urlscan.io logo urlscan.io
SecurityTrails logo

efraudsters.com Open in urlscan Pro
93.188.122.246  Public Scan

Go To Rescan Add Verdict Report
URL: https://efraudsters.com/us/fraudsters/4389687856/
Submission: On August 01 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 18 HTTP transactions. The main IP is 93.188.122.246, located in Moscow, Russian Federation and belongs to MIFRIL-AS Import/Export changes, RU. The main domain is efraudsters.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 31st 2018. Valid for: 3 months.
This is the only time efraudsters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 93.188.122.246 44999 (MIFRIL-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.193 39134 (UNITEDNET)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 172.217.22.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 10
6    93.188.122.246 (Moscow, Russian Federation)

ASN44999 (MIFRIL-AS Import/Export changes, RU)
PTR: ns.solovov.ru
efraudsters.com
2    2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.de
1    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    88.212.201.193 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host193.rax.ru
counter.yadro.ru
1    2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:400c:c00::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    172.217.22.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:814::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
Domain Requested by
6 efraudsters.com efraudsters.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 counter.yadro.ru 1 redirects efraudsters.com
2 www.google-analytics.com 1 redirects efraudsters.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 stats.g.doubleclick.net efraudsters.com
1 fonts.gstatic.com efraudsters.com
1 fonts.googleapis.com efraudsters.com
1 www.googletagservices.com efraudsters.com
18 11

This site contains links to these domains. Also see Links.

Domain
www.yiiframework.com
Subject Issuer Validity Valid
efraudsters.com
Let's Encrypt Authority X3		 2018-07-31 -
2018-10-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://efraudsters.com/us/fraudsters/4389687856/
Frame ID: 1A48E79698035BBFD4EF12509EB4D48F
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • env /^Hammer$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

18
Requests

33 %
HTTPS

70 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

411 kB
Transfer

872 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//efraudsters.com/us/fraudsters/4389687856/;0.9114328833729555 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//efraudsters.com/us/fraudsters/4389687856/;0.9114328833729555
Request Chain 10
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=508539862&t=pageview&_s=1&dl=https%3A%2F%2Fefraudsters.com%2Fus%2Ffraudsters%2F4389687856%2F&ul=en-us&de=UTF-8&dt=4389687856%20%2F%20%2B1%20438-968-7856%20-%20Fraudster.%208%20reports&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=36489655&gjid=908973740&cid=1027809516.1533145902&tid=UA-93108527-1&_gid=899785246.1533145902&_r=1&z=1342050314 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-93108527-1&cid=1027809516.1533145902&jid=36489655&_gid=899785246.1533145902&gjid=908973740&_v=j68&z=1342050314

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
efraudsters.com/us/fraudsters/4389687856/ 		53 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://efraudsters.com/us/fraudsters/4389687856/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.188.122.246 Moscow, Russian Federation, ASN44999 (MIFRIL-AS Import/Export changes, RU),
Reverse DNS
ns.solovov.ru
Software
Apache / PHP/7.1.11
Resource Hash
302891575e3a62823b814678e3a6dab05a7f29a42ada94524c61817635b8aaf2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
efraudsters.com
:scheme
https
:path
/us/fraudsters/4389687856/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
1A48E79698035BBFD4EF12509EB4D48F

