sexualmeeting4.com
Open in
urlscan Pro
5.189.252.52
Malicious Activity!
Public Scan
Effective URL: https://sexualmeeting4.com/?u=uyhwwwl&o=6b78nnl&cid=1mo1l40e46ovv4p4
Submission: On March 28 via manual from GB
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 29th 2019. Valid for: 3 months.
This is the only time sexualmeeting4.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 54.235.96.118 54.235.96.118 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
6 | 2.16.186.17 2.16.186.17 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a00:1450:400... 2a00:1450:4001:814::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 37.58.60.226 37.58.60.226 | 28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10) | |
1 | 54.230.95.178 54.230.95.178 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 173.192.70.66 173.192.70.66 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
3 | 52.85.188.26 52.85.188.26 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
3 | 2a00:1450:400... 2a00:1450:4001:806::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 10 | 2a00:1450:400... 2a00:1450:4001:81c::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
5 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 174.129.232.124 174.129.232.124 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
3 | 2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
4 | 2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 54.230.95.219 54.230.95.219 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 52.85.188.153 52.85.188.153 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 54.230.95.72 54.230.95.72 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 72.21.202.25 72.21.202.25 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 13.249.153.17 13.249.153.17 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 107.22.253.226 107.22.253.226 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 104.244.42.72 104.244.42.72 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 | 151.101.2.110 151.101.2.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 162.247.242.18 162.247.242.18 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic) | |
1 12 | 5.189.252.52 5.189.252.52 | 202023 (LLHOST //...) (LLHOST // M247) | |
63 | 25 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-235-96-118.compute-1.amazonaws.com
sitesderencontrescritiques.logdown.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com
cdn-theme.logdown.io |
ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: server.codings.pro
k.lavorodacasa.review |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-178.fra2.r.cloudfront.net
images.hellogiggles.com |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 42.46.c0ad.ip4.static.sl-reverse.com
www.hotflick.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-188-26.fra2.r.cloudfront.net
mathjax.logdown.io |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
netdna.bootstrapcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
youtube.com | |
apis.google.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-174-129-232-124.compute-1.amazonaws.com
logdown.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-219.fra2.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-188-153.fra2.r.cloudfront.net
mathjax.logdown.io |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-72.fra2.r.cloudfront.net
certify.alexametrics.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cloudfront-labs.amazonaws.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-249-153-17.nrt51.r.cloudfront.net
a090f5de33dbe1c5871ba0c03c0593b4e.profile.nrt51-c1.cloudfront.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-22-253-226.compute-1.amazonaws.com
assets1.logdown.com |
ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com |
ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-6.nr-data.net
bam.nr-data.net |
Domain | Requested by | |
---|---|---|
12 | sexualmeeting4.com |
1 redirects
k.lavorodacasa.review
sexualmeeting4.com |
6 | www.youtube.com |
sitesderencontrescritiques.logdown.com
|
6 | youtube.com | 6 redirects |
6 | cdn-theme.logdown.io |
sitesderencontrescritiques.logdown.com
|
5 | fonts.gstatic.com |
sitesderencontrescritiques.logdown.com
sexualmeeting4.com |
4 | platform.twitter.com |
sitesderencontrescritiques.logdown.com
platform.twitter.com |
4 | apis.google.com |
sitesderencontrescritiques.logdown.com
apis.google.com |
4 | mathjax.logdown.io |
sitesderencontrescritiques.logdown.com
mathjax.logdown.io |
3 | www.google-analytics.com |
sitesderencontrescritiques.logdown.com
|
2 | connect.facebook.net |
sitesderencontrescritiques.logdown.com
connect.facebook.net |
