www.iqplaywin.com
Open in
urlscan Pro
35.244.205.206
Public Scan
Effective URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62...
Submission: On September 30 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 5th 2019. Valid for: 3 months.
This is the only time www.iqplaywin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:30:... 2606:4700:30::6818:72c7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 2001:41d0:701... 2001:41d0:701:1100::1f26 | 16276 (OVH) (OVH) | |
1 1 | 51.75.67.102 51.75.67.102 | 16276 (OVH) (OVH) | |
2 4 | 18.195.30.247 18.195.30.247 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 2606:4700:30:... 2606:4700:30::681c:105 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
6 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2606:4700:30:... 2606:4700:30::6818:659a | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
6 | 2606:4700:30:... 2606:4700:30::681f:46e4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 54.200.87.201 54.200.87.201 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
22 | 35.244.205.206 35.244.205.206 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 2a00:1450:400... 2a00:1450:4001:814::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 35.244.175.13 35.244.175.13 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
60 | 17 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
elisbi.live |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-30-247.eu-central-1.compute.amazonaws.com
app.1stimpression.club | |
app.logictree.co | |
citines-boutlet.com |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
apidata.info |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
secure.soupdog.space |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-200-87-201.us-west-2.compute.amazonaws.com
www.24t7.me |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 206.205.244.35.bc.googleusercontent.com
www.iqplaywin.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 13.175.244.35.bc.googleusercontent.com
srv.ibraincollege.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
iqplaywin.com
www.iqplaywin.com |
1 MB |
9 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
139 KB |
6 |
soupdog.space
secure.soupdog.space |
54 KB |
3 |
facebook.net
connect.facebook.net |
119 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
36 KB |
2 |
ibraincollege.com
srv.ibraincollege.com |
442 B |
2 |
facebook.com
www.facebook.com |
497 B |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
2 |
bing.com
bat.bing.com |
7 KB |
2 |
logictree.co
1 redirects
app.logictree.co |
3 KB |
2 |
t67.me
p.t67.me |
3 KB |
1 |
gstatic.com
fonts.gstatic.com |
60 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
21 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
24t7.me
www.24t7.me Failed |
246 B |
1 |
citines-boutlet.com
citines-boutlet.com |
993 B |
1 |
apidata.info
apidata.info |
618 B |
1 |
1stimpression.club
1 redirects
app.1stimpression.club |
863 B |
1 |
downhill-mtb.eu
1 redirects
downhill-mtb.eu |
211 B |
1 |
hardtail-mtb.be
1 redirects
hardtail-mtb.be |
296 B |
1 |
elisbi.live
1 redirects
elisbi.live |
432 B |
60 | 21 |
Domain | Requested by | |
---|---|---|
22 | www.iqplaywin.com |
citines-boutlet.com
www.iqplaywin.com code.jquery.com ajax.googleapis.com |
6 | secure.soupdog.space |
p.t67.me
secure.soupdog.space |
6 | ajax.googleapis.com |
p.t67.me
secure.soupdog.space www.iqplaywin.com |
3 | connect.facebook.net |
www.iqplaywin.com
connect.facebook.net |
3 | maxcdn.bootstrapcdn.com |
www.iqplaywin.com
|
3 | fonts.googleapis.com |
www.iqplaywin.com
|
2 | srv.ibraincollege.com |
www.iqplaywin.com
ajax.googleapis.com |
2 | www.facebook.com |
www.iqplaywin.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.iqplaywin.com |
2 | bat.bing.com |
www.iqplaywin.com
|
2 | app.logictree.co |
1 redirects
secure.soupdog.space
|
2 | p.t67.me |
p.t67.me
|
1 | fonts.gstatic.com |
ajax.googleapis.com
|
1 | www.googletagmanager.com |
www.iqplaywin.com
|
1 | code.jquery.com |
www.iqplaywin.com
|
1 | www.24t7.me | |
1 | citines-boutlet.com |
app.logictree.co
|
1 | apidata.info |
p.t67.me
|
1 | app.1stimpression.club | 1 redirects |
1 | downhill-mtb.eu | 1 redirects |
1 | hardtail-mtb.be | 1 redirects |
1 | elisbi.live | 1 redirects |
60 | 22 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni45886.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-09-16 - 2020-03-24 |
6 months | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
sni162576.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-09-05 - 2020-03-13 |
6 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-04-26 - 2020-04-26 |
a year | crt.sh |
app.logictree.co Sectigo RSA Domain Validation Secure Server CA |
2019-03-13 - 2020-03-12 |
a year | crt.sh |
citines-boutlet.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-22 - 2020-07-20 |
a year | crt.sh |
www.iqplaywin.com Let's Encrypt Authority X3 |
2019-09-05 - 2019-12-04 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-08-24 - 2019-10-19 |
2 months | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
srv.ibraincollege.com Let's Encrypt Authority X3 |
2019-09-07 - 2019-12-06 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Frame ID: B847301FDD0945F86B8D1F28B1AB91A1
Requests: 60 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://elisbi.live/76d2g8t0136295/MzQ1szS3MDayMDAxMzIwMdUzTbE0SEtJM0i1TDFIcdADAA,,/ih/aHR0cDovL...
