoday.com
|
1 | tr.rev-stripe.com | 1 redirects |
1 | stripe.rs-stripe.com | 1 redirects |
1 | whos.amung.us |
widgets.amung.us
|
1 | lh3.googleusercontent.com |
test-0-0-0-1.blogspot.com
|
1 | themes.googleusercontent.com |
test-0-0-0-1.blogspot.com
|
1 | widgets.amung.us |
test-0-0-0-1.blogspot.com
|
1 | usanews.over-blog.com |
test-0-0-0-1.blogspot.com
|
1 | www.blogger.com |
test-0-0-0-1.blogspot.com
|
1 | resources.blogblog.com |
test-0-0-0-1.blogspot.com
|
1 | www.gstatic.com |
test-0-0-0-1.blogspot.com
|
1 | eca23055-a-62cb3a1a-s-sites.googlegroups.com |
test-0-0-0-1.blogspot.com
|
0 | happierlivingnews.com Failed |
thehealthchanneltoday.com
|
74 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
affbrain.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.googlegroups.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
*.blogger.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-01-24 - 2020-10-09 |
9 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
*.pushnami.com Amazon |
2019-06-14 - 2020-07-14 |
a year | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
affbrain.com Let's Encrypt Authority X3 |
2020-02-01 - 2020-05-01 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/?cep=1qoNLRLTeN3G8akJpkkJImyOPAmKAJWml1vGQjyDB9CtddOwjk5MSqm8uicXasMyFUvmO6HqtmecGrFahQYwkvThkA1AEYG_9_nVrYnjnajPlKzpoHsmOPFpdFBBLtrc8fmpQk5KHyV-ct8hIxWCQ9rUrCT_fAjch5GB7k8HVwjhG-H8eh85UrR4VJg11H4H31mmMHfZmcw4Z9PKDHrWru23NjWOgy-ddLdRpwBfqsPdlumJiG3ue52Jg1Otrxgq_b4O1U1ff9eQnK1qwM7DpqrGjJEKcojPMiPDKyndbISIrNsLgsuiXGwLgneOAZhi3qcni3XDO-ELBlD8Dp1M8ZGbnPxCQMNJyeVt13-oyQvwcfKuZbLnhXJm82X650e3a3oifg38e5nNS_KU9fo6j1tdS6bx_EVQQ25ujzuYJr6QFnaGNIiPHeBo62OVU_V5&lptoken=152e825d0914268c5156&pi_targetdevicetype=all&pi_targetcontainertype=all&pi_revenuevalue=0.01&pi_adid=511299&pi_clickid=68264254b817463999cb98a0481197fe&pi_creativeid=549449
Frame ID: 9FD350923102930366888D75E9084044
Requests: 73 HTTP requests in this frame
Frame:
http://usanews.over-blog.com/contact
Frame ID: 985D35B87BC29C4777DB1B640F11A115
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 582F1FF34CFE02681DAB9E3948982F58
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/0ce25238-6e06-41d4-b164-1329ed2be625.png)
Page URL History Show full URLs
- http://test-0-0-0-1.blogspot.com/ Page URL
-
https://stripe.rs-stripe.com/stripe/redirect?cs_email={{GUID}}&cs_stripeid=119969&cs_offset=1&cs_esp=powe...
