adultfriendfinder.com
Open in
urlscan Pro
69.165.107.69
Public Scan
Submitted URL: https://lm.facebook.com/l.php?u=https%3A%2F%2Ftinyurl.com%2Fy4kfkvjo%3Ffbclid%3DIwAR3BwZZ6OgaGhhlPZMTQjMHQmYkWiFM0XjJRPh...
Effective URL: https://adultfriendfinder.com/go/p2015106.sub47752?tpa=addd3f1f2beb43cf86fd2bfc1e2884f52553
Submission: On August 24 via manual from IT
Effective URL: https://adultfriendfinder.com/go/p2015106.sub47752?tpa=addd3f1f2beb43cf86fd2bfc1e2884f52553
Submission: On August 24 via manual from IT
Summary
This website contacted 12 IPs
in 3 countries
across 14 domains to perform 54 HTTP transactions.
The main IP is 69.165.107.69, located in
United States and
belongs to VARIOUS - FriendFinder Networks Inc, US.
The main domain is adultfriendfinder.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 12th 2019. Valid for: 2 years.
This is the only time adultfriendfinder.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 12th 2019. Valid for: 2 years.
This is the only time adultfriendfinder.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 2a03:2880:f11... 2a03:2880:f11c:8084:face:b00c:0:14c9 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 1 | 2606:4700:10:... 2606:4700:10::6814:db2a | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 2 | 138.197.209.244 138.197.209.244 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
| 1 | 159.89.130.11 159.89.130.11 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
| 2 3 | 2a05:d018:483... 2a05:d018:483:6110:ba7:3746:52fb:9d08 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 2a05:d018:483... 2a05:d018:483:6130:5cc5:c974:7f81:d960 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 7 | 69.165.107.69 69.165.107.69 | 25875 (VARIOUS) (VARIOUS - FriendFinder Networks Inc) | |
| 35 | 152.195.39.54 152.195.39.54 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:818::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 13.35.253.89 13.35.253.89 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 173.201.19.8 173.201.19.8 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
| 54 | 12 |
1
2a03:2880:f11c:8084:face:b00c:0:14c9
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| lm.facebook.com |
1
2606:4700:10::6814:db2a
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| tinyurl.com |
2
138.197.209.244
(Santa Clara, United States)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
| raboittuic.cumsex.online |
1
159.89.130.11
(Santa Clara, United States)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
| istrax.info |
3
2a05:d018:483:6110:ba7:3746:52fb:9d08
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
| securecloud-dt.com | |
| securessl-dt.com |
1
2a05:d018:483:6130:5cc5:c974:7f81:d960
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
| gdmconvtrck.com |
7
69.165.107.69
(United States)
ASN25875 (VARIOUS - FriendFinder Networks Inc, US)
ASN25875 (VARIOUS - FriendFinder Networks Inc, US)
| adultfriendfinder.com |
35
152.195.39.54
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| secureimage.securedataimages.com |
3
2a00:1450:4001:818::2004
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.com |
1
13.35.253.89
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-89.fra6.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-89.fra6.r.cloudfront.net
| aff.trackinglibrary.prodperfect.com |
1
2a00:1450:4001:825::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.gstatic.com |
1
173.201.19.8
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: seal.godaddy.com
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: seal.godaddy.com
| seal.godaddy.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 35 |
securedataimages.com
secureimage.securedataimages.com |
2 MB |
| 7 |
adultfriendfinder.com
adultfriendfinder.com |
68 KB |
| 3 |
google.com
