1wjxec.top
Open in
urlscan Pro
190.115.24.78
Public Scan
Effective URL: https://1wjxec.top/
Submission: On October 21 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on August 3rd 2023. Valid for: 3 months.
This is the only time 1wjxec.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3033::6815:fc0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 190.115.24.78 190.115.24.78 | 59692 (IQWEB) (IQWEB) | |
27 | 2606:4700:e0:... 2606:4700:e0::ac40:6a23 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c08::61 | 15169 (GOOGLE) (GOOGLE) | |
2 | 151.101.194.132 151.101.194.132 | 54113 (FASTLY) (FASTLY) | |
2 4 | 172.253.63.149 172.253.63.149 | 15169 (GOOGLE) (GOOGLE) | |
2 4 | 172.253.63.148 172.253.63.148 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.160.41.49 18.160.41.49 | 16509 (AMAZON-02) (AMAZON-02) | |
1 5 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 | 2001:4860:480... 2001:4860:4802:38::178 | 15169 (GOOGLE) (GOOGLE) | |
1 | 99.84.191.77 99.84.191.77 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2607:f8b0:400... 2607:f8b0:4004:c07::9c | 15169 (GOOGLE) (GOOGLE) | |
2 | 52.40.67.88 52.40.67.88 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a02:6b8::346 2a02:6b8::346 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
57 | 15 |
ASN15169 (GOOGLE, US)
PTR: bi-in-f149.1e100.net
12688802.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: bi-in-f148.1e100.net
12572451.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net
static.hotjar.com |
ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru | |
mc.yandex.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-67-88.us-west-2.compute.amazonaws.com
api2.amplitude.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
1win-cdn.com
1win-cdn.com — Cisco Umbrella Rank: 249789 |
638 KB |
8 |
doubleclick.net
4 redirects
12688802.fls.doubleclick.net — Cisco Umbrella Rank: 306533 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 308374 |
4 KB |
6 |
1wjxec.top
1wjxec.top |
134 KB |
4 |
yandex.com
1 redirects
mc.yandex.com — Cisco Umbrella Rank: 7957 |
3 KB |
4 |
google.com
adservice.google.com — Cisco Umbrella Rank: 118 |
890 B |
4 |
amplitude.com
api.lab.amplitude.com — Cisco Umbrella Rank: 4282 api2.amplitude.com — Cisco Umbrella Rank: 1334 |
454 B |
2 |
yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3539 adfstat.yandex.ru — Cisco Umbrella Rank: 21312 |
72 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101 |
60 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
169 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
250 B |
1 |
1wij.today
1wij.today |
638 B |
57 | 11 |
Domain | Requested by | |
---|---|---|
27 | 1win-cdn.com |
1wjxec.top
1win-cdn.com |
6 | 1wjxec.top |
1wij.today
1wjxec.top 1win-cdn.com |
4 | mc.yandex.com |
1 redirects
mc.yandex.ru
1wjxec.top |
4 | adservice.google.com |
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net |
4 | 12572451.fls.doubleclick.net |
2 redirects
www.googletagmanager.com
|
4 | 12688802.fls.doubleclick.net |
2 redirects
www.googletagmanager.com
|
2 | api2.amplitude.com |
1win-cdn.com
|
2 | api.lab.amplitude.com |
1win-cdn.com
|
2 | www.googletagmanager.com |
1wij.today
www.googletagmanager.com |
1 | adfstat.yandex.ru | |
1 | script.hotjar.com |
static.hotjar.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | mc.yandex.ru |
1wij.today
|
1 | static.hotjar.com |
1wij.today
|
1 | 1wij.today | |
57 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1wij.today GTS CA 1P5 |
2023-08-27 - 2023-11-25 |
3 months | crt.sh |
1wjxec.top R3 |
2023-08-03 - 2023-11-01 |
3 months | crt.sh |
1win-cdn.com GTS CA 1P5 |
2023-10-04 - 2024-01-02 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1 |
2023-02-25 - 2024-03-28 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-08-14 - 2024-01-24 |
5 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2023-01-23 - 2024-02-14 |
a year | crt.sh |
adfstat.yandex.ru GlobalSign RSA OV SSL CA 2018 |
2023-08-03 - 2024-01-31 |
6 months | crt.sh |
This page contains 10 frames:
Primary Page:
https://1wjxec.top/