HTTP 301
https://tr.rev-stripe.com/stripe/redirect?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=119969&cs_offset=1&cs_... HTTP 303
http://affbrain.com/ebf46b51-7c23-4b69-8192-860f6990dce6?pi_targetdevicetype=all&pi_targetcontai... HTTP 302
https://thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/?cep=1qoNLRLTeN3G8akJpk... Page URL
Detected technologies
![](/vendor/wappa/icons/Blogger.png)
Detected patterns
- url /^https?:\/\/[^\/]+\.blogspot\.com/i
![](/vendor/wappa/icons/Python.png)
Detected patterns
- url /^https?:\/\/[^\/]+\.blogspot\.com/i
![](/vendor/wappa/icons/Java.png)
Detected patterns
- headers server /GSE/i
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Detected patterns
- headers server /GSE/i
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://test-0-0-0-1.blogspot.com/ Page URL
-
https://stripe.rs-stripe.com/stripe/redirect?cs_email={{GUID}}&cs_stripeid=119969&cs_offset=1&cs_esp=powerinbox_web
HTTP 301
https://tr.rev-stripe.com/stripe/redirect?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=119969&cs_offset=1&cs_esp=powerinbox_web HTTP 303
http://affbrain.com/ebf46b51-7c23-4b69-8192-860f6990dce6?pi_targetdevicetype=all&pi_targetcontainertype=all&pi_revenuevalue=0.01&pi_adid=511299&pi_clickid=68264254b817463999cb98a0481197fe&pi_creativeid=549449 HTTP 302
https://thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/?cep=1qoNLRLTeN3G8akJpkkJImyOPAmKAJWml1vGQjyDB9CtddOwjk5MSqm8uicXasMyFUvmO6HqtmecGrFahQYwkvThkA1AEYG_9_nVrYnjnajPlKzpoHsmOPFpdFBBLtrc8fmpQk5KHyV-ct8hIxWCQ9rUrCT_fAjch5GB7k8HVwjhG-H8eh85UrR4VJg11H4H31mmMHfZmcw4Z9PKDHrWru23NjWOgy-ddLdRpwBfqsPdlumJiG3ue52Jg1Otrxgq_b4O1U1ff9eQnK1qwM7DpqrGjJEKcojPMiPDKyndbISIrNsLgsuiXGwLgneOAZhi3qcni3XDO-ELBlD8Dp1M8ZGbnPxCQMNJyeVt13-oyQvwcfKuZbLnhXJm82X650e3a3oifg38e5nNS_KU9fo6j1tdS6bx_EVQQ25ujzuYJr6QFnaGNIiPHeBo62OVU_V5&lptoken=152e825d0914268c5156&pi_targetdevicetype=all&pi_targetcontainertype=all&pi_revenuevalue=0.01&pi_adid=511299&pi_clickid=68264254b817463999cb98a0481197fe&pi_creativeid=549449 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://sites.google.com/site/javacodehtml/Pop-Up.js HTTP 307
- https://sites.google.com/site/javacodehtml/Pop-Up.js HTTP 302
- https://sites.google.com/site/javacodehtml/Pop-Up.js?attredirects=0 HTTP 302
- https://eca23055-a-62cb3a1a-s-sites.googlegroups.com/site/javacodehtml/Pop-Up.js?attachauth=ANoY7cooJ-HAjoVv66rxgm0eVyWxAmbZfaV4EYjqYyth8lnjCZwopZvpEnmWP2ggW1FyjmEMy_h6nsGHZJzCVYV3etxTl8xPQ7JY-XH-drVVYqdMGb_YmLuVxcINWJlDe0o-y406PHK7QkXNbXI8LrQ0vLhnwAiB9B5R_RBG_1CaLL0StZ3BJxgd81SOpv-MEvGXKqb9BdmR4sbkXkUIs8-ccO4gBVVxKA%3D%3D&attredirects=0
- http://3mazagy.com/raykcool/JS/ff.js HTTP 302
- http://3mazagy.com/raykcool/JS/ff.js?WebShieldDRSessionVerify=eJk1Dwq8or1DbaJM6FVI HTTP 302
- http://3mazagy.com/raykcool/JS/ff.js HTTP 301
- http://www.3mazagy.com/raykcool/JS/ff.js
- http://3mazagy.com/raykcool/JS/ii.js HTTP 302
- http://3mazagy.com/raykcool/JS/ii.js?WebShieldDRSessionVerify=eJk1Dwq8or1DbaJM6FVI HTTP 301
- http://www.3mazagy.com/raykcool/JS/ii.js?WebShieldDRSessionVerify=eJk1Dwq8or1DbaJM6FVI
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1106410292&t=pageview&_s=1&dl=https%3A%2F%2Fthehealthchanneltoday.com%2FDiet%2FE%2Fss-entertainmenttoday-sharkgirls%2F1%2FKeto-Prime%2F%3Fcep%3D1qoNLRLTeN3G8akJpkkJImyOPAmKAJWml1vGQjyDB9CtddOwjk5MSqm8uicXasMyFUvmO6HqtmecGrFahQYwkvThkA1AEYG_9_nVrYnjnajPlKzpoHsmOPFpdFBBLtrc8fmpQk5KHyV-ct8hIxWCQ9rUrCT_fAjch5GB7k8HVwjhG-H8eh85UrR4VJg11H4H31mmMHfZmcw4Z9PKDHrWru23NjWOgy-ddLdRpwBfqsPdlumJiG3ue52Jg1Otrxgq_b4O1U1ff9eQnK1qwM7DpqrGjJEKcojPMiPDKyndbISIrNsLgsuiXGwLgneOAZhi3qcni3XDO-ELBlD8Dp1M8ZGbnPxCQMNJyeVt13-oyQvwcfKuZbLnhXJm82X650e3a3oifg38e5nNS_KU9fo6j1tdS6bx_EVQQ25ujzuYJr6QFnaGNIiPHeBo62OVU_V5%26lptoken%3D152e825d0914268c5156%26pi_targetdevicetype%3Dall%26pi_targetcontainertype%3Dall%26pi_revenuevalue%3D0.01%26pi_adid%3D511299%26pi_clickid%3D68264254b817463999cb98a0481197fe%26pi_creativeid%3D549449&dr=http%3A%2F%2Ftest-0-0-0-1.blogspot.com%2F&ul=en-us&de=UTF-8&dt=Why%20Every%20Judge%20On%20Shark%20Tank%20Backed%20This%20Product&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=549498046&gjid=496012793&cid=1696543383.1582090852&tid=UA-150220558-5&_gid=1051482098.1582090852&_r=1>m=2ou250&z=847403432 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-150220558-5&cid=1696543383.1582090852&jid=549498046&_gid=1051482098.1582090852&gjid=496012793&_v=j81&z=847403432 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-150220558-5&cid=1696543383.1582090852&jid=549498046&_v=j81&z=847403432 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-150220558-5&cid=1696543383.1582090852&jid=549498046&_v=j81&z=847403432&slf_rd=1&random=1877187222
