urlscan.io logo urlscan.io
SecurityTrails logo

yisparoturm.com Open in urlscan Pro
185.32.28.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ffm.link/8gb4_news_pdfl
Effective URL: https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=6555b442a3d4990001aa6892
Submission: On November 16 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 29 HTTP transactions. The main IP is 185.32.28.133, located in Spain and belongs to AS_ADAM Adam Datacenter, ES. The main domain is yisparoturm.com.
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.
This is the only time yisparoturm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35.84.60.121 16509 (AMAZON-02)
17 99.86.229.5 16509 (AMAZON-02)
1 142.251.163.155 15169 (GOOGLE)
3 35.160.190.133 16509 (AMAZON-02)
1 35.186.245.55 15169 (GOOGLE)
1 1 64.227.23.114 14061 (DIGITALOC...)
2 67.212.184.147 32475 (SINGLEHOP...)
2 3 51.68.85.158 16276 (OVH)
1 1 34.147.1.177 396982 (GOOGLE-CL...)
2 185.32.28.133 15699 (AS_ADAM A...)
29 8
2    35.84.60.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-60-121.us-west-2.compute.amazonaws.com
ffm.link
17    99.86.229.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-5.iad79.r.cloudfront.net
fast-cdn.ffm.to
1    142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
www.googleadservices.com
3    35.160.190.133 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-190-133.us-west-2.compute.amazonaws.com
api.ffm.to
1    35.186.245.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.245.186.35.bc.googleusercontent.com
mediumblueyellowishcomputeranimation--onlinenewstv.repl.co
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
byassets.com
2    67.212.184.147 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
my.contentrightnow.com
3    51.68.85.158 (France)

ASN16276 (OVH, FR)
www.tropbikewall.art
1    34.147.1.177 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com
admoustache.media-412.com
2    185.32.28.133 (Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
yisparoturm.com
Apex Domain
Subdomains		 Transfer
20 ffm.to
fast-cdn.ffm.to — Cisco Umbrella Rank: 191410
api.ffm.to — Cisco Umbrella Rank: 191936
240 KB
3 tropbikewall.art
www.tropbikewall.art
5 KB
2 yisparoturm.com
yisparoturm.com
9 KB
2 contentrightnow.com
my.contentrightnow.com
4 KB
2 ffm.link
ffm.link
14 KB
1 media-412.com
admoustache.media-412.com
299 B
1 byassets.com
byassets.com
292 B
1 repl.co
mediumblueyellowishcomputeranimation--onlinenewstv.repl.co
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
17 KB
29 9
Domain Requested by
17 fast-cdn.ffm.to ffm.link
fast-cdn.ffm.to
3 www.tropbikewall.art 2 redirects my.contentrightnow.com
3 api.ffm.to ffm.link
2 yisparoturm.com www.tropbikewall.art
yisparoturm.com
2 my.contentrightnow.com mediumblueyellowishcomputeranimation--onlinenewstv.repl.co
my.contentrightnow.com
2 ffm.link ffm.link
1 admoustache.media-412.com 1 redirects
1 byassets.com 1 redirects
1 mediumblueyellowishcomputeranimation--onlinenewstv.repl.co fast-cdn.ffm.to
1 www.googleadservices.com ffm.link
29 10

This site contains links to these domains. Also see Links.

Domain
d.harrelfetis.top
Subject Issuer Validity Valid
ffm.link
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
ffm.to
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-08		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
api.ffm.to
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
repl.co
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
my.contentrightnow.com
R3		 2023-09-25 -
2023-12-24		 3 months crt.sh
www.tropbikewall.art
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
yisparoturm.com
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=6555b442a3d4990001aa6892
Frame ID: EB1A75AE26C6BF50043169CC6DB23352
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Processing Download

Page URL History Show full URLs

  1. https://ffm.link/8gb4_news_pdfl Page URL
  2. https://mediumblueyellowishcomputeranimation--onlinenewstv.repl.co/?68b Page URL
  3. https://byassets.com/?k=055cdd205b913b8171f0d8da1a006036&type=mainstream&subtype=global HTTP 302
    https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  4. https://my.contentrightnow.com/proc.php?5f6322cf533aab6bc0bedd3906c6a70144b6ca12 Page URL
  5. https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website... Page URL
  6. https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website... HTTP 302
    https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000634be7013789e8d0e45957b95dd... HTTP 302
    https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=655... Page URL

