urlscan.io logo urlscan.io
SecurityTrails logo

bongacams10.com Open in urlscan Pro
195.85.23.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bbcnews-fziyhu.kmg1.xyz/
Effective URL: https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&aff...
Submission: On February 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 20 domains to perform 28 HTTP transactions. The main IP is 195.85.23.222, located in and belongs to . The main domain is bongacams10.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 29th 2023. Valid for: a year.
This is the only time bongacams10.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    154.12.254.12 (New York, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1579699.contaboserver.net
bbcnews-fziyhu.kmg1.xyz
1    209.126.85.168 (United States)

ASN40021 (NL-811-40021, US)
PTR: vmi964601.contaboserver.net
lacabrahd.com
1    154.53.45.45 (St Louis, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1503034.contaboserver.net
links-api.lat
5    2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
1    2606:4700::6812:cc0 (United States)

ASN13335 (CLOUDFLARENET, US)
llorens.nyc3.cdn.digitaloceanspaces.com
1    44.195.219.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-219-161.compute-1.amazonaws.com
rb.gy
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
1    67.212.184.147 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
my.contentrightnow.com
3    51.68.82.147 (France)

ASN16276 (OVH, FR)
www.cimentbuilder.one
1    104.26.7.190 (None, )

ASN13335 (CLOUDFLARENET, US)
admoustache.aftrad-visit.com
1    67.212.173.75 (None, )

ASN- ()
ad.sasternick.com
3    51.68.81.31 (None, )

ASN- ()
www.verticalstructre.today
1    2606:4700:3034::6815:28e3 (None, )

ASN- ()
t.bl-fastcdn.com
1    195.85.23.222 (None, )

ASN- ()
bongacams10.com
1    2607:f8b0:4006:81c::200a (None, )

ASN- ()
fonts.googleapis.com
4    64.88.254.180 (None, )

ASN- ()
i.bngprm.com
1    2607:f8b0:4006:81c::2004 (None, )

ASN- ()
www.google.com
Domain Requested by
5 www.youtube.com bbcnews-fziyhu.kmg1.xyz
www.youtube.com
4 i.bngprm.com bongacams10.com
bbcnews-fziyhu.kmg1.xyz
4 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
3 www.verticalstructre.today 2 redirects ad.sasternick.com
3 www.cimentbuilder.one 2 redirects my.contentrightnow.com
1 www.google.com bongacams10.com
1 fonts.googleapis.com bongacams10.com
1 bongacams10.com t.bl-fastcdn.com
1 t.bl-fastcdn.com www.verticalstructre.today
1 ad.sasternick.com www.cimentbuilder.one
1 admoustache.aftrad-visit.com 1 redirects
1 my.contentrightnow.com llorens.nyc3.cdn.digitaloceanspaces.com
1 polo.thegadgetguru.club 1 redirects
1 rb.gy 1 redirects
1 llorens.nyc3.cdn.digitaloceanspaces.com bbcnews-fziyhu.kmg1.xyz
1 whos.amung.us
1 links-api.lat bbcnews-fziyhu.kmg1.xyz
1 lacabrahd.com bbcnews-fziyhu.kmg1.xyz
1 bbcnews-fziyhu.kmg1.xyz
0 maps.googleapis.com Failed www.google.com
0 bngtrak.com Failed bongacams10.com
28 21

This site contains no links.