www.google.com |
697 B |
| 2 |
securessl-dt.com
1 redirects
securessl-dt.com |
3 KB |
| 2 |
cumsex.online
1 redirects
raboittuic.cumsex.online |
819 B |
| 1 |
godaddy.com
seal.godaddy.com |
301 B |
| 1 |
gstatic.com
www.gstatic.com |
93 KB |
| 1 |
prodperfect.com
aff.trackinglibrary.prodperfect.com |
20 KB |
| 1 |
gdmconvtrck.com
gdmconvtrck.com |
876 B |
| 1 |
securecloud-dt.com
1 redirects
securecloud-dt.com |
538 B |
| 1 |
istrax.info
istrax.info |
19 KB |
| 1 |
tinyurl.com
1 redirects
tinyurl.com |
1022 B |
| 1 |
facebook.com
lm.facebook.com |
1 KB |
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 54 | 14 |
| Domain | Requested by | |
|---|---|---|
| 35 | secureimage.securedataimages.com |
adultfriendfinder.com
secureimage.securedataimages.com |
| 7 | adultfriendfinder.com |
gdmconvtrck.com
adultfriendfinder.com secureimage.securedataimages.com |
| 3 | www.google.com |
adultfriendfinder.com
www.gstatic.com |
| 2 | securessl-dt.com |
1 redirects
istrax.info
|
| 2 | raboittuic.cumsex.online |
1 redirects
lm.facebook.com
|
| 1 | seal.godaddy.com |
adultfriendfinder.com
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | aff.trackinglibrary.prodperfect.com |
adultfriendfinder.com
|
| 1 | gdmconvtrck.com |
securessl-dt.com
|
| 1 | securecloud-dt.com | 1 redirects |
| 1 | istrax.info |
raboittuic.cumsex.online
|
| 1 | tinyurl.com | 1 redirects |
| 1 | lm.facebook.com | |
| 0 | 138.68.53.103 Failed | |
| 54 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| blog.adultfriendfinder.com |
| alt.com |
| outpersonals.com |
| cams.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
| securessl-dt.com Amazon |
2019-04-20 - 2020-05-20 |
a year | crt.sh |
| gdmconvtrck.com Amazon |
2019-04-19 - 2020-05-19 |
a year | crt.sh |
| *.adultfriendfinder.com DigiCert SHA2 Secure Server CA |
2019-03-12 - 2021-05-06 |
2 years | crt.sh |
| www.securedataimages.com DigiCert SHA2 Secure Server CA |
2017-10-21 - 2020-10-28 |
3 years | crt.sh |
| www.google.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
| *.trackinglibrary.prodperfect.com Amazon |
2019-04-12 - 2020-05-12 |
a year | crt.sh |
| *.google.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
| seal.godaddy.com Go Daddy Secure Certificate Authority - G2 |
2018-09-12 - 2020-09-12 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://adultfriendfinder.com/go/p2015106.sub47752?tpa=addd3f1f2beb43cf86fd2bfc1e2884f52553
Frame ID: 1CA23D11A47ECD32798ABF5F750998C5
Requests: 52 HTTP requests in this frame
Frame:
https://adultfriendfinder.com/go/page/godaddy_seal?site=ffadult
Frame ID: 4A96B72BC93787A35DA72B696FB5807B
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf57BsUAAAAAKMhSgtXdURk4YNgpMMuiifba3_U&co=aHR0cHM6Ly9hZHVsdGZyaWVuZGZpbmRlci5jb206NDQz&hl=nl&v=v1565591531251&size=invisible&cb=gg8zmxq1xixg
Frame ID: A193A86DC3725DDC44F5383431B7588A
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=nl&v=v1565591531251&k=6Lf57BsUAAAAAKMhSgtXdURk4YNgpMMuiifba3_U&cb=1pg57k1wzuzc
Frame ID: 68E3BF693B70EC061B3F35D7BCF0A4A9
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://lm.facebook.com/l.php?u=https%3A%2F%2Ftinyurl.com%2Fy4kfkvjo%3Ffbclid%3DIwAR3BwZZ6OgaGhhlPZM... Page URL
-
https://tinyurl.com/y4kfkvjo?fbclid=IwAR3BwZZ6OgaGhhlPZMTQjMHQmYkWiFM0XjJRPh1Kq-OzzJNpHg8TpWYGMxA
HTTP 301
http://raboittuic.cumsex.online/uN2nqcC95N_OwJjdxrM?fbclid=IwAR3BwZZ6OgaGhhlPZMTQjMHQmYkWiFM0XjJRPh1Kq-OzzJN... Page URL
-
http://raboittuic.cumsex.online/ngapax.php?user=dUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09&grup=SkJTeldaUndXNFBxUks5ZU...
HTTP 302
http://istrax.info/ngapax.php?user=dUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09&grup=SkJTeldaUndXNFBxUks5ZU... Page URL
-
https://securecloud-dt.com/?a=47752&c=114899&s1=&s2=RAFA&s3=DANDY&s4=&s5=U1c3Q0NEYWUyazFKakJxbkkvSDJoRF...
