ameliadreams.com
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://ameliadreams.com/landing2?s1=ad_imi&s2=jhzam66c8d10a0004fe1a&s3=195527&s4=&s5=1875289&lbcid=13b2b032-c759-40c8-89...
Submission: On August 23 via api from US — Scanned from GB
Summary
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time ameliadreams.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2600:9000:276... 2600:9000:2761:a800:1a:f87b:5c40:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2600:9000:206... 2600:9000:206f:2400:18:5acc:a800:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.51.27.131 52.51.27.131 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 52.19.138.177 52.19.138.177 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::19 | 60068 (CDN77 _) (CDN77 _) | |
4 11 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
4 | 95.211.229.248 95.211.229.248 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
2 | 95.211.229.246 95.211.229.246 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
45 | 10 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-27-131.eu-west-1.compute.amazonaws.com
www.lucky2funs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-138-177.eu-west-1.compute.amazonaws.com
www.meeyoudate.net |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net
s.magsrv.com | |
s.orbsrv.com | |
s.pemsrv.com | |
s.zlinkl.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
s.opoxv.com | |
syndication.realsrv.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
ameliadreams.com
ameliadreams.com |
481 KB |
8 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 6787 |
4 KB |
4 |
matchjunkie.com
matchjunkie.com |
6 KB |
3 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2503 |
72 KB |
2 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508 |
41 KB |
2 |
svntrk.com
svntrk.com — Cisco Umbrella Rank: 521461 |
4 KB |
2 |
lucky2funs.com
www.lucky2funs.com |
611 B |
2 |
find-me-fuck.com
2 redirects
find-me-fuck.com |
1 KB |
1 |
zlinkl.com
s.zlinkl.com |
249 B |
1 |
realsrv.com
syndication.realsrv.com — Cisco Umbrella Rank: 20443 |
249 B |
1 |
pemsrv.com
s.pemsrv.com — Cisco Umbrella Rank: 13209 |
249 B |
1 |
orbsrv.com
s.orbsrv.com — Cisco Umbrella Rank: 6665 |
249 B |
1 |
opoxv.com
s.opoxv.com — Cisco Umbrella Rank: 28027 |
249 B |
1 |
magsrv.com
s.magsrv.com — Cisco Umbrella Rank: 6506 |
249 B |
1 |
exoclick.com
a.exoclick.com — Cisco Umbrella Rank: 46003 |
971 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 |
7 KB |
1 |
meeyoudate.net
1 redirects
www.meeyoudate.net |
766 B |
1 |
lovrsfun.com
1 redirects
www.lovrsfun.com |
1 KB |
0 |
google.com
Failed
accounts.google.com — Cisco Umbrella Rank: 46 Failed lh3.google.com Failed |
|
0 |
facebook.com
Failed
www.facebook.com Failed |
|
0 |
instagram.com
Failed
www.instagram.com Failed |
|
45 | 21 |
Domain | Requested by | |
---|---|---|
15 | ameliadreams.com |
ameliadreams.com
|
8 | mc.yandex.com |
3 redirects
ameliadreams.com
mc.yandex.ru |
4 | matchjunkie.com |
www.lucky2funs.com
matchjunkie.com |
3 | mc.yandex.ru |
1 redirects
ameliadreams.com
|
2 | stackpath.bootstrapcdn.com |