Subject Issuer Validity Valid
*.kmg1.xyz
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
lacabrahd.com
cPanel, Inc. Certification Authority		 2024-01-22 -
2024-04-21		 3 months crt.sh
cpanel.links-api.lat
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-11 -
2024-06-09		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-04		 a year crt.sh
my.contentrightnow.com
R3		 2024-02-02 -
2024-05-02		 3 months crt.sh
www.cimentbuilder.one
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
ad.sasternick.com
R3		 2024-02-01 -
2024-05-01		 3 months crt.sh
www.verticalstructre.today
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
bl-fastcdn.com
GTS CA 1P5		 2024-02-06 -
2024-05-06		 3 months crt.sh
bongacams10.com
Cloudflare Inc ECC CA-3		 2023-10-29 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
i.bngprm.com
GoGetSSL RSA DV CA		 2023-11-27 -
2024-12-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&affe=popo
Frame ID: E6FB68D841938D0EFBA0F33B2E52FD45
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Frame ID: F87DBEAE1A5331B67B52B58143F49DFB
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/view?zoom=14&key=AIzaSyAu9yTxe7Je2ik1X9wExxuKHoI6ih7HHY4&center=42.8867,-78.8927
Frame ID: 6CAF73F93B9CFD9C3ACF3BFA30B919BB
Requests: 2 HTTP requests in this frame

Frame: https://i.bngprm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: C398ED74D725BDC33E97FE7DC75D21DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bbcnews-fziyhu.kmg1.xyz/ Page URL
  2. https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html Page URL
  3. https://rb.gy/rq01eq HTTP 301
    https://polo.thegadgetguru.club/?k=0cf174f2c7b4ef97b9ae81f34a2f3ee8&type=mainstream&subtype=global&data1=lor... HTTP 302
    https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  4. https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website... Page URL
  5. https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website... HTTP 302
    https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008... HTTP 302
    https://ad.sasternick.com/?1=1B7fmUHKE&utm_medium=08fd7276623cd255f2ee789fc9a147bab2569f20&utm_campaig... Page URL
  6. https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website... Page URL
  7. https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website... HTTP 302
    https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website... HTTP 302
    https://t.bl-fastcdn.com/directclick/?pid=CLBghbX1fLb_OqWe6xqTn5jALQA1&wsid=13100c1437480159df2c689b7... Page URL
  8. https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_3718... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

93 %
HTTPS

37 %
IPv6

20
Domains

21
Subdomains

17
IPs

3
Countries

372 kB
Transfer

2336 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bbcnews-fziyhu.kmg1.xyz/ Page URL
  2. https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html Page URL
  3. https://rb.gy/rq01eq HTTP 301
    https://polo.thegadgetguru.club/?k=0cf174f2c7b4ef97b9ae81f34a2f3ee8&type=mainstream&subtype=global&data1=lorenamenpc HTTP 302
    https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  4. https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400 Page URL
  5. https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400&eyeg=ea0fc5a82890688a1454c38d82799a24&eyer=0.9906632744624566&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
    https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400&eyeg=3&eyer=0.9906632744624566&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=3300088f4ab4da46d02864fd77cdc4110df6f0229-202402-flb*5738009-ccc5a*M7340813052704456732*sl_5738009-ccc5a*d0ca3529072ce41c8f130fa26aa60bfe699afe05*4400-5235070z*4400 HTTP 302
    https://ad.sasternick.com/?1=1B7fmUHKE&utm_medium=08fd7276623cd255f2ee789fc9a147bab2569f20&utm_campaign=main&cid=2012FcsCf1KmmyRTm2tFmuoucWKxVRzKSdGYA3GaFAKG86VMovvyd7Y7RpqPUCqqkvuygj Page URL
  6. https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961 Page URL
  7. https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961&eyeg=ae493b20705a216e58b4e55ff27e952a&eyer=0.9895071603672458&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ad.sasternick.com HTTP 302
    https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961&eyeg=3&eyer=0.9895071603672458&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ad.sasternick.com HTTP 302
    https://t.bl-fastcdn.com/directclick/?pid=CLBghbX1fLb_OqWe6xqTn5jALQA1&wsid=13100c1437480159df2c689b7cf0cb06be0940229-202402-flb*5738013-2c38d*M7340813056999424063*sl_5738013-2c38d*d4eeec50f61060204c10590d6596c8b1ef178501*20961-848dcc07-59cae2fb*20961 Page URL
  8. https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&affe=popo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://rb.gy/rq01eq HTTP 301
  • https://polo.thegadgetguru.club/?k=0cf174f2c7b4ef97b9ae81f34a2f3ee8&type=mainstream&subtype=global&data1=lorenamenpc HTTP 302
  • https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Request Chain 14
  • https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400&eyeg=ea0fc5a82890688a1454c38d82799a24&eyer=0.9906632744624566&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
  • https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400&eyeg=3&eyer=0.9906632744624566&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=3300088f4ab4da46d02864fd77cdc4110df6f0229-202402-flb*5738009-ccc5a*M7340813052704456732*sl_5738009-ccc5a*d0ca3529072ce41c8f130fa26aa60bfe699afe05*4400-5235070z*4400 HTTP 302
  • https://ad.sasternick.com/?1=1B7fmUHKE&utm_medium=08fd7276623cd255f2ee789fc9a147bab2569f20&utm_campaign=main&cid=2012FcsCf1KmmyRTm2tFmuoucWKxVRzKSdGYA3GaFAKG86VMovvyd7Y7RpqPUCqqkvuygj
Request Chain 16
  • https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961&eyeg=ae493b20705a216e58b4e55ff27e952a&eyer=0.9895071603672458&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ad.sasternick.com HTTP 302
  • https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961&eyeg=3&eyer=0.9895071603672458&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ad.sasternick.com HTTP 302
  • https://t.bl-fastcdn.com/directclick/?pid=CLBghbX1fLb_OqWe6xqTn5jALQA1&wsid=13100c1437480159df2c689b7cf0cb06be0940229-202402-flb*5738013-2c38d*M7340813056999424063*sl_5738013-2c38d*d4eeec50f61060204c10590d6596c8b1ef178501*20961-848dcc07-59cae2fb*20961

