urlscan.io logo urlscan.io
SecurityTrails logo

www.cfnmcam.com Open in urlscan Pro
99.192.201.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cucktube.com/
Effective URL: http://www.cfnmcam.com/
Submission: On December 12 via manual from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 21 HTTP transactions. The main IP is 99.192.201.50, located in United States and belongs to MOJOHOST, US. The main domain is www.cfnmcam.com.
This is the only time www.cfnmcam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 99.192.201.50 27589 (MOJOHOST)
3 93.93.51.191 34655 (DOCLER-AS)
4 216.177.153.5 40015 (MOVECLICKLLC)
4 93.93.51.200 34655 (DOCLER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:9c40::4a... 34655 (DOCLER-AS)
1 93.93.51.225 34655 (DOCLER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
21 9
4    99.192.201.50 (United States)

ASN27589 (MOJOHOST, US)
PTR: cs3758.mojohost.com
cucktube.com
www.cfnmcam.com
3    93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
awecre.com
pt.cdwmpt.com
4    216.177.153.5 (Arlington, United States)

ASN40015 (MOVECLICKLLC, US)
PTR: d200594r.m3xs.net
www.thickcash.com
4    93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
pt-static4.ptwmstcnt.com
pt-static5.ptwmstcnt.com
pt-static1.ptwmstcnt.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a03:9c40::4a53:0:0:190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
galleryn13.vcmdiawe.com
galleryn11.vcmdiawe.com
1    93.93.51.225 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
api-protected.protoawegw.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
4 ptwmstcnt.com
pt-static4.ptwmstcnt.com — Cisco Umbrella Rank: 138781
pt-static5.ptwmstcnt.com — Cisco Umbrella Rank: 185630
pt-static1.ptwmstcnt.com — Cisco Umbrella Rank: 162730
126 KB
4 thickcash.com
www.thickcash.com
2 MB
3 vcmdiawe.com
galleryn13.vcmdiawe.com — Cisco Umbrella Rank: 386904
galleryn11.vcmdiawe.com — Cisco Umbrella Rank: 383103
3 MB
3 cfnmcam.com
www.cfnmcam.com
70 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
159 KB
2 cdwmpt.com
pt.cdwmpt.com — Cisco Umbrella Rank: 186776
7 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 protoawegw.com
api-protected.protoawegw.com — Cisco Umbrella Rank: 45102
1 KB
1 awecre.com
awecre.com — Cisco Umbrella Rank: 710526
6 KB
1 cucktube.com
cucktube.com
246 B
21 10
Domain Requested by
4 www.thickcash.com www.cfnmcam.com
www.thickcash.com
3 www.cfnmcam.com www.cfnmcam.com
2 galleryn11.vcmdiawe.com pt.cdwmpt.com
2 www.googletagmanager.com pt.cdwmpt.com
www.googletagmanager.com
2 pt-static1.ptwmstcnt.com pt.cdwmpt.com
2 pt.cdwmpt.com awecre.com
1 www.google-analytics.com www.googletagmanager.com
1 api-protected.protoawegw.com pt-static1.ptwmstcnt.com
1 galleryn13.vcmdiawe.com pt.cdwmpt.com
1 pt-static5.ptwmstcnt.com pt.cdwmpt.com
1 pt-static4.ptwmstcnt.com pt.cdwmpt.com
1 awecre.com www.cfnmcam.com
1 cucktube.com 1 redirects
21 13
Subject Issuer Validity Valid
thickcash.com
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://www.cfnmcam.com/
Frame ID: 91F3BAE03BEDD4C56F641BAC177D8575
Requests: 4 HTTP requests in this frame

Frame: https://www.thickcash.com/iframe_content/video_banners/shereacts/index.php?siteLink=https://join.shereacts.com/track/MTkxNzUwOC4xLjIwLjU2LjAuOTA0MC4wLjAuMA
Frame ID: D98859AFD9611E22ADEA6FB9A7A7A432
Requests: 4 HTTP requests in this frame

Frame: http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Frame ID: 3DF3D57D6830FBDAD0A3C42BE388C737
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

cfnm - cfnm cam - cfnm cams - cfnm webcams - cfnm chat - live cfnm

Page URL History Show full URLs

  1. http://cucktube.com/ HTTP 301
    http://www.cfnmcam.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