ameliadreams.com
|
2 | svntrk.com |
matchjunkie.com
ameliadreams.com |
2 | www.lucky2funs.com |
www.lucky2funs.com
|
2 | find-me-fuck.com | 2 redirects |
1 | s.zlinkl.com |
ameliadreams.com
|
1 | syndication.realsrv.com |
ameliadreams.com
|
1 | s.pemsrv.com |
ameliadreams.com
|
1 | s.orbsrv.com |
ameliadreams.com
|
1 | s.opoxv.com |
ameliadreams.com
|
1 | s.magsrv.com |
ameliadreams.com
|
1 | a.exoclick.com |
ameliadreams.com
|
1 | cdnjs.cloudflare.com |
ameliadreams.com
|
1 | www.meeyoudate.net | 1 redirects |
1 | www.lovrsfun.com | 1 redirects |
0 | lh3.google.com Failed |
ameliadreams.com
|
0 | accounts.google.com Failed |
ameliadreams.com
|
0 | www.facebook.com Failed |
ameliadreams.com
|
0 | www.instagram.com Failed |
ameliadreams.com
|
45 | 22 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.lucky2funs.com R10 |
2024-06-13 - 2024-09-11 |
3 months | crt.sh |
matchjunkie.com WE1 |
2024-08-21 - 2024-11-19 |
3 months | crt.sh |
svntrk.com Cloudflare Inc ECC CA-3 |
2023-12-28 - 2024-12-27 |
a year | crt.sh |
ameliadreams.com WE1 |
2024-07-29 - 2024-10-27 |
3 months | crt.sh |
bootstrapcdn.com WE1 |
2024-07-23 - 2024-10-21 |
3 months | crt.sh |
cdnjs.cloudflare.com WE1 |
2024-07-31 - 2024-10-29 |
3 months | crt.sh |
exoclick.com E5 |
2024-07-22 - 2024-10-20 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2024-05-23 - 2024-11-02 |
5 months | crt.sh |
magsrv.com E5 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
opoxv.com E5 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
orbsrv.com E5 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
pemsrv.com E5 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
realsrv.com E6 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
zlinkl.com E5 |
2024-08-12 - 2024-11-10 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://ameliadreams.com/landing2?s1=ad_imi&s2=jhzam66c8d10a0004fe1a&s3=195527&s4=&s5=1875289&lbcid=13b2b032-c759-40c8-8939-e7396a01ce9d-8-0824&lb=1&bt=2&oid=6773&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Frame ID: 8405E4B608FCF9AD5A4CC903BC281DF0
Requests: 44 HTTP requests in this frame
Frame:
https://mc.yandex.com/metrika/metrika_match.html
Frame ID: A29D587B4F31B357E75B505F1DBE5871
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Amelia DreamsPage URL History Show full URLs
-
http://find-me-fuck.com/tds/tg/s/b31d1eb6a5e8e34bdc3ce432010938e8?__t=1724242391537&__l=3600&__c=dc3...
HTTP 307
https://find-me-fuck.com/tds/tg/s/b31d1eb6a5e8e34bdc3ce432010938e8?__t=1724242391537&__l=3600&__c=dc3... HTTP 302
https://find-me-fuck.com/res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_camp... HTTP 302
https://www.lovrsfun.com/c/8d2358ea43d0439d?s1=36_all_ng&s2=RE_ENTRY_JUMP&s3=&s4=&s5=&s6=&s7=&s8=&utm... HTTP 302
https://www.lucky2funs.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cubHVja3kyZnVucy5jb20=&data=aHR0... Page URL
- https://www.lucky2funs.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cubHVja3kyZnVucy5jb20=&data=aHR0... Page URL
-
https://www.meeyoudate.net/?click_id=unobu66c8d108000658cc&j1=1&j9=1&s1=195527&s2=1875289&s3=&s5=&utm_s...