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
test-0-0-0-1.blogspot.com/ |
69 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pop-Up.js
eca23055-a-62cb3a1a-s-sites.googlegroups.com/site/javacodehtml/ Redirect Chain
|
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3560362091-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ |
136 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookienotice.js
test-0-0-0-1.blogspot.com/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2913858171-widgets.js
www.blogger.com/static/v1/widgets/ |
140 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contact
usanews.over-blog.com/ Frame 985D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ff.js
www.3mazagy.com/raykcool/JS/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ii.js
www.3mazagy.com/raykcool/JS/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
small.js
widgets.amung.us/ |
7 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_v1_6.css.svg
test-0-0-0-1.blogspot.com/responsive/ |
7 KB 3 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
themes.googleusercontent.com/ |
223 KB 223 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35
lh3.googleusercontent.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
whos.amung.us/pingjs/ |
30 B 214 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
439 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/ Redirect Chain
|
27 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sss.css
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
21 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
148 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-theme.css
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
19 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.2.min.js
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/js/ |
86 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1543734314641-mobile-logo.jpg
images.1panel.io/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1543733465172-asseenin.jpg
images.1panel.io/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1543733481270-sam.jpg
images.1panel.io/ |
65 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1543733591671-transformation-bra.png
images.1panel.io/ |
144 KB 144 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mm.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
404 KB 405 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
53 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t4.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lb.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
at.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ks.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkmark.png
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
669 B 776 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cbeee601-254b-49f8-92ba-d6b9fa6b72b3-ketoprime.png
images.1panel.io/ |
112 KB 112 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button.png
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb.png
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
503 KB 503 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dad.png
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
312 KB 312 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bt.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offer.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkmark-green-sm.png
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
764 B 864 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1565193500938-discount-bottle.png
images.1panel.io/ |
64 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
100-guarantee-seal-1_2.png
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lewis.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tanya.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jenni.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cash.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
