fortune-reading.com
Open in
urlscan Pro
2606:4700:3037::ac43:c808
Public Scan
Effective URL: https://fortune-reading.com/free/lucky-numero-005/?rcurl=http://trk.fortune-reading.com/uypp&dtp=y&rcurl=http%3A%2F%2Ftrk.fo...
Submission: On September 24 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 25th 2021. Valid for: a year.
This is the only time fortune-reading.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-191-244.compute-1.amazonaws.com
magicalself101.lt.acemlnc.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-235-255.compute-1.amazonaws.com
heavenlyrealm.qlitrk.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-35-31.us-west-2.compute.amazonaws.com
dumbtut14.fortuneai.hop.clickbank.net |
ASN14618 (AMAZON-AES, US)
trk.fortune-reading.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-196.fra2.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net |
ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
a.omappapi.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-60.fra2.r.cloudfront.net
api.omappapi.com |
ASN13335 (CLOUDFLARENET, US)
widget.privy.com | |
assets.privy.com |
ASN13335 (CLOUDFLARENET, US)
api.privy.com | |
events.privy.com |
ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com | |
prism.app-us1.com |
Domain | Requested by | |
---|---|---|
22 | fortune-reading.com |
fortune-reading.com
|
9 | fonts.gstatic.com |
fonts.googleapis.com
www.google.com |
6 | 888047.smushcdn.com |
fortune-reading.com
|
4 | assets.privy.com |
widget.privy.com
assets.privy.com |
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
4 | astrotarotreading.com |
fortune-reading.com
|
3 | a.omappapi.com |
www.googletagmanager.com
a.omappapi.com |
3 | www.google.com |
fortune-reading.com
www.gstatic.com www.google.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | fonts.googleapis.com |
fortune-reading.com
assets.privy.com |
2 | cdnjs.cloudflare.com |
fortune-reading.com
|
2 | numerologyforecast.com |
fortune-reading.com
|
2 | trk.fortune-reading.com | 2 redirects |
2 | dumbtut14.fortuneai.hop.clickbank.net | 2 redirects |
1 | google-analytics.com | |
1 | privymktg.com | 1 redirects |
1 | events.privy.com |
assets.privy.com
|
1 | prism.app-us1.com |
diffuser-cdn.app-us1.com
|
1 | diffuser-cdn.app-us1.com |
fortune-reading.com
|
1 | api.privy.com |
widget.privy.com
|
1 | widget.privy.com |
www.googletagmanager.com
|
1 | api.omappapi.com |
a.omappapi.com
|
1 | settings.luckyorange.net |
d10lpsik1i8c69.cloudfront.net
|
1 | d10lpsik1i8c69.cloudfront.net |
fortune-reading.com
|
1 | www.googletagmanager.com |
fortune-reading.com
|
1 | cdn.jsdelivr.net |
fortune-reading.com
|
1 | heavenlyrealm.qlitrk.com | 1 redirects |
1 | track.esp4.cyou | 1 redirects |
1 | magicalself101.lt.acemlnc.com | 1 redirects |
75 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
trk.fortune-reading.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-02-25 - 2022-02-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.smushcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-01-22 - 2022-03-22 |
2 years | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-04-30 - 2022-06-01 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
a.omappapi.com R3 |
2021-09-21 - 2021-12-20 |
3 months | crt.sh |
api.opmnstr.com Amazon |
2021-03-11 - 2022-04-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://fortune-reading.com/free/lucky-numero-005/?rcurl=http://trk.fortune-reading.com/uypp&dtp=y&rcurl=http%3A%2F%2Ftrk.fortune-reading.com%2Fuypp&hop=dumbtut14
Frame ID: 25ECFEAE59421AAE12D25D9BEA183517
Requests: 68 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEJtEZAAAAALMZMLXiDrUhMompjDvCgJbjedYi&co=aHR0cHM6Ly9mb3J0dW5lLXJlYWRpbmcuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=vromy398yuom
Frame ID: A11679BF287EB0D97FFBB9344053EBC3
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Is Fortune On Your Side Today? - Fortune Readingcaret-downPage URL History Show full URLs
-
https://magicalself101.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cCUzQSUyRiUyRnRyYWNrLmVzcDQuY3lvdSUyRnNtaX...