HTTP 302
https://matchjunkie.com/dc?s1=ad_imi&oid=63192_63191&s2=jhzam66c8d10a0004fe1a&s3=195527&s5=1875289&lb=1 Page URL
- https://ameliadreams.com/landing2?s1=ad_imi&s2=jhzam66c8d10a0004fe1a&s3=195527&s4=&s5=1875289&lbcid=1... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Laravel (Web Frameworks) Expand
Detected patterns
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Popper (Miscellaneous) Expand
Detected patterns
- <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
- /popper\.js/([0-9.]+)
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://find-me-fuck.com/tds/tg/s/b31d1eb6a5e8e34bdc3ce432010938e8?__t=1724242391537&__l=3600&__c=dc33e0b78e77244e9f74a7950f9fba139f9d4c04
HTTP 307
https://find-me-fuck.com/tds/tg/s/b31d1eb6a5e8e34bdc3ce432010938e8?__t=1724242391537&__l=3600&__c=dc33e0b78e77244e9f74a7950f9fba139f9d4c04 HTTP 302
https://find-me-fuck.com/res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=RE_ENTRY_JUMP HTTP 302
https://www.lovrsfun.com/c/8d2358ea43d0439d?s1=36_all_ng&s2=RE_ENTRY_JUMP&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= HTTP 302
https://www.lucky2funs.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cubHVja3kyZnVucy5jb20=&data=aHR0cHM6Ly93d3cubWVleW91ZGF0ZS5uZXQvP2NsaWNrX2lkPXVub2J1NjZjOGQxMDgwMDA2NThjYyZqMT0xJmo5PTEmczE9MTk1NTI3JnMyPTE4NzUyODkmczM9JnM1PSZ1dG1fc291cmNlPWUyOTA1ZjU1ZWMzYTU2OGI=&action=action_tmp Page URL
- https://www.lucky2funs.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cubHVja3kyZnVucy5jb20=&data=aHR0cHM6Ly93d3cubWVleW91ZGF0ZS5uZXQvP2NsaWNrX2lkPXVub2J1NjZjOGQxMDgwMDA2NThjYyZqMT0xJmo5PTEmczE9MTk1NTI3JnMyPTE4NzUyODkmczM9JnM1PSZ1dG1fc291cmNlPWUyOTA1ZjU1ZWMzYTU2OGI=&action=action_final Page URL
-
https://www.meeyoudate.net/?click_id=unobu66c8d108000658cc&j1=1&j9=1&s1=195527&s2=1875289&s3=&s5=&utm_source=e2905f55ec3a568b
HTTP 302
https://matchjunkie.com/dc?s1=ad_imi&oid=63192_63191&s2=jhzam66c8d10a0004fe1a&s3=195527&s5=1875289&lb=1 Page URL
- https://ameliadreams.com/landing2?s1=ad_imi&s2=jhzam66c8d10a0004fe1a&s3=195527&s4=&s5=1875289&lbcid=13b2b032-c759-40c8-8939-e7396a01ce9d-8-0824&lb=1&bt=2&oid=6773&r=&ph=cd810224654353ec4af47cf4fc09b718&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ== Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://find-me-fuck.com/tds/tg/s/b31d1eb6a5e8e34bdc3ce432010938e8?__t=1724242391537&__l=3600&__c=dc33e0b78e77244e9f74a7950f9fba139f9d4c04 HTTP 307
- https://find-me-fuck.com/tds/tg/s/b31d1eb6a5e8e34bdc3ce432010938e8?__t=1724242391537&__l=3600&__c=dc33e0b78e77244e9f74a7950f9fba139f9d4c04 HTTP 302
- https://find-me-fuck.com/res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=RE_ENTRY_JUMP HTTP 302
- https://www.lovrsfun.com/c/8d2358ea43d0439d?s1=36_all_ng&s2=RE_ENTRY_JUMP&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= HTTP 302
- https://www.lucky2funs.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cubHVja3kyZnVucy5jb20=&data=aHR0cHM6Ly93d3cubWVleW91ZGF0ZS5uZXQvP2NsaWNrX2lkPXVub2J1NjZjOGQxMDgwMDA2NThjYyZqMT0xJmo5PTEmczE9MTk1NTI3JnMyPTE4NzUyODkmczM9JnM1PSZ1dG1fc291cmNlPWUyOTA1ZjU1ZWMzYTU2OGI=&action=action_tmp
- https://www.meeyoudate.net/?click_id=unobu66c8d108000658cc&j1=1&j9=1&s1=195527&s2=1875289&s3=&s5=&utm_source=e2905f55ec3a568b HTTP 302
- https://matchjunkie.com/dc?s1=ad_imi&oid=63192_63191&s2=jhzam66c8d10a0004fe1a&s3=195527&s5=1875289&lb=1
- https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=de&service=youtube HTTP 302
