www.sweepstakesbucks.com
Open in
urlscan Pro
20.49.104.35
Public Scan
Submitted URL: https://nseruneldap1982.blogspot.sn/
Effective URL: https://www.sweepstakesbucks.com/p20/lp1?key=506202410290052349952024415061029005241
Submission: On October 29 via api from US — Scanned from US
Effective URL: https://www.sweepstakesbucks.com/p20/lp1?key=506202410290052349952024415061029005241
Submission: On October 29 via api from US — Scanned from US
Summary
This website contacted 12 IPs
in 1 countries
across 15 domains to perform 40 HTTP transactions.
The main IP is 20.49.104.35, located in
Washington, United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is www.sweepstakesbucks.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2024. Valid for: a year.
This is the only time www.sweepstakesbucks.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2024. Valid for: a year.
This is the only time www.sweepstakesbucks.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 3 | 2607:f8b0:400... 2607:f8b0:400d:c04::84 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2607:f8b0:400... 2607:f8b0:400d:c04::bf | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 23.82.12.29 23.82.12.29 | 30633 (LEASEWEB-...) (LEASEWEB-USA-WDC) | |
| 1 | 18.213.233.28 18.213.233.28 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 1 | 52.22.1.236 52.22.1.236 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 1 | 5.161.250.225 5.161.250.225 | 213230 (HETZNER-C...) (HETZNER-CLOUD2-AS) | |
| 1 2 | 2607:fbe0:1:4... 2607:fbe0:1:42::1d | 40824 (WZ-US-40824) (WZ-US-40824) | |
| 1 1 | 3.145.153.202 3.145.153.202 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 4 | 20.49.104.35 20.49.104.35 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 21 | 2620:1ec:bdf::41 2620:1ec:bdf::41 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4004:c06::5f | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 18.160.46.65 18.160.46.65 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2606:4700::68... 2606:4700::6812:4a5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2606:4700:10:... 2606:4700:10::ac43:1ee1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 40 | 12 |
3
2607:f8b0:400d:c04::84
(Morganton, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| nseruneldap1982.blogspot.sn | |
| nseruneldap1982.blogspot.com |
1
18.213.233.28
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-233-28.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-233-28.compute-1.amazonaws.com
| veles-swg.com |
1
52.22.1.236
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-1-236.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-1-236.compute-1.amazonaws.com
| varun-ysz.com |
1
3.145.153.202
(Columbus, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-145-153-202.us-east-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-145-153-202.us-east-2.compute.amazonaws.com
| track.revenue-track.com |
4
20.49.104.35
(Washington, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| www.sweepstakesbucks.com |
21
2620:1ec:bdf::41
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| tmgassets.azureedge.net |
1
18.160.46.65
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-65.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-65.iad55.r.cloudfront.net
| pushpros.tech |
2
2606:4700::6812:4a5
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| cdn.aimtell.com | |
| signals.aimtell.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
azureedge.net
tmgassets.azureedge.net |
481 KB |
| 4 |
sweepstakesbucks.com
1 redirects
www.sweepstakesbucks.com |
15 KB |