HTTP 302
http://hardtail-mtb.be/PlxInJwHJKwiqtRoQ HTTP 302
https://downhill-mtb.eu/aff_c?offer_id=6630&aff_id=3288&aff_sub=1735&aff_sub2=GOVH3-280408&aff_sub3=1 HTTP 302
https://app.1stimpression.club/909e5e1a-f2e5-4ce4-9418-851f67b6c0c2?s1=1735&s2=GOVH3-280408 HTTP 302
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&... Page URL
-
https://app.logictree.co/5a9cbb17-6980-489d-b1a4-9a84dc314c52?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8...
HTTP 302
https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6... Page URL
- https://app.logictree.co/click?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke Page URL
- https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2... Page URL
-
https://www.24t7.me/ln/0tJk8ED4236?clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-...
HTTP 302
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- script /\/([\d.]+(?:-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
- script /angular.*\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://elisbi.live/76d2g8t0136295/MzQ1szS3MDayMDAxMzIwMdUzTbE0SEtJM0i1TDFIcdADAA,,/ih/aHR0cDovL2hhcmR0YWlsLW10Yi5iZS9QbHhJbkp3SEpLd2lxdFJvUQ
HTTP 302
http://hardtail-mtb.be/PlxInJwHJKwiqtRoQ HTTP 302
https://downhill-mtb.eu/aff_c?offer_id=6630&aff_id=3288&aff_sub=1735&aff_sub2=GOVH3-280408&aff_sub3=1 HTTP 302
https://app.1stimpression.club/909e5e1a-f2e5-4ce4-9418-851f67b6c0c2?s1=1735&s2=GOVH3-280408 HTTP 302
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2 Page URL
-
https://app.logictree.co/5a9cbb17-6980-489d-b1a4-9a84dc314c52?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
HTTP 302
https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2 Page URL
- https://app.logictree.co/click?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke Page URL
- https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl&ts=1569828172645&hash=QHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8&rm=DJ Page URL
-
https://www.24t7.me/ln/0tJk8ED4236?clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
HTTP 302
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://elisbi.live/76d2g8t0136295/MzQ1szS3MDayMDAxMzIwMdUzTbE0SEtJM0i1TDFIcdADAA,,/ih/aHR0cDovL2hhcmR0YWlsLW10Yi5iZS9QbHhJbkp3SEpLd2lxdFJvUQ HTTP 302
- http://hardtail-mtb.be/PlxInJwHJKwiqtRoQ HTTP 302
- https://downhill-mtb.eu/aff_c?offer_id=6630&aff_id=3288&aff_sub=1735&aff_sub2=GOVH3-280408&aff_sub3=1 HTTP 302
- https://app.1stimpression.club/909e5e1a-f2e5-4ce4-9418-851f67b6c0c2?s1=1735&s2=GOVH3-280408 HTTP 302
- https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
- https://app.logictree.co/5a9cbb17-6980-489d-b1a4-9a84dc314c52?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2 HTTP 302
- https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
60 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
p.t67.me/l/ Redirect Chain
|
349 B 423 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
apidata.info/ |
795 B 618 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logic_tree.js
p.t67.me/l/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
secure.soupdog.space/lp/load/1b/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
secure.soupdog.space/lp/load/1b/img/ |
51 KB 51 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
url-pixel.png
secure.soupdog.space/lp/load/1b/ |
95 B 177 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gotoURL.js
secure.soupdog.space/script/ |
3 KB 901 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bckbtn.js
secure.soupdog.space/script/ |
1012 B 523 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swgfonts.js
secure.soupdog.space/script/ |
965 B 522 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
click
app.logictree.co/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redirect
citines-boutlet.com/ |
718 B 993 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0tJk8ED4236
www.24t7.me/ln/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
welcome.html
www.iqplaywin.com/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consts.js