HTTP 302
https://securessl-dt.com/?a=47752&c=72539&oc=10092&sr=t&so=24553&sc=1552208&scr=114899&rc=24_30624&s2... Page URL
-
https://securessl-dt.com/?a=47752&c=72539&oc=10092&sr=t&so=24553&sc=1552208&scr=114899&rc=24_30624&s2...
HTTP 302
https://adultfriendfinder.com/go/p2015106.sub47752?tpa=addd3f1f2beb43cf86fd2bfc1e2884f52553 Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://blog.adultfriendfinder.com/
Title: AFF Datingblog
Title: AFF Datingblog
Search URL Search Domain Scan URL
URL: http://alt.com/
Title: Alt.com
Title: Alt.com
Search URL Search Domain Scan URL
URL: http://outpersonals.com/
Title: OutPersonals.com
Title: OutPersonals.com
Search URL Search Domain Scan URL
URL: http://cams.com/
Title: Cams.com
Title: Cams.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://lm.facebook.com/l.php?u=https%3A%2F%2Ftinyurl.com%2Fy4kfkvjo%3Ffbclid%3DIwAR3BwZZ6OgaGhhlPZMTQjMHQmYkWiFM0XjJRPh1Kq-OzzJNpHg8TpWYGMxA&h=AT2BKZqDY0L2R1atJN5W-nSndXLihV5Xj35NwfXvBiUxFWN749xuQgEf93owydxfEgf6o7oD4NXNr_Zl2NcJjaseBKx0PDyIUQP9q1NOlGFlNRuv4Z4hROWbclHQu1Vz7a4D Page URL
-
https://tinyurl.com/y4kfkvjo?fbclid=IwAR3BwZZ6OgaGhhlPZMTQjMHQmYkWiFM0XjJRPh1Kq-OzzJNpHg8TpWYGMxA
HTTP 301
http://raboittuic.cumsex.online/uN2nqcC95N_OwJjdxrM?fbclid=IwAR3BwZZ6OgaGhhlPZMTQjMHQmYkWiFM0XjJRPh1Kq-OzzJNpHg8TpWYGMxA Page URL
-
http://raboittuic.cumsex.online/ngapax.php?user=dUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09&grup=SkJTeldaUndXNFBxUks5ZUVIL0ZaZz09&ref=NWs0eXp4eWhEbEdaMXhXblZMbVVhZz09
HTTP 302
http://istrax.info/ngapax.php?user=dUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09&grup=SkJTeldaUndXNFBxUks5ZUVIL0ZaZz09&ref=NWs0eXp4eWhEbEdaMXhXblZMbVVhZz09 Page URL
-
https://securecloud-dt.com/?a=47752&c=114899&s1=&s2=RAFA&s3=DANDY&s4=&s5=U1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0=
HTTP 302
https://securessl-dt.com/?a=47752&c=72539&oc=10092&sr=t&so=24553&sc=1552208&scr=114899&rc=24_30624&s2=RAFA&s3=DANDY&s5=U1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0=&ref=http%3A%2F%2Fistrax.info%2Fngapax.php%3Fuser%3DdUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09%26grup%3DSkJTeldaUndXNFBxUks5ZUVIL0ZaZz09%26ref%3DNWs0eXp4eWhEbEdaMXhXblZMbVVhZz09&vt=1566634978703&h=367102185a9b4345731887a07137b56adc802e5e&req=https%3A%2F%2Fsecurecloud-dt.com%2F%3Fa%3D47752%26c%3D114899%26s1%3D%26s2%3DRAFA%26s3%3DDANDY%26s4%3D%26s5%3DU1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0%3D Page URL
-
https://securessl-dt.com/?a=47752&c=72539&oc=10092&sr=t&so=24553&sc=1552208&scr=114899&rc=24_30624&s2=RAFA&s3=DANDY&s5=U1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0=&ref=http%3A%2F%2Fistrax.info%2Fngapax.php%3Fuser%3DdUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09%26grup%3DSkJTeldaUndXNFBxUks5ZUVIL0ZaZz09%26ref%3DNWs0eXp4eWhEbEdaMXhXblZMbVVhZz09&vt=1566634978858&h=850ad5181c86a980211e20128cddddb93c49ad9c&req=https%3A%2F%2Fsecurecloud-dt.com%2F%3Fa%3D47752%26c%3D114899%26s1%3D%26s2%3DRAFA%26s3%3DDANDY%26s4%3D%26s5%3DU1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0%3D&us=1f43f0d95abe42ec8906b45d28e14a62
HTTP 302
https://adultfriendfinder.com/go/p2015106.sub47752?tpa=addd3f1f2beb43cf86fd2bfc1e2884f52553 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://tinyurl.com/y4kfkvjo?fbclid=IwAR3BwZZ6OgaGhhlPZMTQjMHQmYkWiFM0XjJRPh1Kq-OzzJNpHg8TpWYGMxA HTTP 301
- http://raboittuic.cumsex.online/uN2nqcC95N_OwJjdxrM?fbclid=IwAR3BwZZ6OgaGhhlPZMTQjMHQmYkWiFM0XjJRPh1Kq-OzzJNpHg8TpWYGMxA
- http://raboittuic.cumsex.online/ngapax.php?user=dUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09&grup=SkJTeldaUndXNFBxUks5ZUVIL0ZaZz09&ref=NWs0eXp4eWhEbEdaMXhXblZMbVVhZz09 HTTP 302
- http://istrax.info/ngapax.php?user=dUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09&grup=SkJTeldaUndXNFBxUks5ZUVIL0ZaZz09&ref=NWs0eXp4eWhEbEdaMXhXblZMbVVhZz09
- https://securecloud-dt.com/?a=47752&c=114899&s1=&s2=RAFA&s3=DANDY&s4=&s5=U1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0= HTTP 302
