Submitted URL: http://flingswipes.com/
Effective URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPu...
Submission: On April 27 via manual from IL — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 10 domains to perform 44 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to STACKPATH-CDN, US. The main domain is bl.mature-hits.net. The Cisco Umbrella rank of the primary domain is 700761.
TLS certificate: Issued by R3 on March 30th 2022. Valid for: 3 months.
This is the only time bl.mature-hits.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 18.194.134.212 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 156.67.36.13 25418 (CQINT-)
1 34 151.139.128.11 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
44 7
Apex Domain
Subdomains
Transfer
26 servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 67255
395 KB
7 mature-hits.net
bl.mature-hits.net — Cisco Umbrella Rank: 700761
43 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3143
onesignal.com — Cisco Umbrella Rank: 1221
img.onesignal.com — Cisco Umbrella Rank: 6639
94 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
ajax.googleapis.com — Cisco Umbrella Rank: 270
32 KB
2 cloudtraff.com
o-2628.cloudtraff.com
trk.cloudtraff.com — Cisco Umbrella Rank: 135130
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 629
7 KB
1 sharktrk.com
www.sharktrk.com
1 KB
1 bangalerts.com
x.bangalerts.com
642 B
1 flingswipes.com
flingswipes.com
931 B
44 10
Domain Requested by
26 lpmedia.servefilesonly.com bl.mature-hits.net
lpmedia.servefilesonly.com
7 bl.mature-hits.net bl.mature-hits.net
3 onesignal.com cdn.onesignal.com
bl.mature-hits.net
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.onesignal.com bl.mature-hits.net
cdn.onesignal.com
1 img.onesignal.com
1 maxcdn.bootstrapcdn.com bl.mature-hits.net
1 ajax.googleapis.com bl.mature-hits.net
1 fonts.googleapis.com bl.mature-hits.net
1 trk.cloudtraff.com 1 redirects
1 o-2628.cloudtraff.com 1 redirects
1 www.sharktrk.com 1 redirects
1 x.bangalerts.com 1 redirects
1 flingswipes.com 1 redirects
44 14

This site contains links to these domains. Also see Links.

Domain
lpmedia.servefilesonly.com
Subject Issuer Validity Valid
mature-hits.net
R3
2022-03-30 -
2022-06-28
3 months crt.sh
lpmedia.servefilesonly.com
R3
2022-03-22 -
2022-06-20
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-04 -
2022-07-03
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh

This page contains 2 frames:

Primary Page: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Frame ID: 146F83465E85C85938A0A1286BD3447E
Requests: 39 HTTP requests in this frame

Frame: https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn
Frame ID: 9142AD94293790CD7B73BA80EA0C7398
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

mature-hits.net

Page URL History Show full URLs

  1. http://flingswipes.com/ HTTP 302
    https://x.bangalerts.com/a1cfd22d-26ed-4d80-b923-07df66f47316?source=404_direct&pub=362 HTTP 302
    https://www.sharktrk.com/track/362.1214.1214.5417.0.0.0.0.0.0.0.0?_ocid=w5usr621gp1kmqof2g9kg8qs&auto... HTTP 302
    https://o-2628.cloudtraff.com/e8cf017a-47e9-457d-8c8b-5d882a4e2ec5?clicktag=362698f4f18e593.10609788&sourc... HTTP 301
    https://trk.cloudtraff.com/e8cf017a-47e9-457d-8c8b-5d882a4e2ec5?clicktag=362698f4f18e593.10609788&sourc... HTTP 302
    https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