Frame ID: 49E3E86C6EB7D592B32B582B4ADF733B
Requests: 45 HTTP requests in this frame
Frame:
https://12688802.fls.doubleclick.net/activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Frame ID: 5F7E294FEDAFC0B5111F7FEF0A450367
Requests: 1 HTTP requests in this frame
Frame:
https://12572451.fls.doubleclick.net/activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881
Frame ID: F4F49940FE9886C8BCBEDEF5FD993B8E
Requests: 1 HTTP requests in this frame
Frame:
https://12688802.fls.doubleclick.net/activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Frame ID: E0787DFBB9A85655B17B6F60C79A076D
Requests: 1 HTTP requests in this frame
Frame:
https://12572451.fls.doubleclick.net/activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933
Frame ID: B7B248EC4ECB83975353C1B53C889600
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881;~oref=https://1wjxec.top/
Frame ID: 12B3C2E311EE630BE045DAE9FF20A273
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Frame ID: CA91C0A281BD153E0DA30068B3FF512E
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Frame ID: 4DB844EE10A9A4F151274E65DE1F963B
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933;~oref=https://1wjxec.top/
Frame ID: 874BCCAD88BF285EF7E2B6B50E0F6983
Requests: 1 HTTP requests in this frame
Frame:
https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 7288468B05A1FF27DC8671C9E49A6EE7
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
1winPage URL History Show full URLs
- https://1wij.today/ Page URL
- https://1wjxec.top/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://1wij.today/ Page URL
- https://1wjxec.top/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F HTTP 302
- https://12688802.fls.doubleclick.net/activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
- https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881 HTTP 302
- https://12572451.fls.doubleclick.net/activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881
- https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome HTTP 302
- https://12688802.fls.doubleclick.net/activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
- https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933 HTTP 302
- https://12572451.fls.doubleclick.net/activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10162.foWPwgCSv9gafSUrNPAUSGWyCTWH0UkUDO-8sai6r4bWFmhdmbSI2NQ5_kMxHuLM.lx1jBb0jNUxgkbpYze3z7BCjsGM%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10162.Fc7ci1SDCibDSlIHpRiUYg7ty5Pv9wRfj-kkFhLUJyMVZ_nRKoUFOlXzZDo9vUBuDkzDi5tqusUbvt6N2bEQFiX1C8mKyc7FuNcZ-hcYlTnfxT5NaJhDgMjStm_QkcYdDg9pqqPmwEunnf-xx_EgDgjKT-SPLTQw00P0LNDZ6Yn3LpKN898ng1sx4K9U59yKCltl46tbr8DJUzQmt8KY3XIRrdz3j__s5Si_CX0Hbss%2C.3fBNWdXGQ1pbhQltRhZle9cqmxw%2C
- https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1wij.today%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhe16nuwp1gt1zsuz%3Afp%3A1497%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A785037244801%3Ahid%3A921700392%3Az%3A-600%3Ai%3A20231020162004%3Aet%3A1697854805%3Ac%3A1%3Arn%3A985716453%3Arqn%3A1%3Au%3A1697854805341591355%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C429%2C626%2C360%2C2%2C0%2C%2C4%2C0%2C%2C%2C%2C1714%3Aco%3A0%3Acpf%3A1%3Ans%3A1697854801458%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697854805%3At%3A1win&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)cs(kcbe)efid(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1wij.today%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhe16nuwp1gt1zsuz%3Afp%3A1497%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A785037244801%3Ahid%3A921700392%3Az%3A-600%3Ai%3A20231020162004%3Aet%3A1697854805%3Ac%3A1%3Arn%3A985716453%3Arqn%3A1%3Au%3A1697854805341591355%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C429%2C626%2C360%2C2%2C0%2C%2C4%2C0%2C%2C%2C%2C1714%3Aco%3A0%3Acpf%3A1%3Ans%3A1697854801458%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697854805%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29pe%281%29cs%28kcbe%29efid%281%29ti%282%29
57 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
1wij.today/ |