2 | netdna.bootstrapcdn.com |
sitesderencontrescritiques.logdown.com
|
2 | www.hotflick.net |
1 redirects
sitesderencontrescritiques.logdown.com
|
2 | fonts.googleapis.com |
sitesderencontrescritiques.logdown.com
sexualmeeting4.com |
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
logdown.com
|
1 | syndication.twitter.com |
sitesderencontrescritiques.logdown.com
|
1 | assets1.logdown.com |
logdown.com
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | accounts.google.com |
apis.google.com
|
1 | a090f5de33dbe1c5871ba0c03c0593b4e.profile.nrt51-c1.cloudfront.net |
sitesderencontrescritiques.logdown.com
|
1 | cloudfront-labs.amazonaws.com | 1 redirects |
1 | certify.alexametrics.com |
sitesderencontrescritiques.logdown.com
|
1 | d31qbv1cthcecs.cloudfront.net |
sitesderencontrescritiques.logdown.com
|
1 | logdown.com |
sitesderencontrescritiques.logdown.com
|
1 | images.hellogiggles.com |
sitesderencontrescritiques.logdown.com
|
1 | k.lavorodacasa.review |
sitesderencontrescritiques.logdown.com
|
1 | sitesderencontrescritiques.logdown.com | |
63 | 27 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.superiorpics.com Go Daddy Secure Certificate Authority - G2 |
2018-09-25 - 2020-09-25 |
2 years | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-03-08 - 2019-06-06 |
3 months | crt.sh |
*.apis.google.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2018-10-08 - 2019-10-09 |
a year | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2018-11-19 - 2019-11-27 |
a year | crt.sh |
certify.alexametrics.com Amazon |
2018-08-23 - 2019-09-23 |
a year | crt.sh |
accounts.google.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
syndication.twitter.com DigiCert SHA2 High Assurance Server CA |
2019-01-24 - 2020-01-24 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-03-21 - 2020-03-21 |
a year | crt.sh |
*.nr-data.net GeoTrust RSA CA 2018 |
2018-01-11 - 2020-03-17 |
2 years | crt.sh |
sexualmeeting4.com Let's Encrypt Authority X3 |
2019-01-29 - 2019-04-29 |
3 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
This page contains 13 frames:
Primary Page:
https://sexualmeeting4.com/?u=uyhwwwl&o=6b78nnl&cid=1mo1l40e46ovv4p4
Frame ID: 7B4B80C1FE13F775C06A41862B299CDE
Requests: 48 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/rr4xUXTKiok?iv_load_policy=3&modestbranding=1&rel=0&fs=1
Frame ID: 4C2427947833A0A5557A8C9FBC0B5C6D
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/MvfOyKOqa3Y?iv_load_policy=3&modestbranding=1&rel=0&fs=1
Frame ID: B2A624BA6ECF4E18EEE176E9A653AF60
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/dbtUupl2jFw?iv_load_policy=3&modestbranding=1&rel=0&fs=1
Frame ID: 070341B7F696F6F74C379DD7A1B6D3F6
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/Rg0XMAkhwps?iv_load_policy=3&modestbranding=1&rel=0&fs=1
Frame ID: 4D97D7359DD45B8805027B0D90A15404
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/uGxRg5I7r5s?iv_load_policy=3&modestbranding=1&rel=0&fs=1
Frame ID: D3C4776ED40A157AEDD6AE274F26C3D8
Requests: 1 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/wjIyitzscFA?iv_load_policy=3&modestbranding=1&rel=0&fs=1
Frame ID: 6714369AD7D866F22F3281D480400443
Requests: 1 HTTP requests in this frame
Frame:
http://logdown.com/pages/top_controls
Frame ID: DC168C94C3EE126C661D787C1F36B3E7
Requests: 4 HTTP requests in this frame
Frame:
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fsitesderencontrescritiques.logdown.com&url=http%3A%2F%2Fsitesderencontrescritiques.logdown.com%2Fposts%2F5744820&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mD9OANMjpa8.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPp3EqLdEPhAGeVp3R7FfO_VldMSQ%2Fm%3D__features__
Frame ID: 257BFF3EFAC22CC7B09D79F7A8E4EE22
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=http%3A%2F%2Fsitesderencontrescritiques.logdown.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 66923A87F9D85B202190B520D9ECD3D3
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fsitesderencontrescritiques.logdown.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mD9OANMjpa8.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPp3EqLdEPhAGeVp3R7FfO_VldMSQ%2Fm%3D__features__
Frame ID: DAA45F7560312502FC68CCE8FC77750A
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 1375EF63D2C1148100C5735BF38C387B
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Frame ID: AF86A3B721DDE6DB84BCDE418D85CB3E
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://sitesderencontrescritiques.logdown.com/posts/5744820 Page URL
-
http://sexualmeeting4.com/?u=uyhwwwl&o=6b78nnl&cid=1mo1l40e46ovv4p4
HTTP 301
https://sexualmeeting4.com/?u=uyhwwwl&o=6b78nnl&cid=1mo1l40e46ovv4p4 Page URL