14
Subdomains

7
IPs

2
Countries

617 kB
Transfer

1153 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://flingswipes.com/ HTTP 302
    https://x.bangalerts.com/a1cfd22d-26ed-4d80-b923-07df66f47316?source=404_direct&pub=362 HTTP 302
    https://www.sharktrk.com/track/362.1214.1214.5417.0.0.0.0.0.0.0.0?_ocid=w5usr621gp1kmqof2g9kg8qs&autocamp=404_direct&click_id= HTTP 302
    https://o-2628.cloudtraff.com/e8cf017a-47e9-457d-8c8b-5d882a4e2ec5?clicktag=362698f4f18e593.10609788&source=404_direct&subPublisher=362&_ocid=w5usr621gp1kmqof2g9kg8qs&autocamp=404_direct&click_id= HTTP 301
    https://trk.cloudtraff.com/e8cf017a-47e9-457d-8c8b-5d882a4e2ec5?clicktag=362698f4f18e593.10609788&source=404_direct&subPublisher=362&_ocid=w5usr621gp1kmqof2g9kg8qs&autocamp=404_direct&click_id= HTTP 302
    https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request da8007
bl.mature-hits.net/landing/
Redirect Chain
  • http://flingswipes.com/
  • https://x.bangalerts.com/a1cfd22d-26ed-4d80-b923-07df66f47316?source=404_direct&pub=362
  • https://www.sharktrk.com/track/362.1214.1214.5417.0.0.0.0.0.0.0.0?_ocid=w5usr621gp1kmqof2g9kg8qs&autocamp=404_direct&click_id=
  • https://o-2628.cloudtraff.com/e8cf017a-47e9-457d-8c8b-5d882a4e2ec5?clicktag=362698f4f18e593.10609788&source=404_direct&subPublisher=362&_ocid=w5usr621gp1kmqof2g9kg8qs&autocamp=404_direct&click_id=
  • https://trk.cloudtraff.com/e8cf017a-47e9-457d-8c8b-5d882a4e2ec5?clicktag=362698f4f18e593.10609788&source=404_direct&subPublisher=362&_ocid=w5usr621gp1kmqof2g9kg8qs&autocamp=404_direct&click_id=
  • https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirec...
66 KB
17 KB
Document
General
Full URL
https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
397d1a78a7ba4062be8a23663262671a9fe516a82c0188e043d0e8fd280b6a7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization,
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 27 Apr 2022 18:45:35 GMT
pragma
no-cache
server
fbs
vary
Accept-Encoding
x-hw
1651085135.cds231.fr8.hn,1651085135.cds219.fr8.sc,1651085135.cdn2-redis01-fra1.stackpath.systems.-.wx,1651085135.cds219.fr8.p

Redirect headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-length
0
date
Wed, 27 Apr 2022 18:45:35 GMT
location
https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
server
fbs
strict-transport-security
max-age=15724800; includeSubDomains
x-hw
1651085135.cds239.fr8.hn,1651085135.cds253.fr8.sc,1651085135.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1651085135.cds253.fr8.p
form.css
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
7 KB
2 KB
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.css?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
195c953a7e6f40ca401cbe3b8f67d174909f6bd6a6f58c4d58649dae7341f13f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:59 GMT
server
fbs
etag
W/"626915c3-1bec"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds264.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
1648
login_form.css
lpmedia.servefilesonly.com/widgets/loginFormBuilder/
1 KB
643 B
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.css?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
c01ae6f690936b5ea1d7ac0b1e77b8f89a61d7b0720e488ba4d2737db1e82ab3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:59 GMT
server
fbs
etag
W/"626915c3-591"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds053.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
463
corner.css
lpmedia.servefilesonly.com/widgets/corner/
246 B
308 B
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/widgets/corner/corner.css?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:59 GMT
server
fbs
etag
W/"626915c3-f6"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds006.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
201
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto+Condensed:400,700&display=swap
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e916e03b1d205ffa49d9fb9eeb73e6cd7ba8ab0479fde77da0ac059db24f0cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 18:45:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 27 Apr 2022 18:45:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Apr 2022 18:45:36 GMT
style.min.css
lpmedia.servefilesonly.com/build/templates/DigitalAssistant2/
22 KB
5 KB
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant2/style.min.css?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
e5eaa47c3c5c39514a966b94d37019c06a13fd909f119a68d3adeb77b67ceefe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:06 GMT
server
fbs
etag
W/"6269158e-589b"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds247.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
4920
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1431
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7029b755ba449ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 30 Apr 2022 18:45:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 08:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 08:56:15 GMT
milfdates.png
lpmedia.servefilesonly.com/img/_logos/
2 KB
2 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_logos/milfdates.png
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
1966b4feb0dd28a81d712a8fd2f8fd39f752c3b4081a11c870ffded5a5aa66fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
last-modified
Thu, 21 Apr 2022 09:31:38 GMT
server
fbs
etag
"6261247a-95e"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds156.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
2398
milfdates_w.png
lpmedia.servefilesonly.com/img/_logos/
4 KB
4 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_logos/milfdates_w.png
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
711dd3689d5465deba16602b6d06a581d2b98537c25200a06fcc3f6f2667eb4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
last-modified
Thu, 21 Apr 2022 09:31:38 GMT
server
fbs
etag
"6261247a-eb5"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds248.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
3765
candels.svg
lpmedia.servefilesonly.com/img/_btns/
7 KB
3 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/candels.svg
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
11a8a4370fa87bc4906c9309d938c651fa85aed67081601c5a5cdb9548bed32d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 09:31:38 GMT
server
fbs
etag
W/"6261247a-1cf6"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds265.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3321
parfume.svg
lpmedia.servefilesonly.com/img/_btns/
6 KB
3 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/parfume.svg
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
e72ec3f9b09d9b1e82f4f24fba969ac79c496b7d175ba18686cc959d11657363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 09:31:38 GMT
server
fbs
etag
W/"6261247a-1841"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds052.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2574
champaign.svg
lpmedia.servefilesonly.com/img/_btns/
7 KB
3 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/champaign.svg
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
da34a3b43775b1b28d38270d9c606b15152b7e2fc6c95cf669f5a7462cc38747