- https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=de&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3rEQ3mu89WawAc0Y1OFR7j3Pp3AADZVSw9RktqDLILQFvino8-UnUYRV1jrRUqwOmT6YtPS HTTP 302
- https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&ifkv=Ab5oB3ohzkC1MqAX952pZyBId1hTSBeYQUTxlSw4tsW3297vaG-4VQIAkPskkM3kjV4C3FfthoAq&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1479300409%3A1724436750094945&ddm=0
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10470.16w64zLg0EjvDD3TV8g3Hfxa5DBq3tRqiQZR_hq1eaLUhhl9DAKPGpilXlODinBW.hktEwMNJnnBLMf1_VFcfwCBv80k%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10470.PuiAs9V3LsA2rVWLyT41xOWv5OYOS39HILfGB2ypGbJg9fl8dTYcDxIqsKBqoGW90LnMvYpcXyiWb-OjCCL1BsyqWFdBiUoiyoRu7eaDo1kQuAULye-MhzwL4gOUPyjOHtSZArTXnzdTDDN6OuuokxlnX9n717VYXML5_bIdHzBXQNTWpCvi5Nkyy-xdFMyZ10IPErg8CKH8zVeK3VP7UjnlRnl1oBskvxaTJzjQd8g%2C.nBO1CKmdlth9KaVcPxIMwSozPsI%2C HTTP 302
- https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10470.b4P2phXHftMUlwjkrw-Wn-Ksww36cJpjrmn7rUHNgVWVwj5qjMFPtQM8vbDtxadnsPfToqKKUFfogAhVVB3_8FPSWXtvXFP4c8GroEo-3BeZrJ8SKT8A-OzJ5BnG-llkwal-4s5qOUL-EBOtDAqX8SSNJiHy3BR8WAwl25J7XA3I_WI4YjFPrW0s_RNY1dRp7eKxfL5YuhGXjFdYiRY-7Q%2C%2C.vKhbiWv0B_cDcFhKJ5R04cVe37I%2C
- https://mc.yandex.com/watch/54294354?wmode=7&page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_imi%26s2%3Djhzam66c8d10a0004fe1a%26s3%3D195527%26s4%3D%26s5%3D1875289%26lbcid%3D13b2b032-c759-40c8-8939-e7396a01ce9d-8-0824%26lb%3D1%26bt%3D2%26oid%3D6773%26r%3D%26ph%3Dcd810224654353ec4af47cf4fc09b718%26vd%3DeyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ%3D%3D&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A563496991179%3Ahid%3A935705855%3Az%3A60%3Ai%3A20240823191230%3Aet%3A1724436750%3Ac%3A1%3Arn%3A30729286%3Arqn%3A1%3Au%3A1724436750122141856%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1573%3Awv%3A2%3Ads%3A13%2C115%2C313%2C5%2C83%2C0%2C%2C1275%2C1%2C%2C%2C%2C1811%3Aco%3A0%3Acpf%3A1%3Ans%3A1724436748289%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724436751%3At%3AAmelia%20Dreams&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
- https://mc.yandex.com/watch/54294354/1?wmode=7&page-url=https%3A%2F%2Fameliadreams.com%2Flanding2%3Fs1%3Dad_imi%26s2%3Djhzam66c8d10a0004fe1a%26s3%3D195527%26s4%3D%26s5%3D1875289%26lbcid%3D13b2b032-c759-40c8-8939-e7396a01ce9d-8-0824%26lb%3D1%26bt%3D2%26oid%3D6773%26r%3D%26ph%3Dcd810224654353ec4af47cf4fc09b718%26vd%3DeyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ%3D%3D&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A563496991179%3Ahid%3A935705855%3Az%3A60%3Ai%3A20240823191230%3Aet%3A1724436750%3Ac%3A1%3Arn%3A30729286%3Arqn%3A1%3Au%3A1724436750122141856%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1573%3Awv%3A2%3Ads%3A13%2C115%2C313%2C5%2C83%2C0%2C%2C1275%2C1%2C%2C%2C%2C1811%3Aco%3A0%3Acpf%3A1%3Ans%3A1724436748289%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724436751%3At%3AAmelia%20Dreams&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
index
www.lucky2funs.com/redirect/ Redirect Chain
|
299 B 374 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index
www.lucky2funs.com/redirect/ |
163 B 237 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dc
matchjunkie.com/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d2e.css
matchjunkie.com/web/fp/ |
683 B 766 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d2e.js