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bbcnews-fziyhu.kmg1.xyz/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbcnews-fziyhu.kmg1.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.12.254.12 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS
vmi1579699.contaboserver.net
Software
nginx/1.24.0 / PHP/8.2.12
Resource Hash
ebffe797f424040208954810d209c45c57065fc5646453334cf5044a4ef11f45

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
1408
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Feb 2024 00:23:46 GMT
Server
nginx/1.24.0
X-Powered-By
PHP/8.2.12
fbmultiplepais
lacabrahd.com/api/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lacabrahd.com:3069/api/scripts/fbmultiplepais?contador=ALDIA&owner=elcrack2&isbot=false&before=true&selectedcountry=
Requested by
Host: bbcnews-fziyhu.kmg1.xyz
URL: https://bbcnews-fziyhu.kmg1.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.126.85.168 , United States, ASN40021 (NL-811-40021, US),
Reverse DNS
vmi964601.contaboserver.net
Software
/ Express
Resource Hash
f94a25f6b7171680b0af13bdc1bd76c2ef9154b3d98586632b62cdfeabfc9bfc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bbcnews-fziyhu.kmg1.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 29 Feb 2024 00:23:46 GMT
Connection
keep-alive
X-Powered-By
Express
Keep-Alive
timeout=5
Transfer-Encoding
chunked
Content-Type
application/javascript
data.php
links-api.lat/src/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://links-api.lat/src/data.php
Requested by
Host: bbcnews-fziyhu.kmg1.xyz
URL: https://bbcnews-fziyhu.kmg1.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.53.45.45 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS
vmi1503034.contaboserver.net
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bbcnews-fziyhu.kmg1.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Thu, 29 Feb 2024 00:23:46 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
mwKJfNYwvm8
www.youtube.com/embed/ Frame F87D 		91 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Requested by
Host: bbcnews-fziyhu.kmg1.xyz
URL: https://bbcnews-fziyhu.kmg1.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82c473d685fc599319b482df4b02e5069d4b3e4222303d731bfc708b1297a952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbcnews-fziyhu.kmg1.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Feb 2024 00:23:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/6f21feb8/ Frame F87D 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6f21feb8/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02646b2c342cb5363a9660d29ceed6d9782d55e6942246aad5314aa0535b67e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
54648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47564
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 05:17:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 09:12:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F87D 		3 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:56:40 GMT
x-content-type-options
nosniff
age
55626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 08:56:40 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F87D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:09:27 GMT
x-content-type-options
nosniff
age
54859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 09:09:27 GMT
embed.js
www.youtube.com/s/player/6f21feb8/player_ias.vflset/en_US/ Frame F87D 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6f21feb8/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045e25daf40794b16273a6fc92e159511aa7aaa378ff23761760e2173c589eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:49:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
56030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 05:17:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:49:56 GMT
www-embed-player.js
www.youtube.com/s/player/6f21feb8/www-embed-player.vflset/ Frame F87D 		319 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6f21feb8/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
55897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97346
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 05:17:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:52:09 GMT
base.js
www.youtube.com/s/player/6f21feb8/player_ias.vflset/en_US/ Frame F87D 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6f21feb8/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795910
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 05:17:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:55:13 GMT
/
whos.amung.us/pingjs/ 		24 B
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=ALDIA&t=La%20Chancla~%20Le%20%20dimo%20to&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=6725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bbcnews-fziyhu.kmg1.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 00:23:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
85ccc2b5ae0d4398-EWR
alt-svc
h3=":443"; ma=86400
content-type
text/javascript;charset=UTF-8
dgthconhperial.html
llorens.nyc3.cdn.digitaloceanspaces.com/ 		798 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html
Requested by
Host: bbcnews-fziyhu.kmg1.xyz
URL: https://bbcnews-fziyhu.kmg1.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://bbcnews-fziyhu.kmg1.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3430
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
85ccc2bc68d919ae-EWR
content-encoding
gzip
content-type
text/html
date
Thu, 29 Feb 2024 00:23:47 GMT
last-modified
Fri, 09 Feb 2024 17:33:29 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
tx00000d60322447774614f-0065c661f5-50576-nyc3d
x-do-cdn-uuid
62251b6e-c5c8-4bca-8a88-c44fea1a3043
x-envoy-upstream-healthchecked-cluster
x-rgw-object-type
Normal
/
my.contentrightnow.com/
Redirect Chain
  • https://rb.gy/rq01eq
  • https://polo.thegadgetguru.club/?k=0cf174f2c7b4ef97b9ae81f34a2f3ee8&type=mainstream&subtype=global&data1=lorenamenpc
  • https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Requested by
Host: llorens.nyc3.cdn.digitaloceanspaces.com
URL: https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
9631f77245c29d2f211644080ac45f65a6688fe7d94e94dcc1a422cdf2d84898