HTTP 302
http://track.esp4.cyou/smipromo HTTP 307
http://heavenlyrealm.qlitrk.com/l/smipromo/ HTTP 302
http://dumbtut14.fortuneai.hop.clickbank.net/?cbpage=drct&tid=smib HTTP 301
http://dumbtut14.fortuneai.hop.clickbank.net/hop/?CBRehoppp2=http%3A%2F%2Ftrk.fortune-reading.com%2Fwmxg%3Fhop%3Ddumbtut1... HTTP 301
http://trk.fortune-reading.com/wmxg?hop=dumbtut14 HTTP 302
http://trk.fortune-reading.com/bj3s/?rcurl=http://trk.fortune-reading.com/uypp&hop=dumbtut14 HTTP 302
https://fortune-reading.com/free/lucky-numero-005/?rcurl=http://trk.fortune-reading.com/uypp&dtp=y&rcurl... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
- wp-embed\.min\.js\?ver=([\d.]+)
Oxygen (Page builders) Expand
Detected patterns
- <link [^>]*href=(?:"|')[^>]*wp-content/plugins/oxygen/
- wp-content/plugins/oxygen
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Slick (JavaScript Libraries) Expand
Detected patterns
- (?:/([\d.]+))?/slick(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Click Here To Take The Next Step...
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://magicalself101.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cCUzQSUyRiUyRnRyYWNrLmVzcDQuY3lvdSUyRnNtaXByb21v&sig=9K1jxxMo2kGnMuBbgf3SK1iHFsXw7vaxQmjYUyqTaQzC&iat=1632517371&a=67797782&account=magicalself101%2Eactivehosted%2Ecom&email=7P2cTgU7nwMBviILU6vy0zpxdzkQNl9LgdxZ9pnzLRY%3D&s=090ea11bf668b58fba3632bab8c0c920&i=111A113A1A485
HTTP 302
http://track.esp4.cyou/smipromo HTTP 307
http://heavenlyrealm.qlitrk.com/l/smipromo/ HTTP 302
http://dumbtut14.fortuneai.hop.clickbank.net/?cbpage=drct&tid=smib HTTP 301
http://dumbtut14.fortuneai.hop.clickbank.net/hop/?CBRehoppp2=http%3A%2F%2Ftrk.fortune-reading.com%2Fwmxg%3Fhop%3Ddumbtut14&hstr=1632526132486%7Cdumbtut14.smib%7C%7C0b4f1676-2b61-4ab4-9c7a-48d6b4eefa8a%7Cdrct%7Cfortuneai&code=%7B0%7D&key=9F234766&parms=&s=default&ds=0&ts=01.7A6F7147B592CB680688802054627F60C689CBBB HTTP 301
http://trk.fortune-reading.com/wmxg?hop=dumbtut14 HTTP 302
http://trk.fortune-reading.com/bj3s/?rcurl=http://trk.fortune-reading.com/uypp&hop=dumbtut14 HTTP 302
https://fortune-reading.com/free/lucky-numero-005/?rcurl=http://trk.fortune-reading.com/uypp&dtp=y&rcurl=http%3A%2F%2Ftrk.fortune-reading.com%2Fuypp&hop=dumbtut14 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 70- https://privymktg.com/collect?v=1&cid=367a5936-ff6c-4bc4-a2c0-949d33d389d8&cd1=933414C621B2B34AAC52EEAE&tid=UA-20331028-1&t=pageview&ci=933414C621B2B34AAC52EEAE&cm=web&cn=933414C621B2B34AAC52EEAE&ec=widget&dl=https%3A%2F%2Ffortune-reading.com%2Ffree%2Flucky-numero-005%2F%3Frcurl%3Dhttp%3A%2F%2Ftrk.fortune-reading.com%2Fuypp%26dtp%3Dy%26rcurl%3Dhttp%253A%252F%252Ftrk.fortune-reading.com%252Fuypp%26hop%3Ddumbtut14&dt=Is%20Fortune%20On%20Your%20Side%20Today%3F%20-%20Fortune%20Reading&ul=en-US&z=6201319293414436 HTTP 302
- https://google-analytics.com/collect?v=1&cid=367a5936-ff6c-4bc4-a2c0-949d33d389d8&cd1=933414C621B2B34AAC52EEAE&tid=UA-20331028-1&t=pageview&ci=933414C621B2B34AAC52EEAE&cm=web&cn=933414C621B2B34AAC52EEAE&ec=widget&dl=https%3A%2F%2Ffortune-reading.com%2Ffree%2Flucky-numero-005%2F%3Frcurl%3Dhttp%3A%2F%2Ftrk.fortune-reading.com%2Fuypp%26dtp%3Dy%26rcurl%3Dhttp%253A%252F%252Ftrk.fortune-reading.com%252Fuypp%26hop%3Ddumbtut14&dt=Is%20Fortune%20On%20Your%20Side%20Today%3F%20-%20Fortune%20Reading&ul=en-US&z=6201319293414436