Response headers

status
200
date
Wed, 01 Aug 2018 17:52:05 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
x-frame-options
DENY
x-content-type-options
nosniff
x-powered-by
PHP/7.1.11
set-cookie
advanced-frontend=5d757590de17a574519319d0eb3c9436; path=/; HttpOnly _csrf-frontend=647eae559a3007e9790556a21ae0f9acc4c58cc80ea94341f89a6ad73fffc341a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22Tn4As8TwtQ-IIdbQjw2i-fV-VX3d7Ynf%22%3B%7D; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-length
12479
content-type
text/html; charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
SPDY
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d27366f3c007b3b07059ff401c9b040fa32aa355ed7cfbb321acb076b5145d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 17:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"6 / 263 of 1000 / last-modified: 1533045705"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7848
x-xss-protection
1; mode=block
expires
Wed, 01 Aug 2018 17:51:42 GMT
brand.png
efraudsters.com/statics/site/images/ 		882 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://efraudsters.com/statics/site/images/brand.png
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.188.122.246 Moscow, Russian Federation, ASN44999 (MIFRIL-AS Import/Export changes, RU),
Reverse DNS
ns.solovov.ru
Software
Apache /
Resource Hash
9d4ad8831b1c44c5e791049e4ac069bb12f3dc751b036f0e2b539eb01f40dd12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/statics/site/images/brand.png
pragma
no-cache
cookie
advanced-frontend=5d757590de17a574519319d0eb3c9436; _csrf-frontend=647eae559a3007e9790556a21ae0f9acc4c58cc80ea94341f89a6ad73fffc341a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22Tn4As8TwtQ-IIdbQjw2i-fV-VX3d7Ynf%22%3B%7D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
efraudsters.com
referer
https://efraudsters.com/us/fraudsters/4389687856/
:scheme
https
:method
GET
Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 17:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Jan 2017 07:17:06 GMT
server
Apache
x-frame-options
DENY
content-type
image/png
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
892
expires
Fri, 31 Aug 2018 17:52:05 GMT
icon
fonts.googleapis.com/ 		574 B
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
SPDY
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
967b9d7c7fef6464831e9a2e7cccb9fec48692f5ba9ef2b7e03ecc0645c46970
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
gzip
last-modified
Wed, 01 Aug 2018 17:51:41 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 01 Aug 2018 17:51:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 01 Aug 2018 17:51:41 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
SPDY
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3174
date
Wed, 01 Aug 2018 16:58:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Wed, 01 Aug 2018 18:58:48 GMT
953630bde459f11e1487f90f12e2054e.js
efraudsters.com/minify/ 		347 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://efraudsters.com/minify/953630bde459f11e1487f90f12e2054e.js
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.188.122.246 Moscow, Russian Federation, ASN44999 (MIFRIL-AS Import/Export changes, RU),
Reverse DNS
ns.solovov.ru
Software
Apache /
Resource Hash
9d4616c43839ae53c9b3cf36488c457e0ff0f3fd4d0ae6b9f7d1efe21fa4acae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/minify/953630bde459f11e1487f90f12e2054e.js
pragma
no-cache
cookie
advanced-frontend=5d757590de17a574519319d0eb3c9436; _csrf-frontend=647eae559a3007e9790556a21ae0f9acc4c58cc80ea94341f89a6ad73fffc341a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22Tn4As8TwtQ-IIdbQjw2i-fV-VX3d7Ynf%22%3B%7D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
efraudsters.com
referer
https://efraudsters.com/us/fraudsters/4389687856/
:scheme
https
:method
GET
Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 17:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 18:13:35 GMT
server
Apache
x-frame-options
DENY
content-type
application/javascript
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
expires
Wed, 01 Aug 2018 18:52:05 GMT
Roboto-Light.woff2
efraudsters.com/fonts/roboto/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://efraudsters.com/fonts/roboto/Roboto-Light.woff2
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.188.122.246 Moscow, Russian Federation, ASN44999 (MIFRIL-AS Import/Export changes, RU),
Reverse DNS
ns.solovov.ru
Software
Apache /
Resource Hash
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/fonts/roboto/Roboto-Light.woff2
pragma
no-cache
cookie
advanced-frontend=5d757590de17a574519319d0eb3c9436; _csrf-frontend=647eae559a3007e9790556a21ae0f9acc4c58cc80ea94341f89a6ad73fffc341a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22Tn4As8TwtQ-IIdbQjw2i-fV-VX3d7Ynf%22%3B%7D
origin
https://efraudsters.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
efraudsters.com
referer
https://efraudsters.com/us/fraudsters/4389687856/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://efraudsters.com/us/fraudsters/4389687856/
Origin
https://efraudsters.com

Response headers

date
Wed, 01 Aug 2018 17:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2016 16:13:23 GMT
server
Apache
etag
"c0e4-5441950bd2ec0-gzip"
x-frame-options
DENY
content-type
application/x-font-woff
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
49397
expires
Thu, 01 Aug 2019 17:52:05 GMT
Roboto-Regular.woff2
efraudsters.com/fonts/roboto/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://efraudsters.com/fonts/roboto/Roboto-Regular.woff2
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.188.122.246 Moscow, Russian Federation, ASN44999 (MIFRIL-AS Import/Export changes, RU),
Reverse DNS
ns.solovov.ru
Software
Apache /
Resource Hash
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/fonts/roboto/Roboto-Regular.woff2
pragma
no-cache
cookie
advanced-frontend=5d757590de17a574519319d0eb3c9436; _csrf-frontend=647eae559a3007e9790556a21ae0f9acc4c58cc80ea94341f89a6ad73fffc341a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22Tn4As8TwtQ-IIdbQjw2i-fV-VX3d7Ynf%22%3B%7D
origin
https://efraudsters.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
efraudsters.com
referer
https://efraudsters.com/us/fraudsters/4389687856/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://efraudsters.com/us/fraudsters/4389687856/
Origin
https://efraudsters.com