- https://securessl-dt.com/?a=47752&c=72539&oc=10092&sr=t&so=24553&sc=1552208&scr=114899&rc=24_30624&s2=RAFA&s3=DANDY&s5=U1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0=&ref=http%3A%2F%2Fistrax.info%2Fngapax.php%3Fuser%3DdUxMd0xrTXZoMFcwQU9ud3J5eGYxUT09%26grup%3DSkJTeldaUndXNFBxUks5ZUVIL0ZaZz09%26ref%3DNWs0eXp4eWhEbEdaMXhXblZMbVVhZz09&vt=1566634978703&h=367102185a9b4345731887a07137b56adc802e5e&req=https%3A%2F%2Fsecurecloud-dt.com%2F%3Fa%3D47752%26c%3D114899%26s1%3D%26s2%3DRAFA%26s3%3DDANDY%26s4%3D%26s5%3DU1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0%3D
54 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
l.php
lm.facebook.com/ |
544 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
uN2nqcC95N_OwJjdxrM
raboittuic.cumsex.online/ Redirect Chain
|
453 B 483 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ngapax.php
istrax.info/ Redirect Chain
|
58 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
securessl-dt.com/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
track.php
138.68.53.103/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trck
gdmconvtrck.com/ |
1 KB 876 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
 Cookie set
p2015106.sub47752
adultfriendfinder.com/go/ Redirect Chain
|
167 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
header.css
adultfriendfinder.com/images/ffadult/css/ |
0 407 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
reset-1428465189.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
927 B 789 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fruit2-1507149637.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
74 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
badges-1507149637.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
23 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cover_ffadult_new2013_v2-1464750637.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
55 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font_face-1553209930.css
adultfriendfinder.com/css/live_cd/ffadult/dutch/0/secure/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer_update-1525973275.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
2 KB 886 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hammy.png
secureimage.securedataimages.com/images/ffadult/39850/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AdultFriendFinderSexDatingSite.png
secureimage.securedataimages.com/images/ffadult/39850/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
762 B 697 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
avn_award2.png
secureimage.securedataimages.com/images/ffadult/cover/avn_award/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
32QZO2a1m9xy1xeauB5Aew.jpg
secureimage.securedataimages.com/ffadult/featured/external/photos/QZ/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C0rnbQ77yE5zkturnLekAw.jpg
secureimage.securedataimages.com/ffadult/featured/external/photos/RN/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IwBGbfLMDMK2nRdTIPKkaA.jpg
secureimage.securedataimages.com/ffadult/featured/external/photos/BG/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
piclist_1b.png
secureimage.securedataimages.com/images/ffadult/39850/ |
47 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
piclist_2b.png
secureimage.securedataimages.com/images/ffadult/39850/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
piclist_3b.png
secureimage.securedataimages.com/images/ffadult/39850/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activity_feed.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
198 KB 198 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vid_poster2.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
play2.png
secureimage.securedataimages.com/images/ffadult/39850/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
profile3.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