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fortune-reading.com/free/lucky-numero-005/ Redirect Chain
|
82 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wizardwold.woff
numerologyforecast.com/fonts/ |
25 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enchantedland.woff
numerologyforecast.com/fonts/ |
30 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ecf.css
fortune-reading.com/wp-content/uploads/elegant-custom-fonts/ |
151 B 655 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
fortune-reading.com/wp-includes/css/dist/block-library/ |
79 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-index.css
fortune-reading.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/ |
70 B 380 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocks.style.build.css
fortune-reading.com/wp-content/plugins/uji-countdown/dist/ |
1 KB 970 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oxygen.css
fortune-reading.com/wp-content/plugins/oxygen/component-framework/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ |
2 KB 974 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
if-menu-site.css
fortune-reading.com/wp-content/plugins/if-menu/assets/ |
929 B 783 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
fortune-reading.com/wp-content/plugins/oxy-toolbox/modules/essentials/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelementplayer.min.css
fortune-reading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelementplayer-legacy.min.css
fortune-reading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
fortune-reading.com/wp-includes/js/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediaelement-and-player.min.js
fortune-reading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/ |
154 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
78 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fortune-reading.com/free/lucky-numero-005/ |
102 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logosl6.png
888047.smushcdn.com/2208627/wp-content/uploads/2021/04/ |
29 KB 29 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q1-1.png
888047.smushcdn.com/2208627/wp-content/uploads/2021/04/ |
1008 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q2-1.png
888047.smushcdn.com/2208627/wp-content/uploads/2021/04/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q3-1.png
888047.smushcdn.com/2208627/wp-content/uploads/2021/04/ |
994 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NUMBERS2.png
888047.smushcdn.com/2208627/wp-content/uploads/2021/04/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
capricorn.png
astrotarotreading.com/wp-content/uploads/2020/06/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wofplaceholder-1.jpg
astrotarotreading.com/wp-content/uploads/2020/09/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site_tracking.js
fortune-reading.com/wp-content/plugins/activecampaign-subscription-forms/ |
1 KB 912 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fortunereading.js
fortune-reading.com/wp-content/plugins/tma-fortunereading/assets/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
members.js
fortune-reading.com/wp-content/plugins/tma-members/assets/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