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 09:31:38 GMT
server
fbs
etag
W/"6261247a-1d77"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds273.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3406
da2.png
lpmedia.servefilesonly.com/img/_pictures/fsk12/s/
8 KB
8 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk12/s/da2.png
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
95387a62e27849b52c92014fcfef9fe01a543f1f6e152b539a08ebdd9d01072e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
last-modified
Thu, 21 Apr 2022 09:31:39 GMT
server
fbs
etag
"6261247b-20da"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds292.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
8410
da3.png
lpmedia.servefilesonly.com/img/_pictures/fsk12/s/
8 KB
9 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk12/s/da3.png
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
d962a9b44d644f7cf69bdb12474a7e831f3647ed745027dcbc9b654aac164165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
last-modified
Thu, 21 Apr 2022 09:31:39 GMT
server
fbs
etag
"6261247b-219b"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds142.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
8603
da4.png
lpmedia.servefilesonly.com/img/_pictures/fsk12/s/
7 KB
7 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk12/s/da4.png
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
5b9e2174ae11d5b2ce195c1d654bfc207e00a6ec22347385cf09439adbcd07f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
last-modified
Thu, 21 Apr 2022 09:31:39 GMT
server
fbs
etag
"6261247b-1c5a"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds012.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
7258
da19.png
lpmedia.servefilesonly.com/img/_pictures/fsk12/s/
37 KB
37 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk12/s/da19.png
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
93390fadd50a1adc5b3cc1022869c221e53a5661ae403b3996eb79cb2bd1d7f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
last-modified
Thu, 21 Apr 2022 09:31:39 GMT
server
fbs
etag
"6261247b-92e8"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds146.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
37608
validation.js
lpmedia.servefilesonly.com/js/helpers/
11 KB
3 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/js/helpers/validation.js?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
d8bec43fa0c0c15402b98176cc557cf4c72c7a881ab1d0143354b87839c90d62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:54 GMT
server
fbs
etag
W/"626915be-2ba9"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds155.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
3436
form_helper.js
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
5 KB
2 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form_helper.js?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
e9ea9a3362eaff855c8bed3b0451fa0cb3b11e22694804fbc4c7695b873469a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:59 GMT
server
fbs
etag
W/"626915c3-15bd"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds236.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
1527
form.js
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
6 KB
2 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.js?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
3fdfd802b39cf69a1f4c32216718d02229eea7fb08747d92a2a08363ae3bd4d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:59 GMT
server
fbs
etag
W/"626915c3-18e5"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds207.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
1487
step.js
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
3 KB
1 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/step.js?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
053fe96e10c59c0d3902cfd55947ef08826da5343ebaf0880daec30e4ae04608