katy.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amanda.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
julie.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sarah.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kirs.jpg
thehealthchanneltoday.com/Diet/E/ss-entertainmenttoday-sharkgirls/1/Keto-Prime/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
54 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5c015c5c4bbe477783e1098d
api.pushnami.com/scripts/v1/pushnami-adv/ |
237 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1154228.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.js
affbrain.com/d/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
opensans-bold.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
opensans-regular.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tahoma.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
franklin-gothic-condensed.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.596dab810ace883b4ea8.js
script.hotjar.com/ |
401 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
opensans-bold.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
opensans-bold.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
opensans-regular.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
opensans-regular.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tahoma.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tahoma.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
franklin-gothic-condensed.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
franklin-gothic-condensed.html
happierlivingnews.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5e381732fbc8140013db70ef
api.pushnami.com/scripts/v1/pushnami-adv/ |
80 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 582F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/opensans-bold.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/opensans-regular.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/tahoma.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/franklin-gothic-condensed.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/opensans-bold.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/opensans-bold.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/opensans-regular.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/opensans-regular.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/tahoma.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/tahoma.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/franklin-gothic-condensed.html
- Domain
- happierlivingnews.com
- URL
- http://happierlivingnews.com/franklin-gothic-condensed.html
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Weightloss Scam (Online)50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| dtpCallback object| dataLayer function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| mr function| gd function| cu function| tdh function| xf function| hp function| $ function| jQuery boolean| cje object| al object| dayNames object| monthNames object| now number| dayOfTheWeek object| google_tag_manager object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami string| parameters boolean| cj undefined| link function| gtag string| GoogleAnalyticsObject function| ga object| _tfa object| google_tag_data object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.thehealthchanneltoday.com/ | Name: _gat_gtag_UA_150220558_5 Value: 1 |
|
.thehealthchanneltoday.com/ | Name: _gid Value: GA1.2.1051482098.1582090852 |
|
.thehealthchanneltoday.com/ | Name: _hjid Value: c54e4c06-aeb8-4289-b16c-21227b5315ac |
|
.thehealthchanneltoday.com/ | Name: _ga Value: GA1.2.1696543383.1582090852 |
|
.thehealthchanneltoday.com/ | Name: __cfduid Value: d8e8a84bf114c35c57a5e840eda4d7f8e1582090851 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3mazagy.com
affbrain.com
api.pushnami.com
eca23055-a-62cb3a1a-s-sites.googlegroups.com
fonts.gstatic.com
happierlivingnews.com
images.1panel.io
lh3.googleusercontent.com
resources.blogblog.com
script.hotjar.com
sites.google.com
static.hotjar.com
stats.g.doubleclick.net
stripe.rs-stripe.com
test-0-0-0-1.blogspot.com
thehealthchanneltoday.com
themes.googleusercontent.com
tr.rev-stripe.com
usanews.over-blog.com
vars.hotjar.com
whos.amung.us
widgets.amung.us