Detected technologies
Erlang (Programming Languages) ExpandDetected patterns
- headers server /Cowboy/i
Cowboy (Web Frameworks) Expand
Detected patterns
- headers server /Cowboy/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://sitesderencontrescritiques.logdown.com/posts/5744820 Page URL
-
http://sexualmeeting4.com/?u=uyhwwwl&o=6b78nnl&cid=1mo1l40e46ovv4p4
HTTP 301
https://sexualmeeting4.com/?u=uyhwwwl&o=6b78nnl&cid=1mo1l40e46ovv4p4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://www.hotflick.net/flicks/2005_The_40_Year_Old_Virgin/fhd005YOV_Siena_Goines_001.jpg HTTP 301
- https://www.hotflick.net/flicks/2005_The_40_Year_Old_Virgin/fhd005YOV_Siena_Goines_001.jpg
- http://www.google-analytics.com/ga.js HTTP 307
- https://www.google-analytics.com/ga.js
- https://youtube.com/embed/rr4xUXTKiok?iv_load_policy=3&modestbranding=1&rel=0&fs=1 HTTP 301
- https://www.youtube.com/embed/rr4xUXTKiok?iv_load_policy=3&modestbranding=1&rel=0&fs=1
- https://youtube.com/embed/MvfOyKOqa3Y?iv_load_policy=3&modestbranding=1&rel=0&fs=1 HTTP 301
- https://www.youtube.com/embed/MvfOyKOqa3Y?iv_load_policy=3&modestbranding=1&rel=0&fs=1
- https://youtube.com/embed/dbtUupl2jFw?iv_load_policy=3&modestbranding=1&rel=0&fs=1 HTTP 301
- https://www.youtube.com/embed/dbtUupl2jFw?iv_load_policy=3&modestbranding=1&rel=0&fs=1
- https://youtube.com/embed/Rg0XMAkhwps?iv_load_policy=3&modestbranding=1&rel=0&fs=1 HTTP 301
- https://www.youtube.com/embed/Rg0XMAkhwps?iv_load_policy=3&modestbranding=1&rel=0&fs=1
- https://youtube.com/embed/uGxRg5I7r5s?iv_load_policy=3&modestbranding=1&rel=0&fs=1 HTTP 301
- https://www.youtube.com/embed/uGxRg5I7r5s?iv_load_policy=3&modestbranding=1&rel=0&fs=1
- https://youtube.com/embed/wjIyitzscFA?iv_load_policy=3&modestbranding=1&rel=0&fs=1 HTTP 301
- https://www.youtube.com/embed/wjIyitzscFA?iv_load_policy=3&modestbranding=1&rel=0&fs=1
- http://connect.facebook.net/en_US/all.js HTTP 307
- https://connect.facebook.net/en_US/all.js
- http://www.google-analytics.com/plugins/ga/inpage_linkid.js HTTP 307
- https://www.google-analytics.com/plugins/ga/inpage_linkid.js
- http://cloudfront-labs.amazonaws.com/x.png HTTP 302
- http://a090f5de33dbe1c5871ba0c03c0593b4e.profile.nrt51-c1.cloudfront.net/test.png
- http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1476436953&utmhn=sitesderencontrescritiques.logdown.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=40%20Year%20Old%20Virgin%20Speed%20Dating%20Sc%C3%A8ne%20Gina%20%C2%AB%20Les%20meilleurs%20sites%20de%20rencontres%20-%20critiques%20-%202018&utmhid=1987260263&utmr=-&utmp=%2Fposts%2F5744820&utmht=1553788301119&utmac=UA-41764280-1&utmcc=__utma%3D60807343.270344038.1553788301.1553788301.1553788301.1%3B%2B__utmz%3D60807343.1553788301.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1120755033&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
- https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1476436953&utmhn=sitesderencontrescritiques.logdown.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=40%20Year%20Old%20Virgin%20Speed%20Dating%20Sc%C3%A8ne%20Gina%20%C2%AB%20Les%20meilleurs%20sites%20de%20rencontres%20-%20critiques%20-%202018&utmhid=1987260263&utmr=-&utmp=%2Fposts%2F5744820&utmht=1553788301119&utmac=UA-41764280-1&utmcc=__utma%3D60807343.270344038.1553788301.1553788301.1553788301.1%3B%2B__utmz%3D60807343.1553788301.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1120755033&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
5744820
sitesderencontrescritiques.logdown.com/posts/ |
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screen.css
cdn-theme.logdown.io/its-compiling/stylesheets/ |
47 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1Xd2LP
k.lavorodacasa.review/ |
462 B 998 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gina.jpg
images.hellogiggles.com/uploads/2016/08/19081749/ |
85 KB 86 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fhd005YOV_Siena_Goines_001.jpg
www.hotflick.net/flicks/2005_The_40_Year_Old_Virgin/ Redirect Chain
|
188 KB 187 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logdown_blog.js
cdn-theme.logdown.io/utils/javascripts/ |
1 KB 887 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MathJax.js
mathjax.logdown.io/ |
56 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default_dropdown.css
cdn-theme.logdown.io/utils/stylesheets/ |
2 KB 987 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
www.google-analytics.com/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rr4xUXTKiok
www.youtube.com/embed/ Frame 4C24 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MvfOyKOqa3Y
www.youtube.com/embed/ Frame B2A6 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dbtUupl2jFw