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:59 GMT
server
fbs
etag
W/"626915c3-b68"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds003.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
941
location_auto_fill_v3.js
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
14 KB
3 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/location_auto_fill_v3.js?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
8c1d19af401b38950aa8d968003fff242deadbfced898ce11afee8f035d9e9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:59 GMT
server
fbs
etag
W/"626915c3-3949"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds159.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
2881
login_form.js
lpmedia.servefilesonly.com/widgets/loginFormBuilder/
6 KB
2 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.js?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
34cee372b39c70872f36eb74c0de67c4127e6a9262835044ebb912cd64f2854f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:59 GMT
server
fbs
etag
W/"626915c3-16dd"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds245.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
1526
popwin.js
lpmedia.servefilesonly.com/js/
1 KB
634 B
Script
General
Full URL
https://lpmedia.servefilesonly.com/js/popwin.js?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:54 GMT
server
fbs
etag
W/"626915be-499"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds013.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
525
chat.js
lpmedia.servefilesonly.com/js/digitalassistant/
8 KB
2 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/js/digitalassistant/chat.js?839467
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
d22f4a4f5d351ece063a54e5c1a435484594b14318873cd47d300156eab75f3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 10:06:54 GMT
server
fbs
etag
W/"626915be-218a"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds246.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
2267
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
8310809
cdn-cachedat
11/15/2021 21:49:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8b677d48aa464c28c0815c97adbbe174
cf-ray
7029b7542be26925-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
bl.mature-hits.net/sbbi/ Frame 9142
25 KB
11 KB
Document
General
Full URL
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn&sbbgs=h4c95b0e8dfdb59af1c5334fec2fd2cec548&ddl=0
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
078399bde40c06cb57e0851b1a4d3106154af2ede5e96a24e952a5526c64943a

Request headers

Referer
https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 27 Apr 2022 18:45:36 GMT
server
fbs
x-accel-expires
0
x-hw
1651085136.cds231.fr8.hn,1651085136.cds222.fr8.sc,1651085136.cdn2-wafbe02-fra1.stackpath.systems.-.i,1651085136.cds222.fr8.p
/
bl.mature-hits.net/sbbi/
43 B
176 B
Image
General
Full URL
https://bl.mature-hits.net/sbbi/?sbbpg=utMedia&vii=9h84ccc9352b803e584def7d7be569ea9f01acc583d3c44f8eec02afcd92fc9evcv5y4j8
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
x-accel-expires
0
date
Wed, 27 Apr 2022 18:45:36 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server
fbs
x-hw
1651085136.cds231.fr8.hn,1651085136.cds004.fr8.sc,1651085136.cdn2-redis02-fra1.stackpath.systems.-.i,1651085136.cds004.fr8.p
content-type
image/gif
da2.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk18/l/
285 KB
285 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk18/l/da2.jpg
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
aaa1ec7a42ae47d440952cfdee5cf609758392d77f5c0d593e3eaf6880538df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
last-modified
Thu, 21 Apr 2022 09:31:46 GMT
server
fbs
etag
"62612482-473e6"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds225.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
291814
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto+Condensed:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bl.mature-hits.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:08:21 GMT
x-content-type-options
nosniff
age
92235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:08:21 GMT
arrow_right.svg
lpmedia.servefilesonly.com/img/_btns/
1 KB
775 B
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/arrow_right.svg
Requested by
Host: lpmedia.servefilesonly.com
URL: https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant2/style.min.css?839467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
1ca1a1ee4fd0edc1c9bc490bcf24cce4f2104b683baf5b25945774ef8464fc10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant2/style.min.css?839467
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 09:31:38 GMT
server
fbs
etag
W/"6261247a-4bf"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds108.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
657
bow.svg
lpmedia.servefilesonly.com/img/_btns/
3 KB
2 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/bow.svg
Requested by
Host: lpmedia.servefilesonly.com
URL: https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant2/style.min.css?839467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
1257bc3979e3466a2d7e073925ca9b4a88691ae2620ab637ecd8734b83877c07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant2/style.min.css?839467
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 09:31:38 GMT
server
fbs
etag
W/"6261247a-dc3"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds238.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1824
quotationmarks.svg
lpmedia.servefilesonly.com/img/_btns/
749 B
530 B
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/quotationmarks.svg
Requested by
Host: lpmedia.servefilesonly.com
URL: https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant2/style.min.css?839467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
150784b50aeb11151034be1b7e22d9bfb32c4efe5dc339c6e9d800377c73108a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lpmedia.servefilesonly.com/build/templates/DigitalAssistant2/style.min.css?839467
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 09:31:38 GMT
server
fbs
etag
W/"6261247a-2ed"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds168.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
421
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto+Condensed:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bl.mature-hits.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:15:45 GMT
x-content-type-options
nosniff
age
73791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:15:45 GMT
da1.png
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/
7 KB
7 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/da1.png
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
ffb6186503a7d066d723c3e187f85a323972effdbaa4e37738a3fbfee40b4762