matchjunkie.com/web/fp/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics_d2e_land.js
svntrk.com/assets/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
landing2
ameliadreams.com/ |
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
matchjunkie.com/ |
3 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ |
138 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
ameliadreams.com/bk/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
ameliadreams.com/ameliadreams_com/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
svntrk.com/assets/ |
69 B 613 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
girls_2.png
ameliadreams.com/ameliadreams_com/img/ |
269 KB 270 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pusher_mk2c.js
ameliadreams.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.3.1.min.js
ameliadreams.com/bk/js/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common.js
ameliadreams.com/ameliadreams_com/js/ |
50 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fingerprint.v3.js
ameliadreams.com/bk/js/ |
40 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ui-tools.js
ameliadreams.com/bk/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
landing2-general.js
ameliadreams.com/bk/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag_gen.js
a.exoclick.com/ |
907 B 971 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
202 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header_bg-top_414.svg
ameliadreams.com/ameliadreams_com/img/bg/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirNextCyr-Light.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/ |
45 KB 45 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirNextCyr-Demi.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/ |
39 KB 40 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirNextCyr-Regular.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/ |
39 KB 40 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.instagram.com/accounts/login/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
login.php
www.facebook.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
s.magsrv.com/ |
0 249 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
s.opoxv.com/ |
0 249 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
s.orbsrv.com/ |
0 249 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
s.pemsrv.com/ |
0 249 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
syndication.realsrv.com/ |
0 249 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
s.zlinkl.com/ |
0 249 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_finish
mc.yandex.ru/ Redirect Chain
|
43 B 582 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 571 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrika_match.html
mc.yandex.com/metrika/ Frame A29D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/54294354/ Redirect Chain
|
622 B 799 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1
mc.yandex.com/watch/54294354/ |
43 B 86 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
lh3.google.com/u/0/d/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
like.php
www.facebook.com/v14.0/plugins/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-32x32.png
ameliadreams.com/ameliadreams_com/ |
933 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
54294354
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.instagram.com
- URL
- https://www.instagram.com/accounts/login/?next=%2Ffavicon.ico