soulreading.js
fortune-reading.com/wp-content/plugins/tma-soulreading/assets/js/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ |
42 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
fortune-reading.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
884 B 1017 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
232 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TransistionBG.mp4
astrotarotreading.com/wp-content/uploads/2020/12/ |
64 KB 64 KB |
Image
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Reading-Tripple-Number2.png
888047.smushcdn.com/2208627/wp-content/uploads/2021/04/ |
121 KB 122 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
daaHSScvJGqLYhG8nNt8KPPswUAPniZQa9lESTE.woff2
fonts.gstatic.com/s/cinzeldecorative/v9/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SlGRmQmGupYAfH84ZhIh.woff2
fonts.gstatic.com/s/numans/v10/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
daaHSScvJGqLYhG8nNt8KPPswUAPniZoadlESTE.woff2
fonts.gstatic.com/s/cinzeldecorative/v9/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fortune-Reading_BG_Smaller.mp4
fortune-reading.com/wp-content/uploads/2021/03/ |
207 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Button-Off.mp4
astrotarotreading.com/wp-content/uploads/2020/12/ |
1 MB 1 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fortune-Reading_BG_Smaller.mp4
fortune-reading.com/wp-content/uploads/2021/03/ |
31 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fortune-Reading_1_1-1.mp4
fortune-reading.com/wp-content/uploads/2021/03/ |
2 MB 2 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w.js
d10lpsik1i8c69.cloudfront.net/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ |
342 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.min.js
a.omappapi.com/app/js/ |
206 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fortune-Reading_BG_Smaller.mp4
fortune-reading.com/wp-content/uploads/2021/03/ |
1 MB 1 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Fortune-Reading_BG_Smaller.mp4
fortune-reading.com/wp-content/uploads/2021/03/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
settings.luckyorange.net/ |
129 B 818 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame A116 |
39 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61542
api.omappapi.com/v2/embed/ |
17 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
widget.privy.com/assets/ |
380 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame A116 |
52 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame A116 |
342 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
campaigns.json
api.privy.com/businesses/933414C621B2B34AAC52EEAE/ |
449 KB 13 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A116 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A116 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A116 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webworker.js
www.google.com/recaptcha/api2/ Frame A116 |
102 B 204 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
soundeffects.lib.js
a.omappapi.com/app/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
a.omappapi.com/app/js/webfont/1.5.18/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ |
24 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
prism.app-us1.com/ |