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

290 kB
Transfer

841 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ffm.link/8gb4_news_pdfl Page URL
  2. https://mediumblueyellowishcomputeranimation--onlinenewstv.repl.co/?68b Page URL
  3. https://byassets.com/?k=055cdd205b913b8171f0d8da1a006036&type=mainstream&subtype=global HTTP 302
    https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  4. https://my.contentrightnow.com/proc.php?5f6322cf533aab6bc0bedd3906c6a70144b6ca12 Page URL
  5. https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400 Page URL
  6. https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400&eyeg=333930c872ecedf971d46b8d86864385&eyer=0.279382304146659&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
    https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400&eyeg=3&eyer=0.279382304146659&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000634be7013789e8d0e45957b95dd017ee1116-202311-flb*5706540-e4d07*M7301940562133778571*sl_5706540-e4d07*72a3a829e26846780a6bc16452e4405abc3cf49f*4400-f9befe9z*4400 HTTP 302
    https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=6555b442a3d4990001aa6892 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://byassets.com/?k=055cdd205b913b8171f0d8da1a006036&type=mainstream&subtype=global HTTP 302
  • https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
8gb4_news_pdfl
ffm.link/ 		58 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.84.60.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-60-121.us-west-2.compute.amazonaws.com
Software
openresty/1.15.8.1 /
Resource Hash
455f8b45b7758ef4ec122bc4c96442ec85cef555099f762bf14bb2232c4e6c90
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 06:18:40 GMT
etag
"e945-5MD9cL02f1lbJYy/jxFVRXhOr48"
server
openresty/1.15.8.1
strict-transport-security
max-age=15724800; includeSubDomains
vary
User-Agent, Accept-Encoding
global.css
ffm.link/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ffm.link/global.css
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.84.60.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-60-121.us-west-2.compute.amazonaws.com
Software
openresty/1.15.8.1 /
Resource Hash
c9c9b0ddec94d5aab7264c3ab7e1d62b8eadd352f400864eb466bce139eb22e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/8gb4_news_pdfl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:18:40 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 15 Nov 2023 08:52:13 GMT
server
openresty/1.15.8.1
etag
W/"3f67-18bd22e5248"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
5553025.modern.js
fast-cdn.ffm.to/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/5553025.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b5914f66111470dadc0f553eace366b0ae5c9fcd93ee5dcb40b93137859f6a97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 13:11:46 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
61615
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 13:07:47 GMT
server
openresty/1.15.8.1
etag
W/"ec5-18bd3184cb8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
LBJoEkvEDWZXnvQZgZtYfl2eDcCQ61jCu8ZtBwbYZAMv_8AjJMJe-w==
e8acf8c.modern.js
fast-cdn.ffm.to/ 		227 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/e8acf8c.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
cbd091e27bb7f472dd09df708b2c528a70ea283ec3a49837646dc2da3db8b716
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:32 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63369
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"38c75-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
U9pbjvnB_UvPWaZIqHkx2-S1vHjH-hWRAJi-YjO6jORmonfEUm_Vhw==
4ad7475.modern.js
fast-cdn.ffm.to/ 		99 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/4ad7475.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d8f223c5a2fa30d35d4e62c1d7b1c3a8453eaa963ca94a3cd7990d6f3199f9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:21 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63380
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"18cce-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
V2JXsX9Y7zjlwNN09bQMD-MhX3IjtVuSHJZR-ii7VGGyjQU1ttTmvw==
d598279.modern.js
fast-cdn.ffm.to/ 		145 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/d598279.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
13e4835f06d2cda264cc0d726d1bd400ac418756721e0477c9fc360dd8b9bcc9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:21 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63380