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
- Domain
- accounts.google.com
- URL
- https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&ifkv=Ab5oB3ohzkC1MqAX952pZyBId1hTSBeYQUTxlSw4tsW3297vaG-4VQIAkPskkM3kjV4C3FfthoAq&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1479300409%3A1724436750094945&ddm=0
- Domain
- lh3.google.com
- URL
- https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/v14.0/plugins/like.php
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| svntrk function| ym object| yaParams function| $ function| jQuery function| Popper object| bootstrap object| webpackChunk string| domainId object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| fpDataCallback function| fpErrorCallback object| Ya object| yaCounter5429435439 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.lovrsfun.com/ | Name: unique_id Value: 66c8d1080002071a |
|
www.lovrsfun.com/ | Name: unique_id2 Value: 66c8d10800020f9f |
|
www.lovrsfun.com/ | Name: tid Value: unobu66c8d108000658cc |
|
www.meeyoudate.net/ | Name: unique_id Value: 66c8d10a00079dc0 |
|
www.meeyoudate.net/ | Name: unique_id2 Value: 66c8d10a0009645b |
|
www.meeyoudate.net/ | Name: 66c8d10a0009645b_c Value: 1 |
|
www.meeyoudate.net/ | Name: ref_token Value: 195527 |
|
www.meeyoudate.net/ | Name: tid Value: jhzam66c8d10a0004fe1a |
|
matchjunkie.com/ | Name: SRVNAME Value: s8 |
|
ameliadreams.com/ | Name: cid Value: eyJpdiI6IlhmK05QUnJVWDZIVDZ0NkhHRTVDUWc9PSIsInZhbHVlIjoiVldcL043WGhQc2pOdnFzQ1wvajJsZ3laNEFlT0NwM1kxWXF6XC9jQXhHZ1dzOD0iLCJtYWMiOiI0NTc0OTEyN2MwMDgzYjE0MTJhNzlkZGEzMGJkMGI3NDMxZjQ2YWQyZTQwZTNlM2YyZTAxMmQyMDlhNjQ5MGU2In0%3D |
|
ameliadreams.com/ | Name: pubid Value: eyJpdiI6IjB0aERBVGowNTNaeTZUTlwvR3gyQVhnPT0iLCJ2YWx1ZSI6ImJCOVJKTk15MXZrd1hJZm1hcEplVnc9PSIsIm1hYyI6IjM0MGY5MWQzMDc0ZmJhYzJmMDcwNzc1ZjgzZTZjY2RkZWU2NDllMjliMTZmZDk0NzhjYTQzNzE4M2I1OTAyNmUifQ%3D%3D |
|
ameliadreams.com/ | Name: subid Value: eyJpdiI6IkhSbEtVdDF3djZmMUdtb1ZaMGRsTHc9PSIsInZhbHVlIjoiak12cVlPaG1RXC9DMjFlZ2I2cG5BUnc9PSIsIm1hYyI6ImVmNzIwMDc2ODU2MTQyMDg3NDQ5MDhkMDM2MjEzMTVmMTBhOTFiYmUxMWRlNGIxMTBkZGFkNWRhOGM2NmI5ZDMifQ%3D%3D |
|
ameliadreams.com/ | Name: bt Value: eyJpdiI6IkN0amlcL0RIblB1THpjUTBjaHlXcVlRPT0iLCJ2YWx1ZSI6ImRhT0FaYkpnU0NKclllWVB4ZDNOWHc9PSIsIm1hYyI6IjI5M2Q5NGQzMDAxOWViNjk0NTFlOGZmYjFjYWJiZjg3ZmU3NWFkMWY1NTMwZjQ1Y2FkMzUyNDA1NWFhMTExZGYifQ%3D%3D |
|
ameliadreams.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Im02djFHcDcyWFh3b2Y3UUZ5a0szaFE9PSIsInZhbHVlIjoiVVhoMVVuSVJGdHYzQ1hwK1VKcFBJMTdqM1FobUc5aStjVDZtYTZDelJvUlh2T3ZSZXQxSlBpT0RoRk52aGJYU1wvcnkrVlJaMDF5U2Jic2U0QUxsNDF3PT0iLCJtYWMiOiJlZWZmZWIwYTY5NmE1MTE4MDJhNzhjYTljYzI0NWNhMGM5ZGFiMzViZGM3YWEyZDlkOTk5MTRjZDM4Yjk5NzQxIn0%3D |
|
ameliadreams.com/ | Name: laravel_session Value: eyJpdiI6IkU0NG42K1l1T0c0SGIzRGE3eU1VOUE9PSIsInZhbHVlIjoiOXlYZW16SXM3cE4xS3AzNXBIcStlckFGN29BR29rT3dpaHVmb2NpZkRVb1JKaFM0eUtZNmV5d1hNKzQydXlLYVwvWWJcL0cyb0dteHpieDlmdEFzOEpKUT09IiwibWFjIjoiOGViZDMwYmZiNmI3NDY4MDgwNGE5NzIxN2RhNzM5MWZiZmI0ZTBmMTg4NmNkZjgzZjVkYWYwMWYzMmMxNzIxZCJ9 |
|
svntrk.com/ | Name: scktrk Value: 66c8d10d4bf6f-8-0824 |
|
.yandex.ru/ | Name: yashr Value: 818880391724436750 |
|
.ameliadreams.com/ | Name: _ym_uid Value: 1724436750122141856 |
|
.ameliadreams.com/ | Name: _ym_d Value: 1724436750 |
|
.instagram.com/ | Name: csrftoken Value: BCWenKE0qPa_VX8d90oVJt |
|
.instagram.com/ | Name: mid Value: ZsjRDgAEAAGoWiYdxgfXW2YcekFw |
|