33 %
HTTPS

38 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

5237 kB
Transfer

5966 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cucktube.com/ HTTP 301
    http://www.cfnmcam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cfnmcam.com/
Redirect Chain
  • http://cucktube.com/
  • http://www.cfnmcam.com/
15 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.cfnmcam.com/
Protocol
HTTP/1.1
Server
99.192.201.50 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS
cs3758.mojohost.com
Software
Apache/2 /
Resource Hash
35840d4c0861f3fdbc91be3af3cbeb33a3ec06d35adbdcd67b03e650faa1fa82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3330
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 08:00:15 GMT
Keep-Alive
timeout=2, max=100
Server
Apache/2
Vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
231
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 12 Dec 2023 08:00:10 GMT
Keep-Alive
timeout=2, max=100
Location
http://www.cfnmcam.com/
Server
Apache/2
logo-cfnmcam-02.png
www.cfnmcam.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.cfnmcam.com/images/logo-cfnmcam-02.png
Requested by
Host: www.cfnmcam.com
URL: http://www.cfnmcam.com/
Protocol
HTTP/1.1
Server
99.192.201.50 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS
cs3758.mojohost.com
Software
Apache/2 /
Resource Hash
09920abf98251f353131549fcdca6f2a7de3c6f1a83a75b6c9bd59ee350180ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cfnmcam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 08:00:15 GMT
Last-Modified
Wed, 13 Dec 2017 22:02:41 GMT
Server
Apache/2
ETag
"105b-5603fed1f2240"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
4187
fk
awecre.com/embed/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://awecre.com/embed/fk?c=object_container&site=jasmin&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&category=girl&vp[showChat]=true&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&ms_notrack=1&subAffId={SUBAFFID}
Requested by
Host: www.cfnmcam.com
URL: http://www.cfnmcam.com/
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
45ac6e7f989835a486cfc602d88f34cc557c6f088c22792fb04651f1fb075c3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cfnmcam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 08:00:15 GMT
Server
unknown
X-Cache-Status
R-MISS
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
X-UD-Id
5lsQz/lbs
Connection
keep-alive
wow-pics02.jpg
www.cfnmcam.com/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.cfnmcam.com/images/wow-pics02.jpg
Requested by
Host: www.cfnmcam.com
URL: http://www.cfnmcam.com/
Protocol
HTTP/1.1
Server
99.192.201.50 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS
cs3758.mojohost.com
Software
Apache/2 /
Resource Hash
a4cc0cff24d4f3421e3973f7365ab993fc01cb49975bc63316bcec36926b7085