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
last-modified
Thu, 21 Apr 2022 09:31:41 GMT
server
fbs
etag
"6261247d-1ba1"
x-hw
1651085136.cds222.fr8.hn,1651085136.cds254.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
content-length
7073
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1431
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7029b7574dec9ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 30 Apr 2022 18:45:36 GMT
web
onesignal.com/api/v1/sync/2bb72774-ad6d-4863-835d-375600cc3620/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/2bb72774-ad6d-4863-835d-375600cc3620/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511117cc808a12e1b0e03858729c4bd704235a9ef3e989b174bb6354811f9205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
2327
cf-polished
origSize=3360
status
200 OK
x-envoy-upstream-service-time
23
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f8ba14e4-463a-4cb8-b876-e8fb949c85bf
x-runtime
0.021683
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7215e2d12e0cde258dff812a23560d9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7029b75878a59ba6-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 27 Apr 2022 19:45:36 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:36 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1458
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7029b75949525b86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 27 May 2022 18:45:36 GMT
/
bl.mature-hits.net/sbbi/ Frame 9142
516 B
459 B
Document
General
Full URL
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn&sbbgs=h4c95b0e8dfdb59af1c5334fec2fd2cec548&ddl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://bl.mature-hits.net
Referer
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn&sbbgs=h4c95b0e8dfdb59af1c5334fec2fd2cec548&ddl=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 27 Apr 2022 18:45:36 GMT
server
fbs
x-accel-expires
0
x-hw
1651085136.cds231.fr8.hn,1651085136.cds161.fr8.sc,1651085136.cdn2-wafbe02-fra1.stackpath.systems.-.i,1651085136.cds161.fr8.p
icon
onesignal.com/api/v1/apps/2bb72774-ad6d-4863-835d-375600cc3620/
184 B
627 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/2bb72774-ad6d-4863-835d-375600cc3620/icon
Requested by
Host: bl.mature-hits.net
URL: https://bl.mature-hits.net/landing/da8007?clickId=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tracker=SGM_Pro&publisher=2137&subPublisher=362&zz=true&hit_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7&tp_redirect_id=d73c2c7a-7c2e-40dc-81c1-6c2d711c25a7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec41b17a581f3346cf806158ec74535c0b2dd6b341395c04509dc31d4ee6c35d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
110264be-e568-4d83-bd09-0ba78de6bb63
x-runtime
0.007157
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ec41b17a581f3346cf806158ec74535c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7029b759fa6d91e7-FRA
access-control-allow-headers
SDK-Version
/
bl.mature-hits.net/sbbi/ Frame 9142
25 KB
11 KB
Document
General
Full URL
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
0a17456f98ecf4d198860e7d511ac5fb5f31d6c60bba4c574fb0596feec3db59