www.iqplaywin.com/consts/ |
69 B 333 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preAppLoading.js
www.iqplaywin.com/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 373 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 468 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.1.0.min.js
code.jquery.com/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprintjs2.js
www.iqplaywin.com/ |
35 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ |
156 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-animate.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ |
25 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-sanitize.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ |
26 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-resource.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css-all-min.css
www.iqplaywin.com/minified/css/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js-all-min.js
www.iqplaywin.com/minified/js/ |
11 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
55 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
121 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
596950890744347
connect.facebook.net/signals/config/ |
307 KB 78 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
35 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 248 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
checkByIp
srv.ibraincollege.com/rest/iq/ |
109 B 234 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
www.iqplaywin.com/LP/1140/ |
127 B 319 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 173 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_DE.js
www.iqplaywin.com/LP/1140/translate/ |
2 KB 3 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_EN.js
www.iqplaywin.com/LP/1140/translate/ |
2 KB 3 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
userTracking
srv.ibraincollege.com/rest/activity/ |
0 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.iqplaywin.com/LP/1140/ |
11 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
content.html
www.iqplaywin.com/LP/1140/ |
13 KB 14 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
createAccountDialog.html
www.iqplaywin.com/LP/1140/ |
127 B 290 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spin.svg
www.iqplaywin.com/images/LandingPage/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
general.css
www.iqplaywin.com/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v48/ |
59 KB 60 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amazing-logo.svg
www.iqplaywin.com/images/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iPhone-Xs-gold.png
www.iqplaywin.com/LP/1140/images/ |
102 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iPhone-Xs-gold2.png
www.iqplaywin.com/LP/1140/images/ |
201 KB 202 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iPhone-Xs-silver.png
www.iqplaywin.com/LP/1140/images/ |
103 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iPhone-Xs-silver2.png
www.iqplaywin.com/LP/1140/images/ |
194 KB 195 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iPhone-Xs-spacegray.png
www.iqplaywin.com/LP/1140/images/ |
97 KB 98 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iPhone-Xs-spacegray2.png
www.iqplaywin.com/LP/1140/images/ |
170 KB 171 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssl.png
www.iqplaywin.com/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 778 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.24t7.me
- URL
- https://www.24t7.me/ln/0tJk8ED4236?clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer function| fbq function| _fbq object| uetq object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| UET object| _env function| parseURLParams function| redirectIfNeeded function| resetCheckByIpObjectsAndCreateGlobalParamsObject function| handleCheckByIpResult object| globalParams object| checkByIpResult object| checkByIpRequest object| preLoadingUrlParams function| checkByIp number| j function| $ function| jQuery function| Fingerprint2 object| angular object| iqTestLP undefined| countryNumber boolean| confirmOnExit string| url object| currParams string| currTheme undefined| currTrans object| s object| now number| year number| mm number| dd number| weekday number| hour number| min number| sec object| month object| day function| monthToStr function| dayToStr function| setTime number| timer object| compareDate function| timeBetweenDates0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