340 B 638 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
1wjxec.top/ |
334 KB 112 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFNSDisplay-latin.50a4eaff3.woff2
1win-cdn.com/font/ |
32 KB 33 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFNSText-latin.f09aa5229.woff2
1win-cdn.com/font/ |
42 KB 43 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.fc4e85afa.js
1win-cdn.com/js/ |
117 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.8f3a2eacd.css
1win-cdn.com/css/ |
68 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.1548ceddb.js
1win-cdn.com/js/ |
258 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-common.2c4fb0deb.js
1win-cdn.com/js/ |
103 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.3522bcbdc.js
1win-cdn.com/js/ |
186 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1win-normal.svg
1wjxec.top/img/logo/main/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
affiliate:link_visit
1wjxec.top/ |
15 B 433 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
91893.d6cbcbbc0.js
1win-cdn.com/js/ |
29 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
75154.f8395b717.js
1win-cdn.com/js/ |
56 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63780.0da7686df.css
1win-cdn.com/css/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63780.f7084d166.js
1win-cdn.com/js/ |
411 KB 125 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
1wjxec.top/firebase/8.1.1/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
303 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vardata
api.lab.amplitude.com/sdk/ |
2 B 145 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
title
1wjxec.top/common/ |
29 B 247 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
81602.74d7d3ee6.css
1win-cdn.com/css/ |
21 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
47546.d85019cb4.js
1win-cdn.com/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
58183.9675eb8a9.js
1win-cdn.com/js/ |
155 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
85015.fa0a7f64d.js
1win-cdn.com/js/ |
106 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
21470.56a153cc8.js
1win-cdn.com/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
39769.188ffc7a9.js
1win-cdn.com/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
32989.75ba74eb2.css
1win-cdn.com/css/ |
62 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
32989.6ae00bc93.js
1win-cdn.com/js/ |
103 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
69632.1602f5e15.js
1win-cdn.com/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
57912.35d3b77df.js
1win-cdn.com/js/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
69036.9a6de51fe.css
1win-cdn.com/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
vardata
api.lab.amplitude.com/sdk/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=...
12688802.fls.doubleclick.net/ Frame 5F7E Redirect Chain
|
537 B 472 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame F4F4 Redirect Chain
|
555 B 481 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2606090.js
static.hotjar.com/c/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
204 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
229 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=...
12688802.fls.doubleclick.net/ Frame E078 Redirect Chain
|
548 B 485 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame B7B2 Redirect Chain
|
555 B 477 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
51621.78a872e1c.js
1win-cdn.com/js/ |
944 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1win-normal.34748aac6.svg
1win-cdn.com/img/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
us.svg
1win-cdn.com/img/flags/ |
1 KB 882 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bear.09894b84b-290.webp
1win-cdn.com/img/ |
21 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
1wjxec.top/firebase/8.1.1/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.e1dfa7708b9d9a8bea71.js
script.hotjar.com/ |
228 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adservice.google.com/ddm/fls/i/dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 12B3 |