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"24239-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XHtChIHnuIkVkxC2e-_31Et_TRgc5NHS_q4iE4GK6Q0BGVvx8djblQ==
fbf0abd.modern.js
fast-cdn.ffm.to/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/fbf0abd.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
eb7511917d787a6641efea5fbc6f719793777cfc7a7eb0cc51f3143961d15d87
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:32 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63369
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"5112-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XDiaE9WTzoUOvqkyZRLIu2mHJ-S8EaBGxgzwBraVKywuQwbO0yOSkw==
878240d.modern.js
fast-cdn.ffm.to/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/878240d.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
43fb056aadc34d1848a24b891b6cd4364885ade4604dc8e6a89c9f93135d7d0f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:21 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63380
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"b260-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
u2tXVH2OWaKYtaPW-z17Uj6LD4YdNDa0W68sy0YiJAWbYjKz4z7yQw==
29a28f1.modern.js
fast-cdn.ffm.to/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/29a28f1.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
375010d3c55ef2363eb0833f2e8428fa1d735534f37452008c2084fa679dcab5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:34 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63367
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"2893-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5RwxzQ5zRrUkzhYKKEftCea3qlH5nPgRcon8v9GJgmg9y8IKUJ02_g==
a33b752.modern.js
fast-cdn.ffm.to/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/a33b752.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c6c6b2395621f7af1483b1fc75f928a27e864df3b6acd5ba28e93715deb43f76
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:09 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63392
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"671c-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Bv9ozntFNwC5G_PyCJJFge5c3jKEPiiFq_gFy4nympGxwA_XsF9S8w==
bdc27b6.modern.js
fast-cdn.ffm.to/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/bdc27b6.modern.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a5b20560363e9a38e6886594445f6d7b7d76424435ded5f9145f2f8e46b62c5f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ffm.link/
Origin
https://ffm.link
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:21 GMT
content-encoding
gzip
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63380
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"35ce-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Azu6aTT8QJNSEQ1TetCxqC2-xU_76Fu8_h3t4ePDUdZsgq-GD72r-A==
conversion_async.js
www.googleadservices.com/pagead/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
2e552c88ddd4ee672ea4af79ab72c95da85d51e34838da11b96f96345e5f6946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16830
x-xss-protection
0
server
cafe
etag
14653001893996929463
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 06:18:41 GMT
96fa12a190c00cc5c40b117d2f1f9b9a.svg
fast-cdn.ffm.to/ 		44 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast-cdn.ffm.to/96fa12a190c00cc5c40b117d2f1f9b9a.svg
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 01:07:00 GMT
content-encoding
gzip
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
1141901
x-cache
Hit from cloudfront
last-modified
Mon, 23 Oct 2023 18:52:58 GMT
server
openresty/1.15.8.1
etag
W/"b148-18b5de20f10"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
naywCAKWpSQw7eDKn9VY7dGir9KGCi0TAGKysCBiVE4IOzigcZ3naQ==
8gb4_news_pdfl
api.ffm.to/sl/e/i/ 		35 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.ffm.to/sl/e/i/8gb4_news_pdfl?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2IiwiYnJvd3NlciI6eyJuYW1lIjoiQ2hyb21lIiwidmVyc2lvbiI6IjExOS4wLjYwNDUuMTU5IiwibWFqb3IiOiIxMTkifSwiZW5naW5lIjp7Im5hbWUiOiJCbGluayIsInZlcnNpb24iOiIxMTkuMC42MDQ1LjE1OSJ9LCJvcyI6eyJuYW1lIjoiV2luZG93cyIsInZlcnNpb24iOiIxMCJ9LCJkZXZpY2UiOnt9LCJjcHUiOnsiYXJjaGl0ZWN0dXJlIjoiYW1kNjQifX0sImNsaWVudCI6eyJyaWQiOiI0MmRiMWYyZC0xZTZjLTRlNDItYmMyMC1lZjY2MjJmYmE4ZGIiLCJzaWQiOiIyY2YwZWNkMy01ODY5LTRmYzUtYTk1MC1jYzc2ZTg3YzY1MDciLCJpcCI6Ijg2LjQ4LjE1LjIwOCIsInJlZiI6IiIsImhvc3QiOiJmZm0ubGluayIsImxhbmciOiJlbi1DQSIsImlwQ291bnRyeSI6IkNBIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6IkNBIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2NTAxMDZmZDMzMDAwMDM5MDBkZjliZDEiLCJwcnYiOmZhbHNlLCJpc1ByZVIiOmZhbHNlLCJ0em8iOm51bGwsImNoIjpudWxsLCJhbiI6bnVsbCwiZGVzdFVybCI6Imh0dHBzOi8vbWVkaXVtYmx1ZXllbGxvd2lzaGNvbXB1dGVyYW5pbWF0aW9uLS1vbmxpbmVuZXdzdHYucmVwbC5jby8_NjhiIiwidmlkIjoiMGI0NjNmNDAtZmYxYy00ZmIxLTk4M2UtMzc3ZmYzNjM5MjdiIiwic3J2YyI6bnVsbCwicHJvZHVjdCI6InNtYXJ0bGluayIsInNob3J0SWQiOiI4Z2I0X25ld3NfcGRmbCIsImlzQXV0aG9yaXphdGlvblJlcXVpcmVkIjpmYWxzZSwib3duZXIiOiI2MWY1NTlkYjI0MDAwMDA5MDBjM2I2YTYiLCJhciI6IjYxZjU1YTE4MjQwMDAwYTE3NWY2Yjg1ZSIsImlzU2hvcnRMaW5rIjp0cnVlfQ