| 4 |
blogger.com
www.blogger.com — Cisco Umbrella Rank: 12461 |
59 KB |
| 2 |
aimtell.io
cdn.aimtell.io — Cisco Umbrella Rank: 23538 |
1 KB |
| 2 |
aimtell.com
cdn.aimtell.com — Cisco Umbrella Rank: 18373 signals.aimtell.com — Cisco Umbrella Rank: 22120 |
14 KB |
| 2 |
chubbyfailure.com
1 redirects
chubbyfailure.com |
2 KB |
| 2 |
forkinz.com
1 redirects
forkinz.com |
1 KB |
| 2 |
blogspot.com
nseruneldap1982.blogspot.com |
3 KB |
| 1 |
pushpros.tech
pushpros.tech |
2 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 Failed |
986 B |
| 1 |
revenue-track.com
1 redirects
track.revenue-track.com |
543 B |
| 1 |
so-gre8.com
1 redirects
so-gre8.com — Cisco Umbrella Rank: 34526 |
315 B |
| 1 |
varun-ysz.com
1 redirects
varun-ysz.com — Cisco Umbrella Rank: 311193 |
726 B |
| 1 |
veles-swg.com
veles-swg.com — Cisco Umbrella Rank: 301023 |
3 KB |
| 1 |
blogspot.sn
1 redirects
nseruneldap1982.blogspot.sn |
515 B |
| 40 | 15 |
| Domain | Requested by | |
|---|---|---|
| 21 | tmgassets.azureedge.net |
www.sweepstakesbucks.com
tmgassets.azureedge.net |
| 4 | www.sweepstakesbucks.com |
1 redirects
www.sweepstakesbucks.com
|
| 4 | www.blogger.com |
nseruneldap1982.blogspot.com
|
| 2 | cdn.aimtell.io |
cdn.aimtell.com
|
| 2 | chubbyfailure.com |
1 redirects
veles-swg.com
|
| 2 | forkinz.com | 1 redirects |
| 2 | nseruneldap1982.blogspot.com | |
| 1 | signals.aimtell.com |
cdn.aimtell.com
|
| 1 | cdn.aimtell.com |
nseruneldap1982.blogspot.com
|
| 1 | pushpros.tech |
tmgassets.azureedge.net
|
| 1 | fonts.googleapis.com |
www.sweepstakesbucks.com
tmgassets.azureedge.net |
| 1 | track.revenue-track.com | 1 redirects |
| 1 | so-gre8.com | 1 redirects |
| 1 | varun-ysz.com | 1 redirects |
| 1 | veles-swg.com |
forkinz.com
|
| 1 | nseruneldap1982.blogspot.sn | 1 redirects |
| 40 | 16 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| misc-sni.blogspot.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
| *.blogger.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
| forkinz.com R10 |
2024-10-02 - 2024-12-31 |
3 months | crt.sh |
| zeropark.com Amazon RSA 2048 M02 |
2024-06-11 - 2025-07-09 |
a year | crt.sh |
| chubbyfailure.com E6 |
2024-09-08 - 2024-12-07 |
3 months | crt.sh |
| www.sweepstakesbucks.com Sectigo RSA Domain Validation Secure Server CA |
2024-05-20 - 2025-06-19 |
a year | crt.sh |
| *.azureedge.net Microsoft Azure RSA TLS Issuing CA 04 |
2024-09-19 - 2025-09-14 |
a year | crt.sh |
| upload.video.google.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
| pushpros.tech Amazon RSA 2048 M02 |
2024-04-03 - 2025-05-02 |
a year | crt.sh |
| aimtell.com Cloudflare Inc ECC CA-3 |
2024-03-12 - 2024-12-31 |
10 months | crt.sh |
| aimtell.io WE1 |
2024-09-27 - 2024-12-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.sweepstakesbucks.com/p20/lp1?key=506202410290052349952024415061029005241
Frame ID: 824055EE2AE2406AB98B0857D0640106
Requests: 40 HTTP requests in this frame
Screenshot
Page Title
Sweepstakes BucksPage URL History Show full URLs
-
https://nseruneldap1982.blogspot.sn/
HTTP 302
https://nseruneldap1982.blogspot.com/ Page URL
-
http://forkinz.com/de.html
HTTP 307
https://forkinz.com/de.html Page URL
-
https://forkinz.com/de.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV...
HTTP 302
http://veles-swg.com/zclkvisitor/c06b61d0-95ca-11ef-9501-0affd3fb27ff/72092e88-2c53-401c-b988-51e... HTTP 307
https://veles-swg.com/zclkvisitor/c06b61d0-95ca-11ef-9501-0affd3fb27ff/72092e88-2c53-401c-b988-51e... Page URL
-
https://varun-ysz.com/zclkredirect?visitid=c06b61d0-95ca-11ef-9501-0affd3fb27ff&type=js&browserWid...