apidata.info
app.1stimpression.club
app.logictree.co
bat.bing.com
citines-boutlet.com
code.jquery.com
connect.facebook.net
downhill-mtb.eu
elisbi.live
fonts.googleapis.com
fonts.gstatic.com
hardtail-mtb.be
maxcdn.bootstrapcdn.com
p.t67.me
secure.soupdog.space
srv.ibraincollege.com
www.24t7.me
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.iqplaywin.com
www.24t7.me
18.195.30.247
2001:41d0:701:1100::1f26
2001:4de0:ac18::1:a:3b
2001:4de0:ac19::1:b:1b
2606:4700:30::6818:659a
2606:4700:30::6818:72c7
2606:4700:30::681c:105
2606:4700:30::681f:46e4
2620:1ec:c11::200
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2008
2a00:1450:4001:816::200a
2a00:1450:4001:817::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.244.175.13
35.244.205.206
51.75.67.102
54.200.87.201
08b6f6fca2d0d82e613ec0f21bfa91f67bfd0fedb64afc3a10392ab71ea815fc
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814
0e5f899215a5cfa75ae13c632036a4e79ecf11c5e07a99dd01d6d63b39dcada5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1e7ef032c1eca6b64f75900506848a5f4435fdd56c01742c653c9c2098fb4772
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
352a618ca114c43142c38574d997f7478c6eeb6dc04095bdb96bafd84ca07641
41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10
47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e
4c3b6f994e1b11a0a83acf9d9e28c8b81596970cf677cc14b4d07e41fa8cfbb4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
541ea66a2eca67ac87f2eec457ef4070bce21668b77e51e2c5b88a7e8dc7188b
5484dfcc1a06c9a24b1718980d1658662efe55a3693ae99be5e69d070455c121
55f74b96a814b05ee57d3df99280aa1749b05773c2ceb062a10367c64730d970
56658067064298a3ba18b11f3018416125440de4c6dc11f0dd1cfb3829343232
5966c18f7e39498820e9a0cd9bd9fe389a5cd03156dbd2e5da64f9d05299f856
616eac8cc9b52ab1b0a15be3c65efe0f42a573c2fb20613ee822b92a8fe73756
63e8454951e0c6bc35be78b8603b9994d5eb2823b22484ac5fefa9a08bd14190
6981accfc8a142caf038c3a2efa93bba0bd555302b92011834c1dcd9ad03a228
6fd7503d8348653e3bd161f7f81e58689be98627cc483ccd134ea0fea2b3aea7
6ffa9dde1f943aee27f1a1c333b65b4cd1d85e0575988446088b1bb63e00bebb
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a24f4329046ed547cc4a0c95bb73180763ec884bee071857bab1469a00b80e3
8e2f993f2b6de765a61e278573554db0964160a365779f200b5cb315b4697d88
907d1e73a8abda6fdcd260c063e4214baa7680c51a6e66c0d6ce6863729e997b
93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62
97a722cd1196db8eb0af4fe26c46a57f05b096edaa8d13f4dfce0a6e96b6f6df
980364987b2387dc00bc319cb8077f90442911b076a9139092dcf93fd25ea014
9b76d15a39f5dc658e1988ad1416b2b443be66d1c0f33f9eeedc1d2662a56b7f
a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685
a821bc4fb42646c81f591fbb80c07c6a31ca0e28e27e620ccae6a0db74acc76c
abfaa53c8beac9f49b47e5e68b2b317225b14e8afaa4724212e11deb7cace3d2
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
bf4c6d62e41d00e93082c134a0501630fa33253318a3867fa57ee19643c1332c
d0aca4d9a24457b20e9627b3b099620a5ec63596586c481f79874bf83031eb13
d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531
da0f38b88ace6f4bbee8058bdc41e071df27d41e8b89be38c2478da42044b55b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e137812d0739f47b90bf637dd659b3882e13e5047a1ac2203a55aac8f665f1dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f9e67eef5a15aa3ab738b44a493cd7dbe4f3a472e703b00c38262cc25c1d50
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
f11bace1badb78fbeebd39009b6d77dbcc1e99df014e6f0a91d0407b10cd7a1f
f7128eb4da794fa16439a604286b05df140a57559c726f990a94be9497b50aa7
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c