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.160.190.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-190-133.us-west-2.compute.amazonaws.com
Software
openresty/1.15.8.1 / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:18:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
server
openresty/1.15.8.1
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
vary
Origin
content-type
image/gif
cache-control
public, max-age=0
access-control-allow-credentials
true
content-length
35
8gb4_news_pdfl
api.ffm.to/sl/e/v/ 		35 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.ffm.to/sl/e/v/8gb4_news_pdfl?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2IiwiYnJvd3NlciI6eyJuYW1lIjoiQ2hyb21lIiwidmVyc2lvbiI6IjExOS4wLjYwNDUuMTU5IiwibWFqb3IiOiIxMTkifSwiZW5naW5lIjp7Im5hbWUiOiJCbGluayIsInZlcnNpb24iOiIxMTkuMC42MDQ1LjE1OSJ9LCJvcyI6eyJuYW1lIjoiV2luZG93cyIsInZlcnNpb24iOiIxMCJ9LCJkZXZpY2UiOnt9LCJjcHUiOnsiYXJjaGl0ZWN0dXJlIjoiYW1kNjQifX0sImNsaWVudCI6eyJyaWQiOiI0MmRiMWYyZC0xZTZjLTRlNDItYmMyMC1lZjY2MjJmYmE4ZGIiLCJzaWQiOiIyY2YwZWNkMy01ODY5LTRmYzUtYTk1MC1jYzc2ZTg3YzY1MDciLCJpcCI6Ijg2LjQ4LjE1LjIwOCIsInJlZiI6IiIsImhvc3QiOiJmZm0ubGluayIsImxhbmciOiJlbi1DQSIsImlwQ291bnRyeSI6IkNBIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6IkNBIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2NTAxMDZmZDMzMDAwMDM5MDBkZjliZDEiLCJwcnYiOmZhbHNlLCJpc1ByZVIiOmZhbHNlLCJ0em8iOm51bGwsImNoIjpudWxsLCJhbiI6bnVsbCwiZGVzdFVybCI6Imh0dHBzOi8vbWVkaXVtYmx1ZXllbGxvd2lzaGNvbXB1dGVyYW5pbWF0aW9uLS1vbmxpbmVuZXdzdHYucmVwbC5jby8_NjhiIiwidmlkIjoiMGI0NjNmNDAtZmYxYy00ZmIxLTk4M2UtMzc3ZmYzNjM5MjdiIiwic3J2YyI6bnVsbCwicHJvZHVjdCI6InNtYXJ0bGluayIsInNob3J0SWQiOiI4Z2I0X25ld3NfcGRmbCIsImlzQXV0aG9yaXphdGlvblJlcXVpcmVkIjpmYWxzZSwib3duZXIiOiI2MWY1NTlkYjI0MDAwMDA5MDBjM2I2YTYiLCJhciI6IjYxZjU1YTE4MjQwMDAwYTE3NWY2Yjg1ZSIsImlzU2hvcnRMaW5rIjp0cnVlfQ
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.160.190.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-190-133.us-west-2.compute.amazonaws.com
Software
openresty/1.15.8.1 / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:18:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
server
openresty/1.15.8.1
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
vary
Origin
content-type
image/gif
cache-control
public, max-age=0
access-control-allow-credentials
true
content-length
35
8gb4_news_pdfl
api.ffm.to/sl/e/r/ 		35 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.ffm.to/sl/e/r/8gb4_news_pdfl?cd=eyJ1YSI6eyJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2IiwiYnJvd3NlciI6eyJuYW1lIjoiQ2hyb21lIiwidmVyc2lvbiI6IjExOS4wLjYwNDUuMTU5IiwibWFqb3IiOiIxMTkifSwiZW5naW5lIjp7Im5hbWUiOiJCbGluayIsInZlcnNpb24iOiIxMTkuMC42MDQ1LjE1OSJ9LCJvcyI6eyJuYW1lIjoiV2luZG93cyIsInZlcnNpb24iOiIxMCJ9LCJkZXZpY2UiOnt9LCJjcHUiOnsiYXJjaGl0ZWN0dXJlIjoiYW1kNjQifX0sImNsaWVudCI6eyJyaWQiOiI0MmRiMWYyZC0xZTZjLTRlNDItYmMyMC1lZjY2MjJmYmE4ZGIiLCJzaWQiOiIyY2YwZWNkMy01ODY5LTRmYzUtYTk1MC1jYzc2ZTg3YzY1MDciLCJpcCI6Ijg2LjQ4LjE1LjIwOCIsInJlZiI6IiIsImhvc3QiOiJmZm0ubGluayIsImxhbmciOiJlbi1DQSIsImlwQ291bnRyeSI6IkNBIn0sImlzV2VicFN1cHBvcnRlZCI6dHJ1ZSwiaXNGcm9tRVUiOmZhbHNlLCJjb3VudHJ5Q29kZSI6IkNBIiwidXNlQWZmIjoib3JpZ2luIiwiaWQiOiI2NTAxMDZmZDMzMDAwMDM5MDBkZjliZDEiLCJwcnYiOmZhbHNlLCJpc1ByZVIiOmZhbHNlLCJ0em8iOm51bGwsImNoIjpudWxsLCJhbiI6bnVsbCwiZGVzdFVybCI6Imh0dHBzOi8vbWVkaXVtYmx1ZXllbGxvd2lzaGNvbXB1dGVyYW5pbWF0aW9uLS1vbmxpbmVuZXdzdHYucmVwbC5jby8_NjhiIiwidmlkIjoiMGI0NjNmNDAtZmYxYy00ZmIxLTk4M2UtMzc3ZmYzNjM5MjdiIiwic3J2YyI6bnVsbCwicHJvZHVjdCI6InNtYXJ0bGluayIsInNob3J0SWQiOiI4Z2I0X25ld3NfcGRmbCIsImlzQXV0aG9yaXphdGlvblJlcXVpcmVkIjpmYWxzZSwib3duZXIiOiI2MWY1NTlkYjI0MDAwMDA5MDBjM2I2YTYiLCJhciI6IjYxZjU1YTE4MjQwMDAwYTE3NWY2Yjg1ZSIsImlzU2hvcnRMaW5rIjp0cnVlfQ
Requested by
Host: ffm.link