164 KB 164 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mobile2.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
88x31_RTA_c.gif
secureimage.securedataimages.com/images/ffadult/common/others/ |
860 B 962 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twitter.jpg
secureimage.securedataimages.com/common/icons/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img_success.jpg
secureimage.securedataimages.com/common/icons/ |
645 B 739 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dutch_statedropdown_utf8.js
adultfriendfinder.com/images/common/js/ |
38 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ffadult-dutch-FFN_MC_ajax_register_page_short3-1561500671.js
secureimage.securedataimages.com/javascript/live_cd/secure/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.12.4.min.js
secureimage.securedataimages.com/images/common/js/ |
95 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate-1.4.1.min.js
secureimage.securedataimages.com/images/common/js/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
keen-tracking.min.js
aff.trackinglibrary.prodperfect.com/ |
67 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
opensans-regular-webfont.woff2
adultfriendfinder.com/images/common/fonts/ |
18 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AdultFriendFinderSexDatingBig2.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
403 KB 403 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
red_btn_bg2.png
secureimage.securedataimages.com/images/ffadult/39850/ |
190 B 269 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading.gif
secureimage.securedataimages.com/images/ffadult/39850/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
godaddy_seal
adultfriendfinder.com/go/page/ Frame 4A96 |
298 B 756 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
480x270_aff.mp4
secureimage.securedataimages.com/images/ffadult/39850/ |
64 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__nl.js
www.gstatic.com/recaptcha/api2/v1565591531251/ |
266 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
avn_bg.jpg
secureimage.securedataimages.com/images/ffadult/cover/avn_award/ |
353 KB 353 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
red_piclist_bg.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
blue_btn_bg.png
secureimage.securedataimages.com/images/ffadult/39850/ |
240 B 331 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
grey_img_bg.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
48 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sprite_newaff.png
secureimage.securedataimages.com/images/ffadult/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
piclist_overlay4.png
secureimage.securedataimages.com/images/ffadult/39850/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
city_list.html
adultfriendfinder.com/go/page/ |
1 KB 791 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame A193 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame 68E3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
getSeal
seal.godaddy.com/ Frame 4A96 |
0 301 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 138.68.53.103
- URL
- http://138.68.53.103/track.php?a=RAFA&b=DANDY&d=82.102.19.132&e=desktop&f=114899&g=Chrome&h=U1c3Q0NEYWUyazFKakJxbkkvSDJoRFVtOU45enN5bWIwckQ0SFBDN2J6Yz0=&c=lm.facebook.com
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| ProdPerfectKeen object| FFN function| updateDays function| updateDays1 function| updateDays2 object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| ss string| v function| statedropdown function| $ function| jQuery number| feedOffset number| feedDistanceFromTopOfWindow number| feedDistFromTopStart number| feedDistFromTopEnd number| feedImageHeight number| feedContainerHeight number| feedImageOverflow number| feedScrollFactor number| footerDistFromTopOfWindow object| jQuery112402795321614111692 object| FFN_Tracker function| validateRecaptcha object| CD object| closure_lm_480017 function| Keen function| setImmediate function| clearImmediate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