.yandex.com/ | Name: i Value: pu8ULAqn4B52C74An+xfVJ4FAZHB5f1Wae6vu1FThFiZG6JwpbfrkataKtnOjSnAHpORyNy9uCfVxM0MK3wYUcqY5Gw= |
|
.yandex.com/ | Name: yandexuid Value: 3659042821724436750 |
|
.yandex.com/ | Name: yashr Value: 4301200161724436750 |
|
.ameliadreams.com/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 4070992486fake |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 192931254fake |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
.yandex.ru/ | Name: yandexuid Value: 3659042821724436750 |
|
.yandex.ru/ | Name: yuidss Value: 3659042821724436750 |
|
.yandex.ru/ | Name: i Value: pu8ULAqn4B52C74An+xfVJ4FAZHB5f1Wae6vu1FThFiZG6JwpbfrkataKtnOjSnAHpORyNy9uCfVxM0MK3wYUcqY5Gw= |
|
.yandex.ru/ | Name: yp Value: 1724523150.yu.3241131311724436750 |
|
.yandex.ru/ | Name: ymex Value: 1727028750.oyu.3241131311724436750 |
|
mc.yandex.com/ | Name: yabs-sid Value: 1728951351724436751 |
|
.yandex.com/ | Name: yuidss Value: 3659042821724436750 |
|
.yandex.com/ | Name: ymex Value: 1755972751.yrts.1724436751 |
|
.yandex.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.yandex.com/ | Name: bh Value: KgI/MGCPoqO2Bg== |
|
.ameliadreams.com/ | Name: _ym_visorc Value: w |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.exoclick.com
accounts.google.com
ameliadreams.com
cdnjs.cloudflare.com
find-me-fuck.com
lh3.google.com
matchjunkie.com
mc.yandex.com
mc.yandex.ru
s.magsrv.com
s.opoxv.com
s.orbsrv.com
s.pemsrv.com
s.zlinkl.com
stackpath.bootstrapcdn.com
svntrk.com
syndication.realsrv.com
www.facebook.com
www.instagram.com
www.lovrsfun.com
www.lucky2funs.com
www.meeyoudate.net
accounts.google.com
lh3.google.com
www.facebook.com
www.instagram.com
2600:9000:206f:2400:18:5acc:a800:93a1
2600:9000:2761:a800:1a:f87b:5c40:93a1
2606:4700::6811:190e
2606:4700::6812:acf
2a02:6b8::1:119
2a02:6ea0:c700::19
2a06:98c1:3120::3
2a06:98c1:3121::3
52.19.138.177
52.51.27.131
95.211.229.246
95.211.229.248
106918f7267c18102f7270b82dd573f01a69db5eeb34d37e542d2477daf1e109
12c25868c5f2853f4fbae7cf69f7d83082866617ce96d1ef187442e92e629934
24c87ef89f254219bd365bcac1254142c686179fa5640518a599e91b6e42259d
2bd0c32a9060f83adb3ea39315141ad9c7938af07487fcc895eac051c9b1f3a5
3780240c03de6cec689901ffffe2eba7a73a965c3a24e5ab765712590fd1e076
44efd89690d4d6fe1bd29f6568cdcd0b44fb51ddc70338e0b7057da6ff00689c
4e3976265156b8204882301d6e40a2b86e4263f2a412fa15e2da6e47d578a14a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b6580bed80935dc1351b552efeca8900f4e07bf491308c365492392503de24d
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cb970e569b4778009455be4a931b2c66162991d5903cd2798e7d07446479ac3
81e494909ea24d8abae3e69daf5d234db9c07110693b83497824411f390572f8
849c5158c08ab45286d86b4e3de9030f72d2b1933323b1acc20bcffffffdcb87
8514199e92346d6d1ab27f38cffc8d7ea96fa1eb8956f8bb778f4c54af8bbfb6
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
c262530cf2fd714f731f6087d69a4c0a5fb20180503e55e72f3dfb84b59c50ed
d138c2ea5b228e5262212c66815d06d103de70734a33da9d4c4c316b9822d119
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
dda3844966c9b0eda858080ea0d1729a493505e9815e2cf64a087af7fcdf36dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73419dd79caad8096c4322975710d6619df2f0299dc8f727790cf6df78e8483
ee37f82814fabb514179cb03a04df494d8791d4ab44fa0332bf3e0853730fbcf
f43daeb9d19325d6023864ea8f78e0b21b8e0620c650c77da90b367110ae1735
f62b239efd34a37eb6053564e2cb17c1f63b95edbcffee6496d87e4879e86221
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e