Request headers

Referer
https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 00:23:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Feb 2024 00:23:48 GMT
Location
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
/
www.cimentbuilder.one/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400
Requested by
Host: my.contentrightnow.com
URL: https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.82.147 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://my.contentrightnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 29 Feb 2024 00:23:48 GMT
Transfer-Encoding
chunked
/
ad.sasternick.com/
Redirect Chain
  • https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400&eyeg=ea0fc5a82890688a1454c38d82799a24&eyer=0.9906632744624566...
  • https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400&eyeg=3&eyer=0.9906632744624566&eyei=0&eyew=1600&eyeh=1200&eye...
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=3300088f4ab4da46d02864fd77cdc4110df6f0229-202402-flb*5738009-ccc5a*M7340813052704456732*sl...
  • https://ad.sasternick.com/?1=1B7fmUHKE&utm_medium=08fd7276623cd255f2ee789fc9a147bab2569f20&utm_campaign=main&cid=2012FcsCf1KmmyRTm2tFmuoucWKxVRzKSdGYA3GaFAKG86VMovvyd7Y7RpqPUCqqkvuygj
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.sasternick.com/?1=1B7fmUHKE&utm_medium=08fd7276623cd255f2ee789fc9a147bab2569f20&utm_campaign=main&cid=2012FcsCf1KmmyRTm2tFmuoucWKxVRzKSdGYA3GaFAKG86VMovvyd7Y7RpqPUCqqkvuygj
Requested by
Host: www.cimentbuilder.one
URL: https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.75 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7340813052704456732&website=4400-5235070z&placement=4400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 00:23:49 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
85ccc2c49ccb36d5-YYZ
content-length
218
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 00:23:49 GMT
location
https://ad.sasternick.com/?1=1B7fmUHKE&utm_medium=08fd7276623cd255f2ee789fc9a147bab2569f20&utm_campaign=main&cid=2012FcsCf1KmmyRTm2tFmuoucWKxVRzKSdGYA3GaFAKG86VMovvyd7Y7RpqPUCqqkvuygj
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFGsw7i8le0pQtd31jeFar%2B5HVUDh6zpnZtE5pmIf%2BUtr5cNoEe0cJVTOojo%2Bqli91I0gCUE6FIklHKgzXmkHq4bM4TC%2FxpNC2eQ0HujnkLkFyeFaP4zWzzO0eBqeJduI%2BCr7N0Du6s6PY407Ws%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
www.verticalstructre.today/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961
Requested by
Host: ad.sasternick.com
URL: https://ad.sasternick.com/?1=1B7fmUHKE&utm_medium=08fd7276623cd255f2ee789fc9a147bab2569f20&utm_campaign=main&cid=2012FcsCf1KmmyRTm2tFmuoucWKxVRzKSdGYA3GaFAKG86VMovvyd7Y7RpqPUCqqkvuygj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ad.sasternick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 29 Feb 2024 00:23:50 GMT
Transfer-Encoding
chunked
/
t.bl-fastcdn.com/directclick/
Redirect Chain
  • https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961&eyeg=ae493b20705a216e58b4e55ff27e952a&eyer=0....
  • https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961&eyeg=3&eyer=0.9895071603672458&eyei=0&eyew=16...
  • https://t.bl-fastcdn.com/directclick/?pid=CLBghbX1fLb_OqWe6xqTn5jALQA1&wsid=13100c1437480159df2c689b7cf0cb06be0940229-202402-flb*5738013-2c38d*M7340813056999424063*sl_5738013-2c38d*d4eeec50f6106020...
26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.bl-fastcdn.com/directclick/?pid=CLBghbX1fLb_OqWe6xqTn5jALQA1&wsid=13100c1437480159df2c689b7cf0cb06be0940229-202402-flb*5738013-2c38d*M7340813056999424063*sl_5738013-2c38d*d4eeec50f61060204c10590d6596c8b1ef178501*20961-848dcc07-59cae2fb*20961
Requested by