HTTP 302
https://so-gre8.com/r/vxE1vUfj0bbNgu63wD0884au4cdTkowW_XrPcZdUzXIFcf1TPIUPlbaiV3wZcHmyG_i0AsJPtv... HTTP 302
https://chubbyfailure.com/b.3HVm0FPc3NpGvhbVmfV/JPZJDT0d1YNvjyIr1XN-jxY/0oLJTrUn2zMojwUo2CNVjxUl Page URL
-
https://chubbyfailure.com/cYG_Fazbc.zc9dk-afXgQh9iM_TkclzmMnD-Ep4qOrDsM_1uMvzwQx3-NzTAQB2CN_jEUFzGMHS-...
HTTP 302
https://track.revenue-track.com/api/flow/v2/s2s/VVxkY9cjRQHMJXN6qQHL7D?sub1=nalhdmu3syk4c3yvzxds&source_id=8... HTTP 302
https://www.sweepstakesbucks.com/subscribe?affid=823680&utm_medium=cpa&tmg_clickid=ku3sgnJv8hwGBNk4ccJvHS&sub... HTTP 302
https://www.sweepstakesbucks.com/p20/lp1?key=506202410290052349952024415061029005241 Page URL
Detected technologies
Bootstrap
(UI frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Microsoft ASP.NET
(Web frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <input[^>]+name="__VIEWSTATE
Aimtell
(Marketing automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.aimtell\.\w+/
Font Awesome
(Font scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API
(Font scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery
(JavaScript libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nseruneldap1982.blogspot.sn/
HTTP 302
https://nseruneldap1982.blogspot.com/ Page URL
-
http://forkinz.com/de.html
HTTP 307
https://forkinz.com/de.html Page URL
-
https://forkinz.com/de.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTczMDE5NTU1MSwiaWF0IjoxNzMwMTg4MzUxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMDFkcThzMzRvb3A0c2JjZm8yZ2hkaTEiLCJuYmYiOjE3MzAxODgzNTEsInRzIjoxNzMwMTg4MzUxNDU3NTQyfQ.WmPnkaPxmecxPuJiOEAk_ZfGJ6ysMhU0YbI_NiqoG8w&sid=c055e65e-95ca-11ef-8cec-287de3e7bf40
HTTP 302
http://veles-swg.com/zclkvisitor/c06b61d0-95ca-11ef-9501-0affd3fb27ff/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c077bde5-95ca-11ef-9501-0affd3fb27ff HTTP 307
https://veles-swg.com/zclkvisitor/c06b61d0-95ca-11ef-9501-0affd3fb27ff/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c077bde5-95ca-11ef-9501-0affd3fb27ff Page URL
-
https://varun-ysz.com/zclkredirect?visitid=c06b61d0-95ca-11ef-9501-0affd3fb27ff&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu
HTTP 302
https://so-gre8.com/r/vxE1vUfj0bbNgu63wD0884au4cdTkowW_XrPcZdUzXIFcf1TPIUPlbaiV3wZcHmyG_i0AsJPtvKr7tt1CTdNrbet5nwkWBGwS9BDyM1dcd_2Shw6t5rAQdwZcV9ahmemrJp23ALHwvuIv47prfyYqXED2EBJCrGlkzs4Um73STDrmvIlEyuI6_q2TCFVYpaqgFiWlalT-smHMKQPQ3bhT4ZWuPBzJa4sgbCnDzoxiwEBQJTFY5pOK3m7UvcSggcJ7C5NuM7izNxl0h7BMrDUMMpu2w46K7xvgZqYgeWiZzP8IxmSCqwE_zAq9Ztfbdmr7QbegK69fFAd5R-34EqBTYlofc6TaGyC0uTOfBOzbxvBPbwLgmGsA8lamKF7appLyk5KKr-21i64E6ovSOMPFbBoQN7NiypDGaZjmt4UsvQghcwx25F6P2kOUraToGAaZgW6pwl8_0_4HaPVlFAstiUbYVF3q7Plom3XSmRFLNAcf8MV4LojV47Hio5HUKcDWqLB4LzcAb0gSu9fWmcYB4EBzde16AL3q7_Iyhnu6btiTPWM9YUIjyts3c4 HTTP 302
https://chubbyfailure.com/b.3HVm0FPc3NpGvhbVmfV/JPZJDT0d1YNvjyIr1XN-jxY/0oLJTrUn2zMojwUo2CNVjxUl Page URL
-