Request headers

Referer
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn&sbbgs=h4c95b0e8dfdb59af1c5334fec2fd2cec548&ddl=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 27 Apr 2022 18:45:36 GMT
server
fbs
x-accel-expires
0
x-hw
1651085136.cds231.fr8.hn,1651085136.cds163.fr8.sc,1651085136.cdn2-redis02-fra1.stackpath.systems.-.i,1651085136.cds163.fr8.p
/
bl.mature-hits.net/sbbi/ Frame 9142
516 B
474 B
Document
General
Full URL
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://bl.mature-hits.net
Referer
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 27 Apr 2022 18:45:37 GMT
server
fbs
x-accel-expires
0
x-hw
1651085137.cds231.fr8.hn,1651085137.cds097.fr8.sc,1651085137.cdn2-redis01-fra1.stackpath.systems.-.i,1651085137.cds097.fr8.p
/
bl.mature-hits.net/sbbi/ Frame 9142
7 KB
3 KB
Document
General
Full URL
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
fbs /
Resource Hash
5a45f707f68a951d651b849c0d5b9a2e4455f76fc6ac76d176ecf1496e3ce0a3

Request headers

Referer
https://bl.mature-hits.net/sbbi/?sbbpg=sbbShell&gprid=Sn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 27 Apr 2022 18:45:37 GMT
server
fbs
x-accel-expires
0
x-hw
1651085137.cds231.fr8.hn,1651085137.cds163.fr8.sc,1651085137.cdn2-redis02-fra1.stackpath.systems.-.i,1651085137.cds163.fr8.p
6262d251-9c5d-4596-8b9b-4bef3a0fef30
img.onesignal.com/permanent/
11 KB
11 KB
Image
General
Full URL
https://img.onesignal.com/permanent/6262d251-9c5d-4596-8b9b-4bef3a0fef30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3417acb3eb921fbfbe6cbc9a604f640606549cd7163609ec20e6354b7756159b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bl.mature-hits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 18:45:37 GMT
cf-cache-status
HIT
age
2326
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11074
x-amz-id-2
yCQWP1zeRIGMFbXtG7vmydHK0tslGvsyP4ZboqtZwQ6lPd9YHY+aagIjbuWYR2PKAUjI6hs4Pq0=
last-modified
Thu, 10 Feb 2022 08:28:39 GMT
server
cloudflare
etag
"026931f96d25d5e1746eed4f28c15261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
K20PW9NAH9VZ20P3
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7029b75bf8579ba6-FRA
expires
Sat, 28 May 2022 18:45:37 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| OneSignal function| $ function| jQuery string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y object| x string| gprid object| sbbeccfi string| sbbgs object| $birthDay object| $birthMonth object| $birthYear object| $birthDate function| eventChangeBirthDate function| disabledSelectOption function| validate18YearOld function| updateBirthDate function| Validator undefined| j undefined| ll undefined| selElmnt undefined| a undefined| b undefined| c function| closeAllSelect function| goToStep function| countdownToNextStep function| activeProgressBar object| dataCountries object| $country undefined| $countryName object| $zipCity undefined| $btnLocation undefined| $btnValidateLocation undefined| $displayErrorLocation boolean| isLocationByGeolocation undefined| typingTimer number| doneTyping object| countries undefined| curLanguage function| _eventClickAutocomplete function| findCountryCode function| displayCountry function| findCountryName function| buildAutocomplete function| getCurentLocation function| getCurentLocationByIp function| sendCurrentLocation function| sendValidateLocation function| fillLocationValidated function| validateLocation function| validateLocationMessage function| getCurrentLink object| $btnOpenLogin object| $btnCloseLogin undefined| $loginFormHolder undefined| $errors object| $formLogin boolean| iDates function| loginFormAddRequiredError function| submitHttpRequest object| Popwin string| avatar object| lines string| lastbubble number| line number| timer string| answer object| mydata boolean| submitting function| processData function| chat function| mycheck function| next function| validateEmail function| validateUsername function| validatePassword function| validateCity function| validateAge function| insertParamsToURL function| handleAfterGoNextStep function| handlingClickValidateLocation function| handlingCompleteValidateLocation function| disableSelectLabel number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt number| sbbtstflgsbbhbka boolean| sbbhbka number| __oneSignalSdkLoadCount function| __jp0 boolean| sbrmp