www.youtube.com/embed/ Frame 0703 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rg0XMAkhwps
www.youtube.com/embed/ Frame 4D97 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uGxRg5I7r5s
www.youtube.com/embed/ Frame D3C4 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wjIyitzscFA
www.youtube.com/embed/ Frame 6714 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
furley-bg.png
cdn-theme.logdown.io/its-compiling/images/ |
49 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search-icon.png
cdn-theme.logdown.io/its-compiling/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
light-wool-bg.png
cdn-theme.logdown.io/its-compiling/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/3.2.1/font/ |
43 KB 43 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v10/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v10/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2
fonts.gstatic.com/s/ptserif/v10/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
top_controls
logdown.com/pages/ Frame DC16 |
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ Redirect Chain
|
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TeX-AMS_HTML.js
mathjax.logdown.io/config/ |
162 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plusone.js
apis.google.com/js/ |
44 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
93 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
atrk.js
d31qbv1cthcecs.cloudfront.net/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inpage_linkid.js
www.google-analytics.com/plugins/ga/ Redirect Chain
|
1 KB 840 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
185 KB 55 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MenuArrow-15.png
mathjax.logdown.io/images/ |
725 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mD9OANMjpa8.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPp3EqLdEPhAGeVp3R7FfO_VldMSQ/ |
133 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mD9OANMjpa8.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPp3EqLdEPhAGeVp3R7FfO_VldMSQ/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fastbutton
apis.google.com/se/0/_/+1/ Frame 257B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsMath2jax.js
mathjax.logdown.io/extensions/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 6692 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.dd024c345fc26f7c7a8d9938b67e5d3d.js
platform.twitter.com/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
atrk.gif
certify.alexametrics.com/ |
43 B 529 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
test.png
a090f5de33dbe1c5871ba0c03c0593b4e.profile.nrt51-c1.cloudfront.net/ Redirect Chain
|
58 B 58 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
www.google-analytics.com/r/ Redirect Chain
|
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postmessageRelay
accounts.google.com/o/oauth2/ Frame DAA4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 1375 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
platform.twitter.com/widgets/ Frame AF86 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-controls-30d874240e4db9a5032bc06483b7870f21107879b082fc2b8898caa677ccb1b1.css
assets1.logdown.com/assets/ Frame DC16 |
586 B 515 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jot
syndication.twitter.com/i/ |
43 B 121 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1118.min.js
js-agent.newrelic.com/ Frame DC16 |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8d5b66bcc5
bam.nr-data.net/1/ Frame DC16 |
57 B 261 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
sexualmeeting4.com/ Redirect Chain
|
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.min.css
sexualmeeting4.com/media/dating/toon2/css/ |
52 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
sexualmeeting4.com/media/dating/toon2/css/ |
8 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.cookie.js
sexualmeeting4.com/cookie/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utils.js
sexualmeeting4.com/util/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
123.jpg
sexualmeeting4.com/media/dating/toon2/images/ |
175 KB 175 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.min.js
sexualmeeting4.com/media/dating/toon2/js/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bb.js
sexualmeeting4.com/media/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exit-popup.css
sexualmeeting4.com/media/exit-new/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exit1.js
sexualmeeting4.com/media/exit-new/ |
32 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
35 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.jpg