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cfnmcam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 08:00:15 GMT
Last-Modified
Sat, 21 Apr 2012 15:38:29 GMT
Server
Apache/2
ETag
"f60c-4be3232564740"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
62988
index.php
www.thickcash.com/iframe_content/video_banners/shereacts/ Frame D988 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thickcash.com/iframe_content/video_banners/shereacts/index.php?siteLink=https://join.shereacts.com/track/MTkxNzUwOC4xLjIwLjU2LjAuOTA0MC4wLjAuMA
Requested by
Host: www.cfnmcam.com
URL: http://www.cfnmcam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.177.153.5 Arlington, United States, ASN40015 (MOVECLICKLLC, US),
Reverse DNS
d200594r.m3xs.net
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
ddc3f37e5e7e15653b89e2c90dc537a507b95b2234429d80fd78e66e41d2bbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
http://www.cfnmcam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
744
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 08:00:16 GMT
Expires
Tue, 19 Dec 2023 08:00:16 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.6 (CentOS)
Strict-Transport-Security
max-age=15768000; includeSubDomains
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/7.3.33
frame1.jpg
www.thickcash.com/iframe_content/video_banners/shereacts/ Frame D988 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thickcash.com/iframe_content/video_banners/shereacts/frame1.jpg
Requested by
Host: www.thickcash.com
URL: https://www.thickcash.com/iframe_content/video_banners/shereacts/index.php?siteLink=https://join.shereacts.com/track/MTkxNzUwOC4xLjIwLjU2LjAuOTA0MC4wLjAuMA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.177.153.5 Arlington, United States, ASN40015 (MOVECLICKLLC, US),
Reverse DNS
d200594r.m3xs.net
Software
Apache/2.4.6 (CentOS) /
Resource Hash
1e24773c7301c3d2eb2bd82896ceeb12fa41f3328d76d88da2cc350096a80580
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thickcash.com/iframe_content/video_banners/shereacts/index.php?siteLink=https://join.shereacts.com/track/MTkxNzUwOC4xLjIwLjU2LjAuOTA0MC4wLjAuMA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 08:00:16 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Last-Modified
Sat, 16 Jul 2022 06:12:25 GMT
Server
Apache/2.4.6 (CentOS)
Vary
User-Agent,Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
47980
Expires
Thu, 11 Jan 2024 08:00:16 GMT
mix2_4.mp4
www.thickcash.com/iframe_content/video_banners/shereacts/ Frame D988 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.thickcash.com/iframe_content/video_banners/shereacts/mix2_4.mp4
Requested by
Host: www.thickcash.com
URL: https://www.thickcash.com/iframe_content/video_banners/shereacts/index.php?siteLink=https://join.shereacts.com/track/MTkxNzUwOC4xLjIwLjU2LjAuOTA0MC4wLjAuMA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.177.153.5 Arlington, United States, ASN40015 (MOVECLICKLLC, US),
Reverse DNS
d200594r.m3xs.net
Software
Apache/2.4.6 (CentOS) /
Resource Hash
3683bef35b06831cff8492d32c51ed1d0c17b6553429af8cedc40979536ce876
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://www.thickcash.com/iframe_content/video_banners/shereacts/index.php?siteLink=https://join.shereacts.com/track/MTkxNzUwOC4xLjIwLjU2LjAuOTA0MC4wLjAuMA
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 12 Dec 2023 08:00:16 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Last-Modified
Sat, 16 Jul 2022 05:36:11 GMT
Server
Apache/2.4.6 (CentOS)
Vary
User-Agent,Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 0-2194236/2194237
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2194237
Expires
Tue, 19 Dec 2023 08:00:16 GMT
sr300x250.png
www.thickcash.com/iframe_content/video_banners/logos/ Frame D988 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thickcash.com/iframe_content/video_banners/logos/sr300x250.png
Requested by
Host: www.thickcash.com
URL: https://www.thickcash.com/iframe_content/video_banners/shereacts/index.php?siteLink=https://join.shereacts.com/track/MTkxNzUwOC4xLjIwLjU2LjAuOTA0MC4wLjAuMA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.177.153.5 Arlington, United States, ASN40015 (MOVECLICKLLC, US),
Reverse DNS
d200594r.m3xs.net
Software
Apache/2.4.6 (CentOS) /
Resource Hash
0c2dbf3e97b32aef74674463f05539358eebe33bd7100ed2e649ba31027197ca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thickcash.com/iframe_content/video_banners/shereacts/index.php?siteLink=https://join.shereacts.com/track/MTkxNzUwOC4xLjIwLjU2LjAuOTA0MC4wLjAuMA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 08:00:16 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Last-Modified
Sat, 16 Jul 2022 05:45:41 GMT
Server
Apache/2.4.6 (CentOS)
Vary
User-Agent,Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5437
Expires
Thu, 11 Jan 2024 08:00:16 GMT
/
pt.cdwmpt.com/live-feed/fk/ Frame 3DF3 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Requested by
Host: awecre.com
URL: http://awecre.com/embed/fk?c=object_container&site=jasmin&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&category=girl&vp[showChat]=true&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&ms_notrack=1&subAffId={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
720a02c8792bf34dfcfaa019cb5b631b5166910b500d654dfe86fb8610786a2f