Response headers

date
Wed, 01 Aug 2018 17:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2016 16:13:23 GMT
server
Apache
etag
"c054-5441950bd2ec0-gzip"
x-frame-options
DENY
content-type
application/x-font-woff
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
49255
expires
Thu, 01 Aug 2019 17:52:05 GMT
Roboto-Medium.woff2
efraudsters.com/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://efraudsters.com/fonts/roboto/Roboto-Medium.woff2
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.188.122.246 Moscow, Russian Federation, ASN44999 (MIFRIL-AS Import/Export changes, RU),
Reverse DNS
ns.solovov.ru
Software
Apache /
Resource Hash
1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/fonts/roboto/Roboto-Medium.woff2
pragma
no-cache
cookie
advanced-frontend=5d757590de17a574519319d0eb3c9436; _csrf-frontend=647eae559a3007e9790556a21ae0f9acc4c58cc80ea94341f89a6ad73fffc341a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22Tn4As8TwtQ-IIdbQjw2i-fV-VX3d7Ynf%22%3B%7D
origin
https://efraudsters.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
efraudsters.com
referer
https://efraudsters.com/us/fraudsters/4389687856/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://efraudsters.com/us/fraudsters/4389687856/
Origin
https://efraudsters.com

Response headers

date
Wed, 01 Aug 2018 17:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2016 16:13:23 GMT
server
Apache
etag
"c430-5441950bd2ec0-gzip"
x-frame-options
DENY
content-type
application/x-font-woff
status
200
cache-control
max-age=2592000, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
50223
expires
Thu, 01 Aug 2019 17:52:05 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//efraudsters.com/us/fraudsters/4389687856/;0.9114328833729555
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//efraudsters.com/us/fraudsters/4389687856/;0.9114328833729555
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//efraudsters.com/us/fraudsters/4389687856/;0.9114328833729555
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
HTTP/1.1
Server
88.212.201.193 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host193.rax.ru
Software
nginx/1.11.1 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Aug 2018 17:51:42 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jul 2017 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Aug 2018 17:51:42 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//efraudsters.com/us/fraudsters/4389687856/;0.9114328833729555
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Mon, 31 Jul 2017 21:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v38/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v38/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
SPDY
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9710a5e2fe3c35051e4ec21086644b4b59c457bbd5a8a5ac8fc377f829090373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/icon?family=Material+Icons
Origin
https://efraudsters.com

Response headers

date
Thu, 12 Jul 2018 21:11:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 May 2018 20:36:37 GMT
server
sffe
age
1716024
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
49168
x-xss-protection
1; mode=block
expires
Fri, 12 Jul 2019 21:11:18 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=508539862&t=pageview&_s=1&dl=https%3A%2F%2Fefraudsters.com%2Fus%2Ffraudsters%2F4389687856%2F&ul=en-us&de=UTF-8&dt=4389687856%20%2F%20%2B1%204...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-93108527-1&cid=1027809516.1533145902&jid=36489655&_gid=899785246.1533145902&gjid=908973740&_v=j68&z=1342050314
35 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-93108527-1&cid=1027809516.1533145902&jid=36489655&_gid=899785246.1533145902&gjid=908973740&_v=j68&z=1342050314
Requested by
Host: efraudsters.com
URL: https://efraudsters.com/us/fraudsters/4389687856/
Protocol
SPDY
Server
2a00:1450:400c:c00::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 01 Aug 2018 17:51:42 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Aug 2018 17:51:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-93108527-1&cid=1027809516.1533145902&jid=36489655&_gid=899785246.1533145902&gjid=908973740&_v=j68&z=1342050314
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=efraudsters.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Aug 2018 17:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=efraudsters.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Aug 2018 17:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_235.js
securepubads.g.doubleclick.net/gpt/ 		179 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
sffe /
Resource Hash
5618d2ea6cde29cc1d3c435d908b962a2e14111af849e234a7bba77ba2a7c79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 17:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Jul 2018 14:55:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
62989
x-xss-protection
1; mode=block
expires
Wed, 01 Aug 2018 17:51:42 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		725 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1626475139756669&correlator=3291975411415326&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061864%2C21061743&vrg=235&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=2078479%2CTop%2CRight_Menu&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C336x280%7C300x250%7C250x250%7C240x400%7C320x50&cookie_enabled=1&bc=7&abxe=1&lmt=1533145902&dt=1533145902150&frm=20&biw=1585&bih=1200&oid=3&adxs=211%2C1059&adys=270%2C789&adks=4079419650%2C2208358988&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fefraudsters.com%2Fus%2Ffraudsters%2F4389687856%2F&dssz=14&icsg=746&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=868x90%7C411x316&msz=845x90%7C375x280&ga_vid=1027809516.1533145902&ga_sid=1533145902&ga_hid=508539862
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
cafe /
Resource Hash
2ce8e034fa4a180d5c4e517ea41580d27b27fec39c5e4a765f5ec049fcaba649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://efraudsters.com/us/fraudsters/4389687856/
Origin
https://efraudsters.com