0 188 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~legacy_widget~modern_widget-5fead40e48aba7177afd.chunk.js
assets.privy.com/packs/js/ |
39 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~legacy_widget-e5dca01b4c2ac4eb28a3.chunk.js
assets.privy.com/packs/js/ |
107 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
legacy_widget-521d18c6db733d54ecd6.chunk.js
assets.privy.com/packs/js/ |
234 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
events.privy.com/v2/ |
0 144 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-3ccc22d728437ee515bcb9a04ed51b84358e7e75ee008f0f2c7e5f47a63b438f.css
assets.privy.com/assets/ |
244 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
google-analytics.com/ Redirect Chain
|
35 B 414 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 546 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fortune-reading.com
- URL
- https://fortune-reading.com/wp-content/uploads/2021/03/Fortune-Reading_BG_Smaller.mp4
Verdicts & Comments Add Verdict or Comment
97 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| url_campaign undefined| cookieName undefined| cookieValue undefined| expirationTime undefined| date undefined| dateTimeNow undefined| number1 undefined| url_medium undefined| number2 undefined| smemail undefined| number3 undefined| url_source function| pf_createCookie function| pf_readCookie function| pf_eraseCookie function| pf_urlParam function| pf_appendparam object| gaplugins object| gaGlobal object| gaData object| page_setup string| dtp number| __lo_site_id object| php_data undefined| acEnableTracking object| fortunereading_ojb object| tmamembers_ojb object| soulreading_ojb object| wp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| numbers function| Shuffle function| validateEmail function| validateform function| getCookie function| show_next function| update_loading_text function| sm_cookify function| replaceAll function| getmonth function| pad function| eg_calculate_horoscope function| qs function| eg_show_substep boolean| __lo_csr_added object| recaptcha object| closure_lm_848209 function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| om69317_61542 boolean| _omvisitsadded string| _d_site object| PrivyWebpackJsonp object| SENTRY_RELEASE object| regeneratorRuntime object| PrivyWidget object| _omapp object| ommgprjkfbc9jjnqtxh4kv object| omffefsiaorjrdpzdssf3d object| omipjd4e5dau92g5p7wiz9 string| visitorGlobalObjectAlias function| vgo string| url_fname string| fname object| omSoundEffects object| WebFont string| prismGlobalObjectAlias object| visitorGlobalObject string| PRIVY_ELEMENT object| PrivyClipboard function| Privy object| privySettings14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.qlitrk.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IkxFRGxsaUZIUWhqZXg4L2FiczkwREE9PSIsInZhbHVlIjoiWmpKUllNdHN5bEh6ZVBKV1hDWDNCcldmWjNxRm1Sc3RNYmlWQU1vMHJjUkhsNjJHenZuaHZXMUNuQzVRWU5pd3NSdEpkSlJuMDRmQ3BCcUZ4M1hJaEZWbnI2RlVPM3YzODZiRXJwYll1ZFpWZmtYczk0SFVqb3ptWjBTZThOdGIiLCJtYWMiOiI4ZTM0OTE5Zjk4NzYyYzliZDk3ZDJhMjU3YjBkNWU5ZTI4N2Q0MjRlYmMzMTc0ZmZkN2U3MjNjMTgyYjU0MzEzIn0%3D |
|
.qlitrk.com/ | Name: qlikersession Value: eyJpdiI6IjFzMS84ZlZ6T1kwU0l1UTJZSUtFQlE9PSIsInZhbHVlIjoiQ3J3S21lYi9vZWRYTEZETHZFUVViSTN1M0o4bzFWVmRyZFJkVGxFVUhTbUh0VmdNQ0JtQTVwZmw1L01aQldmNkxNckIyS09tVysvOGJaQ25pV3hsdDZnQ2FuV0s2c2wyWktqNWMzb3FBcGR0SGgrTm9qaE9YdnFibW1mL0dYbWEiLCJtYWMiOiI1ZmFiNzBlNTdkYzM1OGNlMzg5OTFlMjNhN2M2Mjg5MzM5ZmVjNjEzZmE4MzM4NWEyYTljMGE4YjhjM2QzYjdlIn0%3D |