https://chubbyfailure.com/cYG_Fazbc.zc9dk-afXgQh9iM_TkclzmMnD-Ep4qOrDsM_1uMvzwQx3-NzTAQB2CN_jEUFzGMHS-ZJkKdLGMt_uOPPWQMRz-WTUUVVGWY_WYtZlaebW-xd6eOfFgJ_TibjHkZlB-dnjoRp0qU_zsJtCuavG-dxayMzVAd_rCQDkEtFh-JHnIBJ0Kb_jM1NDOZP0-pRWSVTXUh_JWSXlYlZu-SbncZdZeV_1gJhpiWjV-cl1man0ot_pqQrXshtO-Rv1wExyyW_kAdBZCeDE-5FUGYH3Id_ZKaLmMxNq-TP1QRROSb_FUpVUWSXX-dZOaRbEcZ_qeTflgRhs-ajlkplqma_GohpNqerm-stxuWvWwp_EyQznAFBJ-SDzEVFCGa_mIkJyKcLU-FNGOQPXQd_LSNT1UhVB-ZXyY0ZtaJ_ncJdyeZfX-FhoiPjTkM_ymMnjoUp5-YrTsYtwuN_TwVxkyMz2-YBxCODGEM_0GOHGIJJj-ZLGMVNjOM_zQdRkSNTm-VVmWMXGYU_3aJbncJdy-afWgQh9iY_mkUl2mOnG-Mp1qZrWsF_iuZvjwAx3-YzjAgB5CN_DEIF4GNHz-YJ2KNLmMF_jOYPzQYRy-MTTUIV2WY_jYMZmacbn-NdyeYfzg1_vidjXkQlm-enmo9puqZ_WsltkuPvT-Ux2yMzjAU_2CNDjEQF
HTTP 302
https://track.revenue-track.com/api/flow/v2/s2s/VVxkY9cjRQHMJXN6qQHL7D?sub1=nalhdmu3syk4c3yvzxds&source_id=8DFF5G4008 HTTP 302
https://www.sweepstakesbucks.com/subscribe?affid=823680&utm_medium=cpa&tmg_clickid=ku3sgnJv8hwGBNk4ccJvHS&subid=6&subid2=None HTTP 302
https://www.sweepstakesbucks.com/p20/lp1?key=506202410290052349952024415061029005241 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://nseruneldap1982.blogspot.sn/ HTTP 302
- https://nseruneldap1982.blogspot.com/
- http://forkinz.com/de.html HTTP 307
- https://forkinz.com/de.html
- https://forkinz.com/de.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTczMDE5NTU1MSwiaWF0IjoxNzMwMTg4MzUxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMDFkcThzMzRvb3A0c2JjZm8yZ2hkaTEiLCJuYmYiOjE3MzAxODgzNTEsInRzIjoxNzMwMTg4MzUxNDU3NTQyfQ.WmPnkaPxmecxPuJiOEAk_ZfGJ6ysMhU0YbI_NiqoG8w&sid=c055e65e-95ca-11ef-8cec-287de3e7bf40 HTTP 302
- http://veles-swg.com/zclkvisitor/c06b61d0-95ca-11ef-9501-0affd3fb27ff/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c077bde5-95ca-11ef-9501-0affd3fb27ff HTTP 307
- https://veles-swg.com/zclkvisitor/c06b61d0-95ca-11ef-9501-0affd3fb27ff/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c077bde5-95ca-11ef-9501-0affd3fb27ff
- https://varun-ysz.com/zclkredirect?visitid=c06b61d0-95ca-11ef-9501-0affd3fb27ff&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
- https://so-gre8.com/r/vxE1vUfj0bbNgu63wD0884au4cdTkowW_XrPcZdUzXIFcf1TPIUPlbaiV3wZcHmyG_i0AsJPtvKr7tt1CTdNrbet5nwkWBGwS9BDyM1dcd_2Shw6t5rAQdwZcV9ahmemrJp23ALHwvuIv47prfyYqXED2EBJCrGlkzs4Um73STDrmvIlEyuI6_q2TCFVYpaqgFiWlalT-smHMKQPQ3bhT4ZWuPBzJa4sgbCnDzoxiwEBQJTFY5pOK3m7UvcSggcJ7C5NuM7izNxl0h7BMrDUMMpu2w46K7xvgZqYgeWiZzP8IxmSCqwE_zAq9Ztfbdmr7QbegK69fFAd5R-34EqBTYlofc6TaGyC0uTOfBOzbxvBPbwLgmGsA8lamKF7appLyk5KKr-21i64E6ovSOMPFbBoQN7NiypDGaZjmt4UsvQghcwx25F6P2kOUraToGAaZgW6pwl8_0_4HaPVlFAstiUbYVF3q7Plom3XSmRFLNAcf8MV4LojV47Hio5HUKcDWqLB4LzcAb0gSu9fWmcYB4EBzde16AL3q7_Iyhnu6btiTPWM9YUIjyts3c4 HTTP 302
- https://chubbyfailure.com/b.3HVm0FPc3NpGvhbVmfV/JPZJDT0d1YNvjyIr1XN-jxY/0oLJTrUn2zMojwUo2CNVjxUl
40 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
nseruneldap1982.blogspot.com/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3578629363-widgets.js
www.blogger.com/static/v1/widgets/ |
145 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 684 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 88 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
de.html
forkinz.com/ Redirect Chain
|