URL: https://ffm.link/8gb4_news_pdfl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.160.190.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-190-133.us-west-2.compute.amazonaws.com
Software
openresty/1.15.8.1 / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:18:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
server
openresty/1.15.8.1
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
vary
Origin
content-type
image/gif
cache-control
public, max-age=0
access-control-allow-credentials
true
content-length
35
2cb113b.modern.js
fast-cdn.ffm.to/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/2cb113b.modern.js
Requested by
Host: fast-cdn.ffm.to
URL: https://fast-cdn.ffm.to/5553025.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:34 GMT
content-encoding
gzip
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63367
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"54bf-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Gi_UX2caagqXhwwHt_Qd0qBgzbwsjkMf8A9n2v8bStc8JpAijzrafA==
8e53661.modern.js
fast-cdn.ffm.to/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/8e53661.modern.js
Requested by
Host: fast-cdn.ffm.to
URL: https://fast-cdn.ffm.to/5553025.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:36 GMT
content-encoding
gzip
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63365
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"1781-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Rtv-dZxfknDiehvOVYSt2F9E5Y6vMYtTK-XRWADWeyQ1KgbeTPdvzA==
a6fbb74.modern.js
fast-cdn.ffm.to/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/a6fbb74.modern.js
Requested by
Host: fast-cdn.ffm.to
URL: https://fast-cdn.ffm.to/5553025.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:48 GMT
content-encoding
gzip
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63353
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"2571-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tGsyJloMAmAOTJ6xXzHVm54r6ZwHF_gf6qQd6BrlmDZcXB7-HzO4wA==
d0998ca.modern.js
fast-cdn.ffm.to/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/d0998ca.modern.js
Requested by
Host: fast-cdn.ffm.to
URL: https://fast-cdn.ffm.to/5553025.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:34 GMT
content-encoding
gzip
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63367
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"1070-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gHXgX0yXu9Mv-AYei-yc-Vy6BZn7gX-ql7mjTZJuGG8K44XXEfAbcQ==
610f487.modern.js
fast-cdn.ffm.to/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/610f487.modern.js
Requested by
Host: fast-cdn.ffm.to
URL: https://fast-cdn.ffm.to/5553025.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:34 GMT
content-encoding
gzip
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63367
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"27ad-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_eLEPKiT_2As6zRDTUw0iqTc9i9AuyH75m4a2EYr0yyKNwMtQ2vChg==
8d97285.modern.js
fast-cdn.ffm.to/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/8d97285.modern.js
Requested by
Host: fast-cdn.ffm.to
URL: https://fast-cdn.ffm.to/5553025.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:34 GMT
content-encoding
gzip
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63367
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"22d8-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DC5-I7GLfOK-VIfezTUvrHbQ4LMlzbrH_BEJO2fDW1wLV7rtxivL6w==
78b7696.modern.js
fast-cdn.ffm.to/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast-cdn.ffm.to/78b7696.modern.js
Requested by
Host: fast-cdn.ffm.to
URL: https://fast-cdn.ffm.to/5553025.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-5.iad79.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ffm.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:42:35 GMT
content-encoding
gzip
via
1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-cf-pop
IAD79-C3
age
63366
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 12:20:34 GMT
server
openresty/1.15.8.1
etag
W/"1778-18bd2ed1250"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ewTq1ZLv74lRUhxYMVte0aVNcLSZ8eFurE86VrFZTjKfBhVjSCWV3g==
/
mediumblueyellowishcomputeranimation--onlinenewstv.repl.co/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediumblueyellowishcomputeranimation--onlinenewstv.repl.co/?68b
Requested by
Host: fast-cdn.ffm.to
URL: https://fast-cdn.ffm.to/fbf0abd.modern.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5477502; includeSubDomains