|
.qlitrk.com/ | Name: ln Value: eyJpdiI6ImRCNGtqRW1md3ZMU3lGTUY5ZFErcVE9PSIsInZhbHVlIjoiNmxUU24yZU1MMDY3aUVCeUlqdUE1YTZQUjgxWDNSN0Y5cHRYSmg4Vm5JWEF3Y0M5UUxpLytMZ1NNWHVvZEZ4UkRIOXlXeGxQZlZsd09hY3h1Y0F1RFFSdE9RZ2ZIeVVtSU54aUdVUDQvU289IiwibWFjIjoiMzJiN2E1MjQ5M2RhZmRmZjY1MDUwZmU0ZjM2NmRhYzg3NWNhMzMwN2YyMmM5MTMyYWZhNTE1ZjAyODRjMzMwMiJ9 |
|
.clickbank.net/ | Name: p Value: E6bXaTs1bh_pmXa2A2cZ_jgJ9TKYC62jq3myxgo8GBieRrZVqoyKa7c1vBPZDW-mX68XgM50cvhSGpVSS49MOeqGzv0Iux5ZtQeznZ9zZLSsrmHIhMEzr_4byTDaa20cJwHndQ%3D%3D |
|
.clickbank.net/ | Name: q Value: 01.9278E8F20B7BD9CDDA66E127934F8D74A453009F641FA8B60EF907266DF183E81937AD2E934DDBC209995733B76CF7226A9DF4D1 |
|
dumbtut14.fortuneai.hop.clickbank.net/ | Name: AWSALB Value: MQB5/zkxqU5Nn1Mr0IDPeA5MgZyv2Ois6NJfV/AnzGtob3sWd7lc0nXLdFW/PPTUgjAcot43ubl2XL1iBdY5nIHL3mZ82dXeh2Eg7GA4iyxxf68JuyZJ0X6MlgHh |
|
.fortune-reading.com/ | Name: _ga Value: GA1.2.1683639289.1632526134 |
|
.fortune-reading.com/ | Name: _gid Value: GA1.2.1561780469.1632526134 |
|
.fortune-reading.com/ | Name: _gat_UA-194943316-1 Value: 1 |
|
.fortune-reading.com/ | Name: dtp Value: y |
|
fortune-reading.com/ | Name: _omappvp Value: nG0VpGeqvt6NZBsSl3ZSxtUigrB3UoxpPul3hkEkCZCTGT5IkEFdJwD7kyCXOVikeMeP3XUJnV5VNmkmHBzuGOMn6gUY96gB |
|
fortune-reading.com/ | Name: _omappvs Value: 1632526133987 |
|
prism.app-us1.com/ | Name: prism_89847574 Value: 247f2ccb-6e70-4a13-ba88-3f0178c675e1 |
|
.fortune-reading.com/ | Name: _privy_933414C621B2B34AAC52EEAE Value: %7B%22uuid%22%3A%22367a5936-ff6c-4bc4-a2c0-949d33d389d8%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22GB%22%2C%22region_code%22%3A%22GB_%22%2C%22postal_code%22%3A%22%22%7D |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
888047.smushcdn.com
a.omappapi.com
api.omappapi.com
api.privy.com
assets.privy.com
astrotarotreading.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d10lpsik1i8c69.cloudfront.net
diffuser-cdn.app-us1.com
dumbtut14.fortuneai.hop.clickbank.net
events.privy.com
fonts.googleapis.com
fonts.gstatic.com
fortune-reading.com
google-analytics.com
heavenlyrealm.qlitrk.com
magicalself101.lt.acemlnc.com
numerologyforecast.com
prism.app-us1.com
privymktg.com
settings.luckyorange.net
track.esp4.cyou
trk.fortune-reading.com
widget.privy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
fortune-reading.com
104.26.11.16
13.225.78.60
13.225.84.196
151.139.243.7
18.233.191.244
2406:da00:ff00::6b15:fb44
2606:4700:10::6816:146c
2606:4700:10::6816:156c
2606:4700:3034::ac43:bb5c
2606:4700:3036::ac43:8404
2606:4700:3036::ac43:dee4
2606:4700:3037::6815:25c1
2606:4700:3037::ac43:c808
2606:4700::6810:135e
2606:4700::6811:925b
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2004
2a00:1450:4001:830::2004
2a04:4e42:200::485
34.205.235.255
35.81.35.31
89.187.169.47
02db357e22abc488f015af95e66398c9991ad0f0ec8a01c7a813a1a886b737ed
0466734b731acb2709928a14d088981cb6ac5f0866c90236325a7f803ed80e56
067ce9badb73a4eeab9fb5083d511e3bb370a59ed6bef75e4961ad50d225cad7
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1851ee80b049aa01077ce4e3206c5bd11e1ba5fffc18875a1fe2bdb2aca2f6ad
18c4028a69d530c1420ee6d237e079b624350e5e8bae088517a972e31f4c7e26