23 Cookies

Domain/Path Name / Value
flingswipes.com/ Name: DO-LB
Value: "MTAuMTM2LjAuMzo4MA=="
.x.bangalerts.com/ Name: a1cfd22d-26ed-4d80-b923-07df66f47316-v4
Value: 3pCtyLR79tzpSIKWdo2_Je9UJdQyJ90aZhAtTCqg0u0
.x.bangalerts.com/ Name: cc-v4
Value: l4hzgA%2FM8SzNMLWQeClX4t2XQfF%2F6ShmBKqKNZDPlcx6kaYRlLMQspVUPjFd%2BvAFwqewcpkfVoYCwUdiunO7s1v36PbexgEZM7fCvm6RbbVW2F10Vk%2FqmJ%2FDjgmCRgDVLw5ZiOYB%2BjYh4%2F1EixVIXQ%3D%3D
www.sharktrk.com/ Name: PHPSESSID
Value: as3kk26tu23jlcdufdhcvjhcs5
.sharktrk.com/ Name: natsfornetworks_unique_23_1214_5417
Value: CSharksChris.1214.1214.5417.15767.0.0.0.0.0.0.0
.sharktrk.com/ Name: ocode_23_5417
Value: CSharksChris.1214.1214.5417.15767.0.0.0.0.0.0.0
.sharktrk.com/ Name: ocode_23
Value: CSharksChris.1214.1214.5417.15767.0.0.0.0.0.0.0
.sharktrk.com/ Name: natsfornetworks_23_5417_cookie
Value: No+Referring+URL
.sharktrk.com/ Name: natsfornetworks_23_5417
Value: CSharksChris.1214.1214.5417.15767.0.0.0.0.0.0.0|||362698f4f18e593.10609788
trk.cloudtraff.com/ Name: SPSI
Value: 7d73af2a80adf357d787355e7d7ce193
trk.cloudtraff.com/ Name: SPSE
Value: S/q/s1OwOQ3oe2BJGQiJ2iRIElb2r5sbvkOa6DBTsAjjiOqMe1i6M9EtJL9SkKZW/2sYwb8tstPVLhgmkEK18A==
trk.cloudtraff.com/ Name: spcsrf
Value: 9fa97b65470f0c02313316a50b84fec8
trk.cloudtraff.com/ Name: UTGv2
Value: D-h41faab5a733ceedc2d8122551c44f904e46
trk.cloudtraff.com/ Name: attrk
Value: yes
.cloudtraff.com/ Name: vcid
Value: %7B%22id%22%3A%22af426cb2-a766-41b5-baee-2e3385b7b4a3%22%2C%22firstTime%22%3A%22Apr+27%2C+2022+6%3A45%3A35+PM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Apr+27%2C+2022+6%3A45%3A35+PM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D
bl.mature-hits.net/ Name: SPSI
Value: 98cc328354e77e6e90ac8dc48e0ac9f9
bl.mature-hits.net/ Name: SPSE
Value: HGdR2jZCr92otoZQIrocnzLrW62UPMVjKvIOCtg14IFaClt7yU2Kh9gbs35fs+xHa9IcuuzrJOCW8vwfBjhZWg==
bl.mature-hits.net/ Name: spcsrf
Value: f1154557d7cbf119a3016c114c1949d8
bl.mature-hits.net/ Name: PHPSESSID
Value: 9o49qi8eti3me7lkdi3h7adeik
bl.mature-hits.net/ Name: sp_lit
Value: d61lPDV6/59kBwKJyMTBFA==
bl.mature-hits.net/ Name: PRLST
Value: Sn
bl.mature-hits.net/ Name: UTGv2
Value: h4c95b0e8dfdb59af1c5334fec2fd2cec548
bl.mature-hits.net/ Name: adOtr
Value: 3c8293c58e4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bl.mature-hits.net
cdn.onesignal.com
flingswipes.com
fonts.googleapis.com
fonts.gstatic.com
img.onesignal.com
lpmedia.servefilesonly.com
maxcdn.bootstrapcdn.com
o-2628.cloudtraff.com
onesignal.com
trk.cloudtraff.com
www.sharktrk.com
x.bangalerts.com
151.139.128.11
156.67.36.13
18.194.134.212
2606:4700:3032::ac43:85af
2606:4700::6812:bcf