194 B 150 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
41114.30fee6864.js
1win-cdn.com/js/ |
697 B 1007 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht...
adservice.google.com/ddm/fls/i/ Frame CA91 |
194 B 150 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht...
adservice.google.com/ddm/fls/i/ Frame 4DB8 |
194 B 440 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adservice.google.com/ddm/fls/i/dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 874B |
194 B 150 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
httpapi
api2.amplitude.com/2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
httpapi
api2.amplitude.com/2/ |
94 B 309 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrika_match.html
mc.yandex.com/metrika/ Frame 7288 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 477 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sync_cookie_image_decide
mc.yandex.com/ Frame 7288 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metrica
adfstat.yandex.ru/ Frame 7288 |
0 0 |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/92006234/ Redirect Chain
|
437 B 520 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mc.yandex.com
- URL
- https://mc.yandex.com/sync_cookie_image_decide?token=10162.Fc7ci1SDCibDSlIHpRiUYg7ty5Pv9wRfj-kkFhLUJyMVZ_nRKoUFOlXzZDo9vUBuDkzDi5tqusUbvt6N2bEQFiX1C8mKyc7FuNcZ-hcYlTnfxT5NaJhDgMjStm_QkcYdDg9pqqPmwEunnf-xx_EgDgjKT-SPLTQw00P0LNDZ6Yn3LpKN898ng1sx4K9U59yKCltl46tbr8DJUzQmt8KY3XIRrdz3j__s5Si_CX0Hbss%2C.3fBNWdXGQ1pbhQltRhZle9cqmxw%2C
Verdicts & Comments Add Verdict or Comment
48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| INITIAL_DATA object| _chunksDictionary string| appTitle function| deepFreeze object| LangEnum object| lang string| releaseTag string| gtmKey string| debugDomain object| supportChatConfig object| webim object| webimHandlers function| initOrGetInstanceOfSupportChat boolean| vipDomain function| loadScript object| webpackChunk_1win_frontend_main object| SENTRY_RELEASE object| SENTRY_RELEASES object| __VUE_INSTANCE_SETTERS__ object| dataLayer object| buildConfig object| amplitude boolean| __VUE__ object| analyticsConnectorInstances object| socket object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings function| ym object| firebase object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| Ya object| yaCounter9200623429 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
1wjxec.top/ | Name: visit_domain Value: 1wjxec.top |
|
1wjxec.top/ | Name: 1w_lang Value: en |
|
.1wjxec.top/ | Name: AMP_MKTG_494cccfe21 Value: JTdCJTIycmVmZXJyZXIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRjF3aWoudG9kYXklMkYlMjIlMkMlMjJyZWZlcnJpbmdfZG9tYWluJTIyJTNBJTIyMXdpai50b2RheSUyMiU3RA== |
|
1wjxec.top/ | Name: core-sticky Value: http://10.233.97.83:80 |
|
.1wjxec.top/ | Name: _gcl_au Value: 1.1.143744158.1697854804 |
|
.1wjxec.top/ | Name: _ga_548949LWLW Value: GS1.1.1697854803.1.0.1697854803.0.0.0 |
|
.1wjxec.top/ | Name: _ga Value: GA1.1.776043098.1697854804 |
|
.1wjxec.top/ | Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwNTZjYmNjNC04YTA0LTQ5OGMtOGJhOS04MWM1N2JiZjg2MjYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk3ODU0ODAzMzczJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY5Nzg1NDgwMzcwNSUyQyUyMmxhc3RFdmVudElkJTIyJTNBNyU3RA== |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
1wjxec.top/ | Name: 1w_locale Value: 1 |
|
.1wjxec.top/ | Name: _hjSessionUser_2606090 Value: eyJpZCI6ImE1MDk2N2U2LTExMGItNTA0MC1hMTA5LWY1ZWI4OGQ1YWNhZiIsImNyZWF0ZWQiOjE2OTc4NTQ4MDQxNjAsImV4aXN0aW5nIjpmYWxzZX0= |
|
.1wjxec.top/ | Name: _hjFirstSeen Value: 1 |
|
.1wjxec.top/ | Name: _hjIncludedInSessionSample_2606090 Value: 0 |
|
.1wjxec.top/ | Name: _hjSession_2606090 Value: eyJpZCI6ImQwN2E0ODE2LTY1NWQtNDQyYS1iOGQwLWQxOTNiYTdjZTY1NyIsImNyZWF0ZWQiOjE2OTc4NTQ4MDQxNjIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0= |
|
.1wjxec.top/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
1wjxec.top/ | Name: _hjHasCachedUserAttributes Value: true |
|