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
25e8c07a86e613ae15070a919528f0dc21af1ee366298c02d3a7ce9d2fb17482
338b0fba44ae1951478cb65779c6c0e7f87776d40d1c70f505c6bd1b060a5b9f
33fdfa7b58da51c10b6342f82bf598f9bcbe65940d0e69d799f375445edc80f2
3839e7dc539ddfa5d1b1f4d77a095a254d51b1fb1ad3aeb71986023f8ee7ab11
38f413724f9745da46856fba996191c7a24be7487d1e69d761f173054ebdb0f9
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
437ea7b9867606ef9d111d9cbab8ac379432e5aaba8029538793dd6cdf6040c5
47c767058d4e1a4b290a428749910fd5e1fa8ef9c4d992994f84dd25f6aa1ae6
4c0f7f46df8bccac32a10d635669b0845d13cdb9d2db43dd66d33a8d9383c595
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
549c056ad035282f87e883fb932979b614f3ee1f5b7ea536c770ffc16235faf5
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
57970e7c0354ef3d668a391568dec369ee47dc78ed873de2d8220f77b2cdf4ed
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6035e6c6bafc9915b1b870174ae3ae52db3d94f63e325bdedba5ad58f9ba52a6
634ab775ed27548d1f83cfffb97b36403268989017aba1e9800ca9690daac7cd
64abaece2a91af5229e5fe17bbffea3b2fd8c306cb15342069a298b9ac2f5cdc
651b703f0790f640284c08b5d89f38b88b0aa9d7fda77f3209f63eb4414b54f3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
828b6889aeb6a5b43bbff8ae0775491031206ea7df02aaa063c9b39cefd82340
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e2d5b7c96931a7cac72873b2f3715f72349cb9bc6289d1facedca268d686864
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
939a47b16c395e4b108594c47ebef9c10f1b67503394afdd36fe677fcb51f9c3
9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390
a5493a5b3c37e372b6fbad104606ee808ea4ff2f4f9b9f42ab060e20ca78cf84
a5ddf2469807caf322bb1497448b719f38b32836bd59e333899e005404412382
ab9dc11f1ebb30cde83d0593e45a4c73ea32c04b9d6cc015df735cc56599c189
aca79ea7d426b89536c260252b9ed53db73b851616969dfd91d382f4d68e8ed5
b27bff8ec14a38693ec34ee20c231f25d442a860546b0624c38ee76e31eeeec6
b467b3b088388d827a084c5fade0c8cea5846ebbe3dac9a79b8af162928c14a3
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1fdac2676a9f65e2ed90e1fcb5e0efce8621b0ec2e9b6b58d3fbebf2a8a51c2
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c44a65675cad8dce82b24afa459bfe0512bd10e5a035f99cb2584aaea604af9b
c518b28b51967b2ee9f080ccc612e1b7ab8e3e934aedb0607edb045219332184
cc6b83ab9a8e735d47ddf55fa0d155043876c8779c7a11979a9e3a0a44113ddd
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d15a81f57f3dcb09b67ebb8b52303d2fba99a8bd6adfe3995d350f458a80b4d2
d76cd93ca01060e38ce0739186b6f1d26214c16e552b9bb2a84e42f793aa7f1e
dcef3c296d52057264c1a4869207f016bbf6c27603eb5355aee822df66c69955
dcfbe6f96ff19dc373a288a2cb38f2b97e5fba259d55eff6c80811a2afbd277e
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfdd375039fc7246a4ab9d7e4b3823893f0bc4aa55d099796de7277b42ccab3
ecb338f65abc564e128874c1726375f44856a84e21398ea51fe8655c0da749f4
f2e2b4ea43bc30da1d34c5092237058928fe38e9d4dd89b7164c682fd43f82e5
f7a0b3400ccae518d6f97dff341e9481f336359744f4c5fdaeb7a33af03a7a40
f8c5591726633616698a77666a396f8d1aaac1206d38ebb6b81860db10d85139
fb0ec2dca01a370ee16fdf240849af062fcffe1d2c512fa32f879ee8d16750d5
fb5396962bd6bb887057d16993e4b6a3953379f187a65ea35b3a91e736d75ea8
fcf7342ac0f25805477906cca75be1f284a00b5a973eb70c8011ca60d49dc5ce
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62