| X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
138.68.53.103
adultfriendfinder.com
aff.trackinglibrary.prodperfect.com
gdmconvtrck.com
istrax.info
lm.facebook.com
raboittuic.cumsex.online
seal.godaddy.com
securecloud-dt.com
secureimage.securedataimages.com
securessl-dt.com
tinyurl.com
www.google.com
www.gstatic.com
138.68.53.103
13.35.253.89
138.197.209.244
152.195.39.54
159.89.130.11
173.201.19.8
2606:4700:10::6814:db2a
2a00:1450:4001:818::2004
2a00:1450:4001:825::2003
2a03:2880:f11c:8084:face:b00c:0:14c9
2a05:d018:483:6110:ba7:3746:52fb:9d08
2a05:d018:483:6130:5cc5:c974:7f81:d960
69.165.107.69
015fe962df53b7f6a4231284d31aa11609d6463009f1afdd47a06c7f55e04d4b
0656e31f937c84b92ee59415843eaa04596239d7c41cf0b225b4d75914979bb0
114a294368276c218c04e7cf76e2da09be5ee3ee7f3be58f0dfe60d4a26319e4
16ea0cf66d51efdbbc2a62b11ab0419fa72fb3320844f1d0d710480245ac9925
27ef5733a377f55419b5a9854f675a7eef9b05930b3bcc14b4ed540dcf668777
2e13c81b72149f2c283af34a580549a93253723a4c7986b1956ecf17df67eeb7
337418b74b2d22a5d37accf33b419b340bde788790b22559ac8f1ded7bd0dbf0
34b5c968d98debe3277fcd2500c19ca85602b6b51fed7af67a3d09be129face3
372656ae430a21dc405b724790192812c94762dae1a3963b2eb0225d58ea18bd
3f91c15321585951dca7ea7d3cd8e4094d13cc38c60276d825f4eace48b40fe4
44f1a303e8502e0fcf57b025665f33cff69e46cde4f492b027ca389f1980fda1
50170e33483a2169e81f019c330374f04ebf7e83d1245e33e90032baa3af0deb
5298f89562c47283a8c6376d44f9eda96a88e3af04c53266b45170a014f47cd4
55428871fa81f764d7531da31f9142e6c442b64f2331c1e00f342591f226398d
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
620e619ded934a055977b264c22d8d72785d257ef83a681cf97d0f4d200097c0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69eb50b1f6517c94b03588866cc93caa26b179ea9a6be71cd9e101a130b14794
6bd35621c051004fe89d67aa68c182c3e3333a3d0b460c88cc973f10612586b3
7162c60379d8b55e015bed43670e8fcc61edafd0664e023853258cc6452513ad
7238f8a3e5352dcf1fa3301e213ffdfcc151e99eaa37bc147e4d874bbec87fed
770ffd8a4ea59351ec4e060225609b886993f7593d3605e9596f45c42c28e367
80ed96bf4dafae173a96c54a5bd144333989c7b5535350acb1e58767f3c6d785
89197a57dce409de3f81564d87e98abc70cca5a9c3b06c0b03109ec67d15bbb8
8a94fd43071c1926a919f7ad71aff1e8837fcebd76021d7538e2ec23a32c7638
916dd2ec445600150afe352921902e820e6dfe7e31225374012ecdb35843ec6d
9269e7f570e9134b8e3768b51559f8ada8a031dbc97d73b6f886206207c07430
9a34c43cae7a2caa28759a0585313de3e011429cba7a10bd264fa457e39a531f
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a7af83c6d6395cd1d4cf76497a0fca86c8703f61795080628f61fee469de1071
ab1039ea5e388184cc3f8ba3f6d859a41f895a38718c301f9608e2660e67099b
b198c76e8205ba82cb73ee495b4e61005c4eeda13f556a3344c84a462d1448fd
b5d0983b0bcea1e4ffbe5bcb321a80a2f2ec0ffccd943d69bf4bd5d578782b46
bbd4b513c97799edf609afbc42a558adc62e1523a8ccd07c5efdca6e44d7578b
cd62745022588dc3c991f147a83209f2e94c459c764a807f516eb81ca5e3d09e
cf754a8a21ba95128421d288d45076307bc650b670313d420483257bb47ab216
d09144a35393f5c7764a664b032f0f0afad3d2a250f93cace2539609147aec4c
d19df6ed746c6b6a59a27ed21a6cf740b453df855b50ff7b8991aa7b5513f05d
d5ead0fc996030f6c20447cb7c0228847a693acc7de48c0bbb49767162a0e93f
d8db549eeb91eeae7871e05e95f892de6e59e4103c28e74507f6b626d2ff04a0
d940c34c618e4b6f639af5ecfe7b75e02333da2b89dd597fe327baba5e49929a
da24ada20d567263ea2ba0742c24b98efc7ae7e072f54575c8f9553aeb5af848
dcb0df37448c42b78d6fec9d3839b7e60f57138d4e018b23233c04f9608afe04
e13e0198fa4443bba5b93be82c86b70fd050621305a76f903d743cea1f42d95c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54ca966beb079904fd0f6f9ec09d02334069669cf2baf0798b05cfc84ee3bd1
ed9724b06fc4afe65650445f714bc9497a0d73bd7dcc0efd2b264a06cac8a88f
f44afb3e3e0a4d5f209a1bfdba5fbe61e383f34780bea7136621bb8477f637b7
f518c2e1ce8bb89e40db04524081e3ddaec31075014e666d7d9dd37e66e5efe7
fcd98efd67c3f8b9c7bca7fbe96c932b516a8f9db8c9c2ba9f8fa05e2806d382