www.3mazagy.com
www.blogger.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
happierlivingnews.com
13.35.253.10
147.75.100.69
147.75.32.105
172.80.104.56
18.196.86.59
185.128.239.39
185.225.208.133
2606:4700:3033::681b:a1ac
2606:4700:3035::681f:5581
2a00:1450:4001:800::2001
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:809::2009
2a00:1450:4001:814::2004
2a00:1450:4001:815::2003
2a00:1450:4001:817::2003
2a00:1450:4001:818::2008
2a00:1450:4001:819::2003
2a00:1450:400c:c00::9b
2a00:1450:400c:c09::89
67.202.94.94
70.37.54.108
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07769c6616aa2704569259f55bcd0934a4787a6fd37b404520f7dfd8ae5f2c2e
0963eb43c3d252b47c972245961dc22cd6d8e288551c68be356147e977c6b84f
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
11f5889282bea0d7ba3169c81b8f85cfcf98b9dbcafe03ab7260260e1ccf5d0f
14a47eeed570bfd0a66f37bc902393381c25b95752e798a91ca85af2de4239d7
19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61
19f706b54e568713ae64562b5bd717ff9a030e59992ea380d4544a378d7a35a3
226e16dd690bb1711efac084c7fb3a60ccfa9cca7cbea558684b45540927e645
2408bfba7d88dcd2fac614a9069a40d8b096621cbfecbfcab1d75352f45666ae
24d3f5ea3df37b6bcc677a953431af9ccd570bfbf5f6e8b5821b7ca4e22d8820
27dba2d6aef3b64c37fb49bce86599be66b991924b563f94acd13b2ccf97d777
285a6cf9bf4b0edef43f77d57955e0d27f5202f36a1a652d1e7e0c793ece90c3
43f1cd8f211a3d776132f699d0098c39a2d8c361da41af51409c4ca19b884fce
43f20b36d779d77d2461b60a05a107c8e407f5bbec05bd5bc00152b3831e113a
476755c89e54d0169809c21bbcb4e0daafcb4844a776b6c3b11d6b9e1d29ae59
543a1ff55c9ed0d970b8a0fb22eb80da98e0c0a245db73b97637892c9e8a5049
56419cff6b8b4f5a79e950d00b3da6dfcc88399cb871017da55b954f88d6dc83
5ba4a61e927afbe69f4a8eb85ab5a6c9d258db65a691a322465f940fd83c14c6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e568821d9f0cbdef3fab2c414be5281ca48fb751c67364350ebdebebaa6fcf8
6130ddb0e7667730edbcaef4f5f09839489e0384f3f5d6de3acd8098f714e32c
619b16aecdcbb1c2ac4203859724cf0702956b7ceaa22aa953ab7e8d9405e2a5
68999b575f2b95023b94032059948f6fc004e9009065e8f063435158941c1b7e
69e24d542169477c6a4cac7e42dc9f61e8dad2ae77b8bbdcfe6d9fd95af5b1a1
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
6f70cf5c5450384c65e622a3e47213014751c174fddfeff444e4076a8cf8f3d4
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
7d63e52d3a2f19d948275f50ad6042aec24eb9c4ac9e015009af1946a5206c2d
7dbdc06b4a7ad64a4f5b57ec899497ab129057cedc037f1e7c003eeec81c7f7f
81d65d75541be279e8271647f2e3eed976dce833a3f8641b60bdc2f4cb91e858
84ebdc97b19c12a9611e4a6184770cfa6cdab439dee9616f0a9061c3c84074fd
8b902a6e5bcd61ac0d4e10b014a64146c165a10ec81c2c5049aecec757c68209
8d01c57f27ad80f2004a30731c99e02ce2165e5753a8baf9431a3527845f1819
8d30f37857264833a94453ad53c98647870b4b32b37edea6c37ecd87bfe8b571
8d576d4d150f200d7db2d8d068cefef4c85975d7509b5dde53abe8f66fa3aa13
8f17d88e7e1a5ce25acc88f02fe88221adbe03a40f0f70398e2f9d40553151b8
9cc43bd1c0e71551c95b9734f7321a6c3d892cbf4ee0d7d7c65e15edcf2b8dfa
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
a1b16c6d59d4ae4282050e13cbdf38b91f26f89530b2dc09fb1e9c3b721a3d5f
a245d64f975906ec8c1393bf2f6344bfadfe4687e399a4ba56a9a431e0da5d8a
ae78faf57ed6ec829302f07f0d08dc098753be9301aadd1abf3223004e29a9d1
b1df7f6c8c3abf78dd3aeee9b7668d25eb4ad5bade95845fd9c0ea9d31edefd9
baf19da1a8c7c75fcec970fe828d935eda21a5b0f9858eab4c664d19ffe02ad6
bb1f85bdca77a88a00c4767ed0036854967647d78b7fa4c957625b4649df9893
c30f2a4e39052aa9ccf4dd741c16184bfd5f1b336fdfe29afbfd54d640cbdcf9
c695baf22f4b6e88665f9046d30801761588574232f89d1d493e59894cab62ca
cab040fc133814c4dd30f8c70b2dd7d4a7aa5a5f2bc5078b67e4c76c7f715119
cf03d4a3f38fc1faed5945c722d037231020119d59e4ec03d0854bc4fb9fbd4d
dac7ea1fce51cf4a72de59421bc2cc9256accef5115114c6e2c43ba7861203de
db5c11215b2a147365188f6e1ec6cd03d93a6387e16ebe09fae67ce212b25088
e05c1102a6503201c7cf8617e0efb288191c98146ae885b598877f97971f9386
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c4891adbd3348caa287266d44cbae2607c53abc65d177515cf1bfa0f952c35
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ede00a72a8a907d4e73e539a5f5d05d4b65d0693b08cdde8cf68ec8c3fe3b5a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61a20aea1a3585639229de14dce5f8dac070e5682cec7c9633387a470688a60
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
fe5906bf85f4342be624e167df42fb0cb34cf2067abc7ea7f83548e66c5810a4