Host: www.verticalstructre.today
URL: https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:28e3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.verticalstructre.today/?sl=5738013-2c38d&data1=Track1&data2=Track2&tag=M7340813056999424063&website=20961-848dcc07-59cae2fb&placement=20961
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85ccc2cf28228cdd-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 00:23:51 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmkFrrODOgcJujg165YW%2FjK%2BoQzXiOJZsT0bcjNPCV2o1zY9P5GPzlJpVJJ1KMQdduu1j6Fy4rlmY33oR%2B2c%2Bvf6MCLTwPlIPCWhcnVy9GZNYXm5j1zzxrtHX%2FM9PeUnHqVE3lQYfrcfGHyJ%2BeYt"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Thu, 29 Feb 2024 00:23:50 GMT
Location
https://t.bl-fastcdn.com/directclick/?pid=CLBghbX1fLb_OqWe6xqTn5jALQA1&wsid=13100c1437480159df2c689b7cf0cb06be0940229-202402-flb*5738013-2c38d*M7340813056999424063*sl_5738013-2c38d*d4eeec50f61060204c10590d6596c8b1ef178501*20961-848dcc07-59cae2fb*20961
Primary Request promo_popunder_map
bongacams10.com/ 		50 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&affe=popo
Requested by
Host: t.bl-fastcdn.com
URL: https://t.bl-fastcdn.com/directclick/?pid=CLBghbX1fLb_OqWe6xqTn5jALQA1&wsid=13100c1437480159df2c689b7cf0cb06be0940229-202402-flb*5738013-2c38d*M7340813056999424063*sl_5738013-2c38d*d4eeec50f61060204c10590d6596c8b1ef178501*20961-848dcc07-59cae2fb*20961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.222 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b7617da2b2d4784dac7d6ff0ab39e5a68f339af35b24962e81504288246cf85d
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
alt-svc
h3=":443"; ma=86400
cache-control
no-cache public
cf-cache-status
DYNAMIC
cf-ray
85ccc2d348d6c454-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 00:23:51 GMT
expires
Thu, 29 Feb 2024 00:23:50 GMT
server
cloudflare
strict-transport-security
max-age=0;
x-bcs
ded7013 ded7049
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700|Open+Sans:400,700&subset=cyrillic,greek-ext,latin-ext
Requested by
Host: bongacams10.com
URL: https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&affe=popo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
f0d1c97b4c1537de6f4f9802f974667c7e2e003a8e8f0d013068b919cdabf95d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bongacams10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Feb 2024 00:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 00:12:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Feb 2024 00:23:51 GMT
jquery.tools.min.js
i.bngprm.com/popunders/lib/js/ 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bngprm.com/popunders/lib/js/jquery.tools.min.js
Requested by
Host: bongacams10.com
URL: https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&affe=popo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.88.254.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bongacams10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 00:23:52 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:13:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-cdn-diag
jfk4-2086-3-52525-h-0-0---;2075-25-12721----0-0-0
expires
Thu, 28 Jan 2021 03:01:49 GMT
jquery.selectbox-0.2.min.js
i.bngprm.com/popunders/lib/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bngprm.com/popunders/lib/js/jquery.selectbox-0.2.min.js
Requested by
Host: bongacams10.com
URL: https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&affe=popo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.88.254.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
91d6157d0e51f7705acc396d5032e439d1dffaeeef652b91127f7690e35b4399