480 B 758 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
nseruneldap1982.blogspot.com/ |
4 KB 506 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
72092e88-2c53-401c-b988-51ef43ce1034
veles-swg.com/zclkvisitor/c06b61d0-95ca-11ef-9501-0affd3fb27ff/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0oLJTrUn2zMojwUo2CNVjxUl
chubbyfailure.com/b.3HVm0FPc3NpGvhbVmfV/JPZJDT0d1YNvjyIr1XN-jxY/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
lp1
www.sweepstakesbucks.com/p20/ Redirect Chain
|
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min_v3.css
tmgassets.azureedge.net/ono/assets/ssb/version4/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min_v3.css
tmgassets.azureedge.net/ono/assets/ssb/version4/css/ |
150 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header_footer_wincash.min.css
tmgassets.azureedge.net/ono/assets/ssb/version4/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
landing_page_wincash.min.css
tmgassets.azureedge.net/ono/assets/ssb/version4/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
landing_page-responsive_wincash.min.css
tmgassets.azureedge.net/ono/assets/ssb/version4/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tech_ssb.min.css
tmgassets.azureedge.net/ono/assets/ssb/version4/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.1.0.js
tmgassets.azureedge.net/ono/assets/js/ |
267 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validate.min.js
tmgassets.azureedge.net/ono/assets/js/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ssb.landing001.validation.min.js
tmgassets.azureedge.net/ono/assets/ssb/version4/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ssb.landing001.tracking.min.js
tmgassets.azureedge.net/ono/assets/ssb/version4/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
plane_shape_1.svg
tmgassets.azureedge.net/ono/assets/ssb/version4/images/ |
31 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
plane_shape_2.svg
tmgassets.azureedge.net/ono/assets/ssb/version4/images/ |
25 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
tmgassets.azureedge.net/ono/assets/ssb/version4/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WebResource.axd
www.sweepstakesbucks.com/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WebResource.axd
www.sweepstakesbucks.com/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow.png
tmgassets.azureedge.net/ono/assets/ssb/version4/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
time_counter.min_v3.js
tmgassets.azureedge.net/ono/assets/ssb/version4/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min_v3.js
tmgassets.azureedge.net/ono/assets/ssb/version4/js/ |
59 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ssb.loadpushnami.min.js
tmgassets.azureedge.net/ono/assets/ssb/js/ |
376 B 879 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 986 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hero-bg-4-02.jpg
tmgassets.azureedge.net/ono/assets/ssb/version4/images/ |
176 KB 177 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GetPushScript