Request headers

Referer
http://www.cfnmcam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 08:00:17 GMT
Server
unknown
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-Status
R-MISS
X-UD-Id
yxs2J/BBg
di.min-v835469.js
pt-static4.ptwmstcnt.com/npe/_common/script/incognito/ Frame 3DF3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static4.ptwmstcnt.com/npe/_common/script/incognito/di.min-v835469.js
Requested by
Host: pt.cdwmpt.com
URL: http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Tue, 12 Dec 2023 08:00:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 12:04:16 GMT
Server
unknown
ETag
W/"6576fac0-d47"
X-Cache-Status
R-HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 26 Dec 2023 08:00:17 GMT
advertisement-v835469.js
pt-static5.ptwmstcnt.com/npe/_common/script/adblock/ Frame 3DF3 		21 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static5.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v835469.js
Requested by
Host: pt.cdwmpt.com
URL: http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Tue, 12 Dec 2023 08:00:17 GMT
Last-Modified
Mon, 11 Dec 2023 12:04:16 GMT
Server
unknown
ETag
"6576fac0-15"
X-Cache-Status
R-HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21
Expires
Tue, 26 Dec 2023 08:00:17 GMT
fk.lf-v835469.js
pt-static1.ptwmstcnt.com/npe/ba/fklf/script/ Frame 3DF3 		322 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static1.ptwmstcnt.com/npe/ba/fklf/script/fk.lf-v835469.js
Requested by
Host: pt.cdwmpt.com
URL: http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
dae9f986a42a799d6f9e7421eaf7389ad627c69c29aa6a0d720148f9d49aacff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Tue, 12 Dec 2023 08:00:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 12:04:16 GMT
Server
unknown
ETag
W/"6576fac0-507c8"
X-Cache-Status
R-HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 26 Dec 2023 08:00:17 GMT
gtm.js
www.googletagmanager.com/ Frame 3DF3 		230 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Requested by
Host: pt.cdwmpt.com
URL: http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68c39a3154ccb993fc1475a708b58720f8cfac607ccd19db31aadc42df4c25b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:00:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78651
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 08:00:17 GMT
smilies_ex.png
pt-static1.ptwmstcnt.com/npe/image/ Frame 3DF3 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt-static1.ptwmstcnt.com/npe/image/smilies_ex.png
Requested by
Host: pt.cdwmpt.com
URL: http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Tue, 12 Dec 2023 08:00:17 GMT
Last-Modified
Wed, 18 Oct 2023 10:23:04 GMT
Server
unknown
ETag
"652fb208-2155"
X-Cache-Status
R-HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8533
Expires
Tue, 26 Dec 2023 08:00:17 GMT
b8b1067c1be0d055f2003ff28bd1b1d5_glamour_896x504.jpg
galleryn13.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame 3DF3 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://galleryn13.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1b/b8b1067c1be0d055f2003ff28bd1b1d5_glamour_896x504.jpg
Requested by
Host: pt.cdwmpt.com
URL: http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Protocol
HTTP/1.1
Server
2a03:9c40::4a53:0:0:190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
5891f639229ff440b30d9ffc6f56561bb08003ffc45ff14b03d61e82c58e7164
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 08:00:17 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
R-HIT
X-Cache-Source
Origin
Connection
keep-alive
Content-Length
100777
X-Cdn-Node
defra
Last-Modified
Fri, 29 Sep 2023 09:06:17 GMT
Server
unknown
ETag
"c3f9a0c4015b04a12b4e414e615f505c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Cache-Control
max-age=1209600
X-Real-Source
-
Accept-Ranges
bytes
Expires
Tue, 26 Dec 2023 08:00:17 GMT
70eb90f972c32c611bd3aefaff5fb27c.mp4
galleryn11.vcmdiawe.com/f8d2e11bd6c43618af00d6f28c91232a17/ Frame 3DF3 		161 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
http://galleryn11.vcmdiawe.com/f8d2e11bd6c43618af00d6f28c91232a17/70eb90f972c32c611bd3aefaff5fb27c.mp4?pstool=319_1&psid=freecfnm&hi=353b124b86548fb75dfdf25e85f00a0c
Requested by
Host: pt.cdwmpt.com
URL: http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
Protocol
HTTP/1.1
Server
2a03:9c40::4a53:0:0:190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pt.cdwmpt.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 12 Dec 2023 08:00:17 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
R-HIT
X-Cache-Source
Origin
Content-Range
bytes 0-2775311/2775312
Connection
keep-alive
Content-Length
2775312
X-Cdn-Node
defra
Last-Modified
Fri, 14 Jul 2023 07:55:06 GMT
Server
unknown
ETag
"dc27bcb6f9524eafc16f9ec622d2e1bb"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Cache-Control
max-age=1209600
X-Real-Source
-
Expires
Tue, 26 Dec 2023 08:00:17 GMT
truncated
/ Frame 3DF3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
get
api-protected.protoawegw.com/v2/player/performer/ Frame 3DF3 		906 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&hotDeal=0&preVipShow=0&ngs=1&pstool=319_1&psid=freecfnm&streamType=rtmp&category=girl&performerIds[]=b2a260c0-b73e-4e8c-93ba-543a84cb46bd
Requested by
Host: pt-static1.ptwmstcnt.com
URL: http://pt-static1.ptwmstcnt.com/npe/ba/fklf/script/fk.lf-v835469.js
Protocol
HTTP/1.1
Server
93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
f81af413c92fc720b3fd9d4aaf726f9f12a3c3e5a512eef7e87f6cf2aa70a2b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 08:00:18 GMT
Content-Encoding
gzip
Server
unknown
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
js
www.googletagmanager.com/gtag/ Frame 3DF3 		234 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b006cf2351ba4742d1a0630b59d1403d31ea14f96fcbae331106b128eeefcc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:00:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83281
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 08:00:17 GMT
analytics.js
www.google-analytics.com/ Frame 3DF3 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 07:48:14 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
723
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 09:48:14 GMT
BBg.gif
pt.cdwmpt.com/yxs2J/ Frame 3DF3 		43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt.cdwmpt.com/yxs2J/BBg.gif?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com&im=0
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://pt.cdwmpt.com/live-feed/fk/?c=object_container&site=jsm&cobrandId=&psid=freecfnm&pstool=319_1&psprogram=revs&campaign_id=26126&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=true&vp%5BshowPerformerStatus%5D=true&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=www.cfnmcam.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 08:00:17 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
unknown
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 12 Dec 2023 08:00:16 GMT
70eb90f972c32c611bd3aefaff5fb27c.mp4
galleryn11.vcmdiawe.com/f8d2e11bd6c43618af00d6f28c91232a17/ Frame 3DF3 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
http://galleryn11.vcmdiawe.com/f8d2e11bd6c43618af00d6f28c91232a17/70eb90f972c32c611bd3aefaff5fb27c.mp4?pstool=319_1&psid=freecfnm&hi=353b124b86548fb75dfdf25e85f00a0c
Protocol
HTTP/1.1
Server
2a03:9c40::4a53:0:0:190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
bf01ad2f5fb794d45580031e32a21800a271288b05f2285f22434c2c94dc026b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pt.cdwmpt.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=163840-