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bongacams10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 00:23:52 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:13:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-cdn-diag
jfk4-2094-4-9423-h-0-0---;2075-25-12721----0-1-0
expires
Thu, 28 Jan 2021 03:03:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700|Open+Sans:400,700&subset=cyrillic,greek-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bongacams10.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:14:01 GMT
x-content-type-options
nosniff
age
54591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 09:14:01 GMT
logo.png
i.bngprm.com/popunders/map/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bngprm.com/popunders/map/img/logo.png
Requested by
Host: bongacams10.com
URL: https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&affe=popo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.88.254.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f40214de08bd40876202207a1ba559afa19e67d55fc4f876e2244688b54893a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bongacams10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 00:23:52 GMT
last-modified
Fri, 31 May 2019 10:13:34 GMT
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-cdn-diag
jfk4-2057-1-4886-h-0-0---;2075-27-12721----0-0-0
accept-ranges
bytes
content-length
2079
expires
Sun, 21 Feb 2021 14:30:29 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700|Open+Sans:400,700&subset=cyrillic,greek-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bongacams10.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:59:48 GMT
x-content-type-options
nosniff
age
55444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16324
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 08:59:48 GMT
hit.php
bngtrak.com/ 		0
0
view
www.google.com/maps/embed/v1/ Frame 6CAF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed/v1/view?zoom=14&key=AIzaSyAu9yTxe7Je2ik1X9wExxuKHoI6ih7HHY4&center=42.8867,-78.8927
Requested by
Host: bongacams10.com
URL: https://bongacams10.com/promo_popunder_map?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&affe=popo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 -, , ASN (),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
bce71297c86791f66cbe3ddcceca39b3a70eebb066f5cf0e67f08c2567eddcec
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-kehV4SXG-9HXxpRzIVdVpg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bongacams10.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
592
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-kehV4SXG-9HXxpRzIVdVpg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 00:23:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0
main.js
i.bngprm.com/cdn-cgi/challenge-platform/scripts/jsd/ Frame C398 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bngprm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: bbcnews-fziyhu.kmg1.xyz
URL: https://bbcnews-fziyhu.kmg1.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.88.254.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
js
maps.googleapis.com/maps/api/ Frame 6CAF 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bngtrak.com
URL
https://bngtrak.com/hit.php?c=249852&ps=popunder&subid=371811&subid2=24022901_01_371811_fc8abc86b4ede&echo=1
Domain
maps.googleapis.com
URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: IY0Q4WM1iSk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: DpSVfXjcs5s
.bl-fastcdn.com/ Name: checkkeks
Value: 1
.bl-fastcdn.com/ Name: eTag
Value: 929f570d3a90ca738f2fda018e6aae63
.bl-fastcdn.com/ Name: ck_uniques
Value: 1709252630%3A24589-115227
.bl-fastcdn.com/ Name: ck_uniquesPa
Value: 1709252630%3A103330
.bl-fastcdn.com/ Name: ck_sys_uniques_3
Value: 1
.bl-fastcdn.com/ Name: u_current_ads_view
Value: 103330----