pushpros.tech/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vertical-line.png
tmgassets.azureedge.net/ono/assets/ssb/version4/images/ |
931 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
tmgassets.azureedge.net/ono/assets/ssb/version4/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
tmgassets.azureedge.net/ono/assets/ssb/version4/images/ |
8 KB 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trackpush.min.js
cdn.aimtell.com/trackpush/ |
48 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pageview
signals.aimtell.com/ |
43 B 361 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10880-041e2bdba891.json
cdn.aimtell.io/config/optin/ |
1 KB 1016 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10880-041e2bdba891.json
cdn.aimtell.io/config/ |
584 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Oswald:400,300,700
Verdicts & Comments Add Verdict or Comment
183 JavaScript Window variables
These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| fieldsToValidate object| Validation object| fieldsToTrack object| Tracking function| search object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| countDown function| StartLotteryCountdownAndDisplayLastDrawDate function| getMonday object| bootstrap object| month object| dtNow object| lastDownDate object| countDownDate function| fn_LoadLastDrawnDate object| Time object| _at boolean| _aimtellRanScript string| _aimtellSubscriberID object| trackData object| _aimtellTrackData string| _aimtellAPI string| _aimtellSubscriberGEO boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue string| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration string| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker string| _aimtellCurrentPage object| _aimtellPromptConfiguration object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellSPAOptinHelper function| _aimtellPromptConfig function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellStoreSubscriberIDFromToken function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| terminateLegacyShopifyWorker function| _aimtellCheckConflictWorker function| _aimtellSignal function| _aimtellInitWorker function| _aimtellForceRefreshSW function| _aimtellPermissionGranted function| _aimtellReady12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .forkinz.com/ | Name: sid Value: c055e65e-95ca-11ef-8cec-287de3e7bf40 |
|
| chubbyfailure.com/ | Name: uniqCookie Value: 06695ab355314dabbefaf33185882e7b |
|
| chubbyfailure.com/ | Name: skipJsRedirect Value: 1730188353 |
|
| chubbyfailure.com/ | Name: kadACap Value: 606931:1:1730188353 |
|
| chubbyfailure.com/ | Name: kadASCap Value: 606931:1:1730188353 |
|
| chubbyfailure.com/ | Name: kadRPixJ Value: bnVsbA== |
|
| chubbyfailure.com/ | Name: kadUnP3 Value: CAEQwaiCuQYaDQjArtcCEAEYwaiCuQYiCggDEAEYwaiCuQYqDAi60i4QARjBqIK5Bg== |
|
| www.sweepstakesbucks.com/ | Name: ASP.NET_SessionId Value: v0smw2iwadrkaunadocbssac |
|
| .www.sweepstakesbucks.com/ | Name: ARRAffinity Value: da47d32e79501176e81b1c3683ccfcfeb94f60049fd06b28b5c1b37d0ee3c3bb |