.yandex.ru/ | Name: i Value: ymHrVq2ogiskS/Lx7mo/Q7XFoUd1DJJ4Y/stp0YmC+EnEn1LPPbwBdrhbUoTYFm8kq+NMJ8SJlGFGnZnwxLJnD22/MI= |
|
.yandex.ru/ | Name: yandexuid Value: 1324807841697854804 |
|
.1wjxec.top/ | Name: _ym_uid Value: 1697854805341591355 |
|
.1wjxec.top/ | Name: _ym_d Value: 1697854805 |
|
.1wjxec.top/ | Name: _ym_isad Value: 2 |
|
.yandex.com/ | Name: i Value: NXbLI2f4JHCO3rVeITsOHepVdmrGZOFlNtJowbFXsMQD9pKhuagFj+/CN1SiD4wraWEPdujKsYiGAIke2soV2n4zxUE= |
|
.yandex.com/ | Name: yandexuid Value: 1452325441697854804 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 765994054fake |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 2313829910fake |
|
mc.yandex.com/ | Name: yabs-sid Value: 1053967741697854805 |
|
.yandex.com/ | Name: yuidss Value: 1452325441697854804 |
|
.yandex.com/ | Name: ymex Value: 1729390805.yrts.1697854805 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wij.today
1win-cdn.com
1wjxec.top
adfstat.yandex.ru
adservice.google.com
api.lab.amplitude.com
api2.amplitude.com
mc.yandex.com
mc.yandex.ru
script.hotjar.com
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
mc.yandex.com
151.101.194.132
172.253.63.148
172.253.63.149
18.160.41.49
190.115.24.78
2001:4860:4802:38::178
2606:4700:3033::6815:fc0
2606:4700:e0::ac40:6a23
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::61
2a02:6b8::1:119
2a02:6b8::346
52.40.67.88
99.84.191.77
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
075c76e74c411d8acfc7d0aa7dc363a06f5996dbe64afe46c7abefcff26de7fe
0ff8f460de045e20c18ca256ea817d96b87929db16796d5d67133f3d13a53687
1eba2f2e3664e25cec834c5f7a915e6028a4dbcf1f499dc906d49aa6718312c0
2b7740f896a38800f5d9ccdc12d2618b006ff62b62e771be6363ee72234fd75a
332325ac9a9df8dfe4757bb956f761b0cfd8e929deba4d21623aea3a97678c8e
37c5cc6fa83a5392f51d53cba3892630c02c0e02219d88a043db6d530aa64664
3b47c34b78f258a288e6b089a06118b4b6a1a1e81a9d3ee79cbdb2630e16a457
3e6c6f1c331d080a9231fd8bcf32db66fa84ef10df9d39b2ef74440ff27473e6
42f5f523c001c5b4a5a628946e7d6e974d77768d5b8b5a9b2733113ff6bc47a4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f3c45d82c741d2fc9e30742de193d117f0ffba46a104d15a9b82c4e88234cc5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
59000a0ae6c5e133672c5bd93d56fb87e3791e512a895530564eb132fbcfad51
6447823ef26e378c36555f7b20ab85bb2f5bcd0a845e8c60bef81eb5f36acd46
68d63510dcd15d143785fdc4a4c83a53ed11278d62a0be73e2cc5f9d2893521a
6bfdd2da44b911cb52468472ffb409ff696f06a9e7b412bb063b83ca59726c7b
75221124496825660c75ddb5c0165715f73ad0c05d336366b97c4f988b87b8da
771a231c18143ede0abeacfd42ff15440e20362a60a7d9cb18aada5d959c322c
803df8c9e18ea622901b3b0c3e66fee10de4ad6b03334288e976000c128fa81a
821ad9f57d96e8df83e1459c1eadcfe77a7304c62b54faf4ddf5c00699ade7aa
85c80e8aaa829fc58803d764a76a19dfd081cc4bc87b96bd77eb371508b3c46b
86b632f55d1dde3b53345f8bf2ae3e54f46ca4e50f18444a6f2b1a97c792d282
890d7faed6245e877a5dcf3d215ae3b6efc532dbe59223a5f1c6302d31c43fc6
90ef6e5c2446492402ad870e1ce4b95da0ed5b8a69f43c8feeea67e86729bd45
9821d6eac30663f2667ffbf2ae408778fd8ea3f657a7c11cb62956a7171d3943
9b6f6e1aa52cf3a00da91603ed25cac5938b9c7bca1ef33643e9d2b251a7a1f5
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2cb448a0ea6a076cd4c5e7052283a66746d068597fb0ff78c052cd0f3dbf8fb
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
aab0bd5462cf6d84308c26cfda451a6bdd4df0aaa8fcfe0008c7841d6b0e34f8
ac0197e7b96de118bddb79a6d8b9e4fb2aec38810ee1f5e0ac72260928237245
b5efdf7a049f447c4a8a7f92b1bcf96271cdf3ceac2d9a122b29cd9c8ee64595
b67edb1b19b6133aed97b0e83423cf859760fd184b4f9292e65e1d9e106c2ad5
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
d13ce48438bcdcaecca35073452081235ff2b1e38ba10bdaa0c36bd2227d2dbf
d9bdfb773b9bb3ae6d46b27a825686b661e45125d17484d9a19663a50d632b80
d9e867654a101af8bc2597413cdf3ee7f512080fc845d0d1ba3c120e53ff9ee5
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7428dd7509ba00ec47fae633382c20d286f7c563528d6611a5f0508076d3850
e795f268fe30060b131637a969b4089cc57cfed994f0f6b9531d8ab516e05f71
eb4079b307564e585700674b4c018ffaaae34d50caf9000fe61077c8a2327d0f
f7e15b04616b59f59de6ec754e067dc822146e64e4d16d3bff6a7c6eed189c74