13 Console Messages

Source Level URL
Text
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/(Line 20)
Message:
Unrecognized feature: 'web-share'.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://links-api.lat/src/data.php
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-fziyhu.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://i.bngprm.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.sasternick.com
admoustache.aftrad-visit.com
bbcnews-fziyhu.kmg1.xyz
bngtrak.com
bongacams10.com
fonts.googleapis.com
fonts.gstatic.com
i.bngprm.com
lacabrahd.com
links-api.lat
llorens.nyc3.cdn.digitaloceanspaces.com
maps.googleapis.com
my.contentrightnow.com
polo.thegadgetguru.club
rb.gy
t.bl-fastcdn.com
whos.amung.us
www.cimentbuilder.one
www.google.com
www.verticalstructre.today
www.youtube.com
bngtrak.com
maps.googleapis.com
104.26.7.190
154.12.254.12
154.53.45.45
195.85.23.222
209.126.85.168
2606:4700:10::6816:4bab
2606:4700:3034::6815:28e3
2606:4700::6812:cc0
2607:f8b0:4006:808::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
44.195.219.161
51.68.81.31
51.68.82.147
64.227.23.114
64.88.254.180
67.212.173.75
67.212.184.147
02646b2c342cb5363a9660d29ceed6d9782d55e6942246aad5314aa0535b67e7
045e25daf40794b16273a6fc92e159511aa7aaa378ff23761760e2173c589eee
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0f40214de08bd40876202207a1ba559afa19e67d55fc4f876e2244688b54893a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
82c473d685fc599319b482df4b02e5069d4b3e4222303d731bfc708b1297a952
91d6157d0e51f7705acc396d5032e439d1dffaeeef652b91127f7690e35b4399
9631f77245c29d2f211644080ac45f65a6688fe7d94e94dcc1a422cdf2d84898
b7617da2b2d4784dac7d6ff0ab39e5a68f339af35b24962e81504288246cf85d
bce71297c86791f66cbe3ddcceca39b3a70eebb066f5cf0e67f08c2567eddcec
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
ebffe797f424040208954810d209c45c57065fc5646453334cf5044a4ef11f45
f0d1c97b4c1537de6f4f9802f974667c7e2e003a8e8f0d013068b919cdabf95d
f94a25f6b7171680b0af13bdc1bd76c2ef9154b3d98586632b62cdfeabfc9bfc