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:803::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::200a
2a06:98c1:3121::7
053fe96e10c59c0d3902cfd55947ef08826da5343ebaf0880daec30e4ae04608
078399bde40c06cb57e0851b1a4d3106154af2ede5e96a24e952a5526c64943a
0a17456f98ecf4d198860e7d511ac5fb5f31d6c60bba4c574fb0596feec3db59
0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d
11a8a4370fa87bc4906c9309d938c651fa85aed67081601c5a5cdb9548bed32d
1257bc3979e3466a2d7e073925ca9b4a88691ae2620ab637ecd8734b83877c07
150784b50aeb11151034be1b7e22d9bfb32c4efe5dc339c6e9d800377c73108a
195c953a7e6f40ca401cbe3b8f67d174909f6bd6a6f58c4d58649dae7341f13f
1966b4feb0dd28a81d712a8fd2f8fd39f752c3b4081a11c870ffded5a5aa66fb
1ca1a1ee4fd0edc1c9bc490bcf24cce4f2104b683baf5b25945774ef8464fc10
3417acb3eb921fbfbe6cbc9a604f640606549cd7163609ec20e6354b7756159b
34cee372b39c70872f36eb74c0de67c4127e6a9262835044ebb912cd64f2854f
397d1a78a7ba4062be8a23663262671a9fe516a82c0188e043d0e8fd280b6a7a
3fdfd802b39cf69a1f4c32216718d02229eea7fb08747d92a2a08363ae3bd4d0
511117cc808a12e1b0e03858729c4bd704235a9ef3e989b174bb6354811f9205
5a45f707f68a951d651b849c0d5b9a2e4455f76fc6ac76d176ecf1496e3ce0a3
5b9e2174ae11d5b2ce195c1d654bfc207e00a6ec22347385cf09439adbcd07f3
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
6e916e03b1d205ffa49d9fb9eeb73e6cd7ba8ab0479fde77da0ac059db24f0cb
711dd3689d5465deba16602b6d06a581d2b98537c25200a06fcc3f6f2667eb4a
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0
8c1d19af401b38950aa8d968003fff242deadbfced898ce11afee8f035d9e9c1
93390fadd50a1adc5b3cc1022869c221e53a5661ae403b3996eb79cb2bd1d7f7
95387a62e27849b52c92014fcfef9fe01a543f1f6e152b539a08ebdd9d01072e
aaa1ec7a42ae47d440952cfdee5cf609758392d77f5c0d593e3eaf6880538df8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c01ae6f690936b5ea1d7ac0b1e77b8f89a61d7b0720e488ba4d2737db1e82ab3
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d22f4a4f5d351ece063a54e5c1a435484594b14318873cd47d300156eab75f3c
d8bec43fa0c0c15402b98176cc557cf4c72c7a881ab1d0143354b87839c90d62
d962a9b44d644f7cf69bdb12474a7e831f3647ed745027dcbc9b654aac164165
da34a3b43775b1b28d38270d9c606b15152b7e2fc6c95cf669f5a7462cc38747
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e5eaa47c3c5c39514a966b94d37019c06a13fd909f119a68d3adeb77b67ceefe
e72ec3f9b09d9b1e82f4f24fba969ac79c496b7d175ba18686cc959d11657363
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e9ea9a3362eaff855c8bed3b0451fa0cb3b11e22694804fbc4c7695b873469a9
ec41b17a581f3346cf806158ec74535c0b2dd6b341395c04509dc31d4ee6c35d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffb6186503a7d066d723c3e187f85a323972effdbaa4e37738a3fbfee40b4762