|
| .www.sweepstakesbucks.com/ | Name: ARRAffinitySameSite Value: da47d32e79501176e81b1c3683ccfcfeb94f60049fd06b28b5c1b37d0ee3c3bb |
|
| www.sweepstakesbucks.com/ | Name: 162BA662SSB Value: 1,1 |
|
| www.sweepstakesbucks.com/ | Name: _aimtellSubscriberID Value: 218c0190-b19c-55f3-dcc7-c7309388e0d0 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.aimtell.com
cdn.aimtell.io
chubbyfailure.com
fonts.googleapis.com
forkinz.com
nseruneldap1982.blogspot.com
nseruneldap1982.blogspot.sn
pushpros.tech
signals.aimtell.com
so-gre8.com
tmgassets.azureedge.net
track.revenue-track.com
varun-ysz.com
veles-swg.com
www.blogger.com
www.sweepstakesbucks.com
fonts.googleapis.com
18.160.46.65
18.213.233.28
20.49.104.35
23.82.12.29
2606:4700:10::ac43:1ee1
2606:4700::6812:4a5
2607:f8b0:4004:c06::5f
2607:f8b0:400d:c04::84
2607:f8b0:400d:c04::bf
2607:fbe0:1:42::1d
2620:1ec:bdf::41
3.145.153.202
5.161.250.225
52.22.1.236
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
092cd43c130515e545b5b760b961cea23d1cbc5fe995eea2711e7b4613dab3da
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1c130dcfa45e960346cdd913a014c62ad9e64b1ad9800352b628e405ad517e5a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0586d1290f1bd1ca0fb9fe62c9fb31f48b07ffe4762b5e26960114f7aaa69b
2cf92e5d543f4232dd70c8dd0263cc1fee148979d59d60e8df6aac44d4f282e7
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41078947b1986c34e0fae4736d84cbe914fe99a57d9e84a3c431d762f100ff7a
4378d138bb9e6ed1ba2da40736c230621c19331b37271f6e2d4568d8a638b61d
4ce7cc177cf6e0941a2ea16d77de0f072410005452fdaac4a7ddcfc65d5422d4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5758870e1a79cab02694b09bb2b2b88e5a88d620fe7cf556dfde921f169a9195
5b518918638960ce1135ec1f66c3c7c8384c397cb5bb21ad08cbf18dad8452a1
60f61237fb6011df35d7851c04b662e4222d8ddb82f79814df784746dd59181b
62f3fb49f0b040831888b3b2c4a5b30408b5a26907e2aa5fc9b12fa0b8dd2811
6a5ef48ba7933659b2a411100976fda73a4b33334f6fe0b59526e1d9f4d894cf
6f912c3a9ffa9c01815191af9a42cf4f6fd5548ae057c2bb41a68626f5e8c39b
70fe6163526ee1ed8542f2871c3e32efdc8ee142877e1d75bb48b1f07b56661e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e8210fe9ce986cacb6b8804b2e33a3914ba1f399473c052a327297dc984802b
8c13b36508facd39ad10eb9edf5da19da93726a33e4510fdb9b8b401e3951b9c
91e2d9c2a3e81915e6a427184eaf3c15882c7241cca4f6ab397bc1910909b7ae
a7760f8a9a337abc469c61cedae5a313a23847976ca65d5c411fee76f77e12a5
a8c3078f9b1d15f7fdfc4861e1b8b56edd74f516b845b4052e3b39878f077a96
b209faca1286deefd0a01d0e6d61e0968ccb84ed4eb70ab43425ecbdc9758c1b
bb0f7dd7769bbe1e2f18afb24c4fe89996281cb829bc0b99633012408b58a71f
c0d1629752f294f26437fb5fe55e1674861ed30bb5b975d08efc6aeb11f20593
d3e33f620ffff2f1a56fcf85a24a4f03e1874edee2ec103489eb985c59f7b22c
dedddd7326e07e14aa606b2c611ea46d23810089f3e2707944e3a0be8145ac22
eeb8824ac99928eca39d3cf34082cc6bdfd6da65b270e32ea8ee840821425c49
f45d60312f2b05cdabb6791d10e72459e29b46b117f38f391b920b35e133d8b5
f66c8dec83e58bb4f9910e19aa98b597c16a1fde98c5a05207f6df3c4073eadf
faa01c6b909407c72d37113ba4feab9eaf57b9a6963edca670c8d0a1b5d1d5b3