Response headers

Date
Tue, 12 Dec 2023 08:00:17 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
R-HIT
X-Cache-Source
Origin
Content-Range
bytes 163840-2775311/2775312
Connection
keep-alive
Content-Length
2611472
X-Cdn-Node
defra
Last-Modified
Fri, 14 Jul 2023 07:55:06 GMT
Server
unknown
ETag
"dc27bcb6f9524eafc16f9ec622d2e1bb"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Cache-Control
max-age=1209600
X-Real-Source
-
Expires
Tue, 26 Dec 2023 08:00:17 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| aweConfig object| ptFocusTool object| ptFocusToolNew function| ptInitFakePromoPlayer

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-protected.protoawegw.com
awecre.com
cucktube.com
galleryn11.vcmdiawe.com
galleryn13.vcmdiawe.com
pt-static1.ptwmstcnt.com
pt-static4.ptwmstcnt.com
pt-static5.ptwmstcnt.com
pt.cdwmpt.com
www.cfnmcam.com
www.google-analytics.com
www.googletagmanager.com
www.thickcash.com
216.177.153.5
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::200e
2a03:9c40::4a53:0:0:190
93.93.51.191
93.93.51.200
93.93.51.225
99.192.201.50
09920abf98251f353131549fcdca6f2a7de3c6f1a83a75b6c9bd59ee350180ec
0b006cf2351ba4742d1a0630b59d1403d31ea14f96fcbae331106b128eeefcc2
0c2dbf3e97b32aef74674463f05539358eebe33bd7100ed2e649ba31027197ca
1e24773c7301c3d2eb2bd82896ceeb12fa41f3328d76d88da2cc350096a80580
35840d4c0861f3fdbc91be3af3cbeb33a3ec06d35adbdcd67b03e650faa1fa82
3683bef35b06831cff8492d32c51ed1d0c17b6553429af8cedc40979536ce876
45ac6e7f989835a486cfc602d88f34cc557c6f088c22792fb04651f1fb075c3d
5891f639229ff440b30d9ffc6f56561bb08003ffc45ff14b03d61e82c58e7164
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
68c39a3154ccb993fc1475a708b58720f8cfac607ccd19db31aadc42df4c25b0
720a02c8792bf34dfcfaa019cb5b631b5166910b500d654dfe86fb8610786a2f
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
a4cc0cff24d4f3421e3973f7365ab993fc01cb49975bc63316bcec36926b7085
bf01ad2f5fb794d45580031e32a21800a271288b05f2285f22434c2c94dc026b
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dae9f986a42a799d6f9e7421eaf7389ad627c69c29aa6a0d720148f9d49aacff
ddc3f37e5e7e15653b89e2c90dc537a507b95b2234429d80fd78e66e41d2bbcd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
f81af413c92fc720b3fd9d4aaf726f9f12a3c3e5a512eef7e87f6cf2aa70a2b5