Request headers

Referer
https://ffm.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Length
1178
Content-Type
text/html; charset=utf-8
Date
Thu, 16 Nov 2023 06:18:41 GMT
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Replit-Cluster
global
Strict-Transport-Security
max-age=5477502; includeSubDomains
/
my.contentrightnow.com/
Redirect Chain
  • https://byassets.com/?k=055cdd205b913b8171f0d8da1a006036&type=mainstream&subtype=global
  • https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Requested by
Host: mediumblueyellowishcomputeranimation--onlinenewstv.repl.co
URL: https://mediumblueyellowishcomputeranimation--onlinenewstv.repl.co/?68b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash
33b97d2b96c8b8d88504418d326617f789084b06b9b6be90276798490d6c3fd8

Request headers

Referer
https://mediumblueyellowishcomputeranimation--onlinenewstv.repl.co/?68b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 06:18:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 06:18:41 GMT
Location
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
proc.php
my.contentrightnow.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.contentrightnow.com/proc.php?5f6322cf533aab6bc0bedd3906c6a70144b6ca12
Requested by
Host: my.contentrightnow.com
URL: https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash

Request headers

Referer
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 06:18:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12
/
www.tropbikewall.art/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400
Requested by
Host: my.contentrightnow.com
URL: https://my.contentrightnow.com/proc.php?5f6322cf533aab6bc0bedd3906c6a70144b6ca12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://my.contentrightnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 16 Nov 2023 06:18:42 GMT
Transfer-Encoding
chunked
Primary Request /
yisparoturm.com/
Redirect Chain
  • https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400&eyeg=333930c872ecedf971d46b8d86864385&eyer=0.279382304146659&e...
  • https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400&eyeg=3&eyer=0.279382304146659&eyei=0&eyew=1600&eyeh=1200&eyetd...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000634be7013789e8d0e45957b95dd017ee1116-202311-flb*5706540-e4d07*M7301940562133778571*sl_5706540-e4d07*72a3a829e26846...
  • https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=6555b442a3d4990001aa6892
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=6555b442a3d4990001aa6892
Requested by
Host: www.tropbikewall.art
URL: https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.32.28.133 , Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software
nginx /
Resource Hash
1362be11bebf37f22c616e42e17ff2a4e792ac0a547c7826bfcd9c9dd8af7326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7301940562133778571&website=4400-f9befe9z&placement=4400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 06:18:38 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff

Redirect headers

access-control-allow-origin
*
content-length
0
date
Thu, 16 Nov 2023 06:18:42 GMT
location
https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=6555b442a3d4990001aa6892
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
backlink_back_button.js
yisparoturm.com/assets/js/ 		632 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yisparoturm.com/assets/js/backlink_back_button.js
Requested by
Host: yisparoturm.com
URL: https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=6555b442a3d4990001aa6892
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.32.28.133 , Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software
nginx /
Resource Hash
b1b1b5affe702bae9e97deabbdb3f19bcf8f12a1ddd410ff189c61c3bc159c06
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=6555b442a3d4990001aa6892
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 06:18:39 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Nov 2022 14:36:49 GMT
Server
nginx
ETag
"6384c781-278"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
632

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| backLinkURL

4 Cookies

Domain/Path Name / Value
ffm.link/ Name: ffmId
Value: 2cf0ecd3-5869-4fc5-a950-cc76e87c6507
admoustache.media-412.com/ Name: afclick
Value: 6555b442a3d4990001aa6892
yisparoturm.com/ Name: redirect_user_data
Value: %7B%22country%22%3A%22CA%22%2C%22city%22%3Anull%2C%22isp%22%3A%22nordvpn%22%2C%22netspeed%22%3A%22%22%7D
yisparoturm.com/ Name: _tracker_ikangoo
Value: a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002157878497032%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22CA%22%3Bs%3A4%3A%22_isp%22%3Bs%3A7%3A%22nordvpn%22%3Bs%3A5%3A%22_time%22%3Bi%3A1700115518%3B%7D

1 Console Messages

Source Level URL
Text
other warning URL: https://ffm.link/8gb4_news_pdfl(Line 3)
Message:
<link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.media-412.com
api.ffm.to
byassets.com
fast-cdn.ffm.to
ffm.link
mediumblueyellowishcomputeranimation--onlinenewstv.repl.co
my.contentrightnow.com
www.googleadservices.com
www.tropbikewall.art
yisparoturm.com
142.251.163.155
185.32.28.133
34.147.1.177
35.160.190.133
35.186.245.55
35.84.60.121
51.68.85.158
64.227.23.114
67.212.184.147
99.86.229.5
1362be11bebf37f22c616e42e17ff2a4e792ac0a547c7826bfcd9c9dd8af7326
13e4835f06d2cda264cc0d726d1bd400ac418756721e0477c9fc360dd8b9bcc9
2e552c88ddd4ee672ea4af79ab72c95da85d51e34838da11b96f96345e5f6946
33b97d2b96c8b8d88504418d326617f789084b06b9b6be90276798490d6c3fd8
375010d3c55ef2363eb0833f2e8428fa1d735534f37452008c2084fa679dcab5
43fb056aadc34d1848a24b891b6cd4364885ade4604dc8e6a89c9f93135d7d0f
455f8b45b7758ef4ec122bc4c96442ec85cef555099f762bf14bb2232c4e6c90
5d8f223c5a2fa30d35d4e62c1d7b1c3a8453eaa963ca94a3cd7990d6f3199f9f
a5b20560363e9a38e6886594445f6d7b7d76424435ded5f9145f2f8e46b62c5f
b1b1b5affe702bae9e97deabbdb3f19bcf8f12a1ddd410ff189c61c3bc159c06
b5914f66111470dadc0f553eace366b0ae5c9fcd93ee5dcb40b93137859f6a97
c6c6b2395621f7af1483b1fc75f928a27e864df3b6acd5ba28e93715deb43f76
c9c9b0ddec94d5aab7264c3ab7e1d62b8eadd352f400864eb466bce139eb22e3
cbd091e27bb7f472dd09df708b2c528a70ea283ec3a49837646dc2da3db8b716
eb7511917d787a6641efea5fbc6f719793777cfc7a7eb0cc51f3143961d15d87