sexualmeeting4.com/media/dating/toon2/images/ |
117 KB 117 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask number| exDays boolean| validNavigation function| wireUpEvents function| Cookies function| docReady function| getParameterByName function| hideUnsub function| languageDetection function| writeLocation object| geoRefData function| showLocation function| appendPixels function| $ function| jQuery object| _0x1b1f function| _0x2cf4 boolean| PreventBb function| getUrlParameter function| getUrlWithParam string| lang string| popup_style string| popup_glow string| thePopup string| current_href boolean| PreventExitSplash object| alert_lang function| trans_available function| detect_lang string| exitsplashpage string| exitsplashmessage function| appendHtml function| DisplayExitSplash function| addLoadEvent function| addClickEvent object| a function| disablelinksfunc function| disableformsfunc1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sexualmeeting4.com/ | Name: ASP.NET_SessionId Value: bqkotcuzpq4pv21zw5x2ndvy |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a090f5de33dbe1c5871ba0c03c0593b4e.profile.nrt51-c1.cloudfront.net
accounts.google.com
apis.google.com
assets1.logdown.com
bam.nr-data.net
cdn-theme.logdown.io
certify.alexametrics.com
cloudfront-labs.amazonaws.com
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
images.hellogiggles.com
js-agent.newrelic.com
k.lavorodacasa.review
logdown.com
mathjax.logdown.io
netdna.bootstrapcdn.com
platform.twitter.com
sexualmeeting4.com
sitesderencontrescritiques.logdown.com
staticxx.facebook.com
syndication.twitter.com
www.google-analytics.com
www.hotflick.net
www.youtube.com
youtube.com
104.244.42.72
107.22.253.226
13.249.153.17
151.101.2.110
162.247.242.18
173.192.70.66
174.129.232.124
2.16.186.17
209.197.3.15
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:806::200e
2a00:1450:4001:809::2003
2a00:1450:4001:814::200a
2a00:1450:4001:815::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::200d
2a03:2880:f01c:216:face:b00c:0:3
37.58.60.226
5.189.252.52
52.85.188.153
52.85.188.26
54.230.95.178
54.230.95.219
54.230.95.72
54.235.96.118
72.21.202.25
01f5536a69228df08dfacc7aaaa4a13ce862c8638781a472f986a44bac8dd5c2
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0dad48ffab8ee10cd776c461a80809173734ee24f578b8aa7797235d503ecaaf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
22d751ef96bccf0208ac65c1119fcb0b7d09bd8ca6b89f52c6bb01749758d650
30d874240e4db9a5032bc06483b7870f21107879b082fc2b8898caa677ccb1b1
31964a8ad73575a2a6020440dfdcd590cb00ee573cd847fc0655360dfe94969f
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
3622d2041fd2390dd10eb9832096e4b89d1b925565650f004aea76adbd54f5f0
408885915473803c26419ec9081d1df03b88afbc52d44d4838ed57923dc3a1d2
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
5022c68cc874b0da40cf25fc60cc30c8a01f6fc316615979de7befa96148ff1f
5a8ed08a80ac646d0c03d0bcb7d971e1e26720272993470b6a29f3d3301dd154
5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214
5d391f5c3df321a4283f59bb8fce59fce788135e7cedb634d3c125f6619eed34
5debab5cfefda4c3be66134445d20fe46cc102b3431a92e231f51ba82d2e727a
6b6f492e10edf7cc2f9fc85b20dfff3f4c6bcfe78f02361d526ce4ea8ca3320e
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6f3a4b796ee97905e7597857f2ab07756bf0a1729737217c472def1c4876a207
6fca7689cc7390062ef67a697e32ec7f8c86409f7edcd4c697e93332de0d15ac
7cb3264a34fe93a45b3359abcf2c002e7614d989705ab354c9f9376034e8e2bb
7f2702c44d9222e7331041eb95e2e44625a343e214918b8b785a05fde6256384
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861b83f7fb21f7426acb9ecb3778ade2c1b7bf6a3785ce1b4749546ded3f2bc2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9ed3b43a01166a4f9c5ef2e265784acd2d5e8862e2872772596392e12e56cd89
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b13c5e8a8235cf77a76a7481cb58ef3d23dab6e4c5bf518a17e8a08011114821
b38a67bdcd0447a6c7a0694987701ee58993c0367adf1fe8937f6e1a8c0e408b
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc
bec68ccbc0f1d35287538a8c07694c784595cd5e4706db76490fd8dcb19782bc
d1e9b94e9bd673b0b6d692493e69a05381c9eca900c4b61d41ea671bcc91a7cb
d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f
dcfbe8bc092d0fccfe25cfedcda1272e7e8bb916d4a7a64273de1f51c226f7fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead25184f408dea5a2082fb6b9f42c9c2cdc40cc967e6646535ef191f99572cb
f5e68294a456f58272d12949eefe095c738016a39aa61418f8613d92e4b3619a
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57
f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f8e0ef3b6f54e6fff0b8110eb9173ed3fbf389a689e595717729c98fa5b47f39
f970a7edb242c97be565846e768087f023a0e0277cfb8f8b0620154bd204dc55