Response headers

date
Wed, 01 Aug 2018 17:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
364
x-xss-protection
1; mode=block
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://efraudsters.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_235.js
securepubads.g.doubleclick.net/gpt/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_235.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
sffe /
Resource Hash
21e105e01591b5b04ef09d2e63dd1dbbd39b41bc45dd029f6f1ef2cd79a637bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 17:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Jul 2018 14:55:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16416
x-xss-protection
1; mode=block
expires
Wed, 01 Aug 2018 17:51:42 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Protocol
SPDY
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://efraudsters.com/us/fraudsters/4389687856/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires
Fri, 19 Jul 2019 09:15:13 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
content-type
text/html

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| voteCount_3544401 string| voteCount_6663900 string| voteCount_6663332 string| voteCount_3544400 string| voteCount_3544399 object| googletag object| gptAdSlots string| GoogleAnalyticsObject function| ga string| dfLoadFiles function| refreshSlot number| nextSlotId function| initDfp function| generateNextSlotName function| infiniteDFP function| performDeferredActions object| gaplugins object| gaGlobal object| gaData object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming object| closure_memoize_cache_ undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| initVoteModule function| updateVoteCounters function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension function| jQuery function| Vel function| $ object| skrollr object| yii function| Hammer object| Materialize object| Waves function| Picker function| validate_field

5 Cookies

Domain/Path Name / Value
.efraudsters.com/ Name: _gat
Value: 1
.efraudsters.com/ Name: _gid
Value: GA1.2.899785246.1533145902
.efraudsters.com/ Name: _ga
Value: GA1.2.1027809516.1533145902
efraudsters.com/ Name: _csrf-frontend
Value: 647eae559a3007e9790556a21ae0f9acc4c58cc80ea94341f89a6ad73fffc341a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22Tn4As8TwtQ-IIdbQjw2i-fV-VX3d7Ynf%22%3B%7D
efraudsters.com/ Name: advanced-frontend
Value: 5d757590de17a574519319d0eb3c9436

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
counter.yadro.ru
efraudsters.com
fonts.googleapis.com
fonts.gstatic.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
172.217.22.98
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2001
2a00:1450:4001:814::2002
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81d::200e
2a00:1450:400c:c00::9a
88.212.201.193
93.188.122.246
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d
21e105e01591b5b04ef09d2e63dd1dbbd39b41bc45dd029f6f1ef2cd79a637bf
2ce8e034fa4a180d5c4e517ea41580d27b27fec39c5e4a765f5ec049fcaba649
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
302891575e3a62823b814678e3a6dab05a7f29a42ada94524c61817635b8aaf2
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
5618d2ea6cde29cc1d3c435d908b962a2e14111af849e234a7bba77ba2a7c79f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
967b9d7c7fef6464831e9a2e7cccb9fec48692f5ba9ef2b7e03ecc0645c46970
9710a5e2fe3c35051e4ec21086644b4b59c457bbd5a8a5ac8fc377f829090373
9d4616c43839ae53c9b3cf36488c457e0ff0f3fd4d0ae6b9f7d1efe21fa4acae
9d4ad8831b1c44c5e791049e4ac069bb12f3dc751b036f0e2b539eb01f40dd12
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
d27366f3c007b3b07059ff401c9b040fa32aa355ed7cfbb321acb076b5145d18