adultfriendfinder.com
Open in
urlscan Pro
69.165.107.69
Public Scan
Effective URL: https://adultfriendfinder.com/go/page/cover?pid=g459775-pmob&ip=auto&no_click=1&alpo_redirect=1
Submission: On December 03 via manual from CA — Scanned from NL
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 26th 2022. Valid for: a year.
This is the only time adultfriendfinder.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 8 | 67.55.114.36 67.55.114.36 | 20264 (WEBAIR-IN...) (WEBAIR-INTERNET-2) | |
1 | 80.98.174.206 80.98.174.206 | 21334 (ASN-VODAF...) (ASN-VODAFONE-) | |
1 10 | 69.165.107.69 69.165.107.69 | 25875 (VARIO) (VARIO) | |
44 | 192.229.233.220 192.229.233.220 | 15133 (EDGECAST) (EDGECAST) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a00:1450:400... 2a00:1450:4001:829::2004 | () () | |
2 | 2a00:1450:400... 2a00:1450:4001:829::2008 | () () | |
6 | 2a00:1450:400... 2a00:1450:4001:806::2003 | () () | |
3 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | () () | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | () () | |
82 | 12 |
ASN20264 (WEBAIR-INTERNET-2, US)
PTR: protocol-lax6.webair.com
www.againjam.com |
ASN21334 (ASN-VODAFONE-, HU)
PTR: catv-80-98-174-206.catv.fixed.vodafone.hu
valestic.com |
ASN15133 (EDGECAST, US)
secureimage.securedataimages.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
44 |
securedataimages.com
secureimage.securedataimages.com — Cisco Umbrella Rank: 70182 |
6 MB |
10 |
adultfriendfinder.com
1 redirects
adultfriendfinder.com — Cisco Umbrella Rank: 86788 |
74 KB |
9 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
606 KB |
8 |
againjam.com
2 redirects
www.againjam.com |
12 KB |
5 |
google.com
www.google.com |
25 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
119 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37 |
2 KB |
1 |
google-analytics.com
region1.google-analytics.com |
351 B |
1 |
valestic.com
valestic.com |
427 B |
1 |
yolaserp.ml
yolaserp.ml |
999 B |
0 |
ievolved.com
Failed
login.ievolved.com Failed |
|
82 | 11 |
Domain | Requested by | |
---|---|---|
44 | secureimage.securedataimages.com |
adultfriendfinder.com
secureimage.securedataimages.com |
10 | adultfriendfinder.com |
1 redirects
valestic.com
adultfriendfinder.com secureimage.securedataimages.com |
8 | www.againjam.com |
2 redirects
yolaserp.ml
www.againjam.com |
6 | www.gstatic.com |
www.google.com
www.gstatic.com |
5 | www.google.com |
adultfriendfinder.com
www.gstatic.com www.google.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
www.google.com |
2 | www.googletagmanager.com |
adultfriendfinder.com
www.googletagmanager.com |
2 | fonts.googleapis.com |
adultfriendfinder.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | valestic.com |
www.againjam.com
|
1 | yolaserp.ml | |
0 | login.ievolved.com Failed |
www.againjam.com
|
82 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.adultfriendfinder.com Go Daddy Secure Certificate Authority - G2 |
2022-02-26 - 2023-03-30 |
a year | crt.sh |
www.securedataimages.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-30 - 2023-09-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://adultfriendfinder.com/go/page/cover?pid=g459775-pmob&ip=auto&no_click=1&alpo_redirect=1
Frame ID: F34996E96431C00CF8DD49D8902F0FBF
Requests: 72 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le39tEaAAAAAMMkCDMgcFqH-bd48PekQZWZSphp&co=aHR0cHM6Ly9hZHVsdGZyaWVuZGZpbmRlci5jb206NDQz&hl=nl&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=rgcns99cg6oa
Frame ID: 4BAB2A1BBD7B16EA724662454EB6878B
Requests: 7 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=HASH(0x55b75e907b48)&co=aHR0cHM6Ly9hZHVsdGZyaWVuZGZpbmRlci5jb206NDQz&hl=nl&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=tk85m0r2tfjy
Frame ID: 01CB369F701D94A2D0D92D1EEE505905
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://yolaserp.ml/3e0c7528 Page URL
- http://www.againjam.com/track/6362d569c0326/?c=1&s=feels&v=1&n=0&e=ronnie.cobb@enbridge.com Page URL
- http://www.againjam.com/track/6362d569c0326/?c=1&s=feels&v=1&n=0&e=MGM4OWRmMjZhYTI0NzljMTY0MjgzYTI2O... Page URL
-
http://www.againjam.com/rd/?u=http%253A%252F%252Fwww.againjam.com%252Ftrack%252F62f7f0f51b76f%252F%2...
HTTP 302
http://www.againjam.com/track/62f7f0f51b76f/?c=1&s=feels&s2=&v=1&n=0&e=ronnie.cobb@enbridge.com Page URL
- http://www.againjam.com/track/62f7f0f51b76f/?c=1&s=feels&s2=&v=1&n=0&e=ZmFkODllODA2MzBmNTg0OGU4ZWRlM... Page URL
-
http://www.againjam.com/rd/?u=http%253A%252F%252Fvalestic.com%252Fievreturn%252F%253Femail%253Dronni...
HTTP 302
http://valestic.com/ievreturn/?email=ronnie.cobb@enbridge.com Page URL
-
https://adultfriendfinder.com/go/g459775-pmob
HTTP 302
https://adultfriendfinder.com/go/page/cover?pid=g459775-pmob&ip=auto&no_click=1&alpo_redirect=1 Page URL
Detected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- googletagmanager\.com/gtm\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://yolaserp.ml/3e0c7528 Page URL
- http://www.againjam.com/track/6362d569c0326/?c=1&s=feels&v=1&n=0&e=ronnie.cobb@enbridge.com Page URL
- http://www.againjam.com/track/6362d569c0326/?c=1&s=feels&v=1&n=0&e=MGM4OWRmMjZhYTI0NzljMTY0MjgzYTI2OWRmN2E5OGRQakc0c2Y5YXd2dGIwSHN1eTVDZWtRMlREa0dHRlIzSw%253D%253D&k=5428&ms=1670099598950&url=OGU2Mzk1NDk3YWI3YzRmMjY0ZmMwY2RjODIzZGY4NDRNaWlpakRUd1BJWjBLYWNwemRQNGkvYW9Fdz09 Page URL
-
http://www.againjam.com/rd/?u=http%253A%252F%252Fwww.againjam.com%252Ftrack%252F62f7f0f51b76f%252F%253Fc%253D1%2526s%253Dfeels%2526s2%253D%2526v%253D1%2526n%253D0%2526e%253Dronnie.cobb%2540enbridge.com&r=138980726&d=-2&ad=0&cam=1
HTTP 302
http://www.againjam.com/track/62f7f0f51b76f/?c=1&s=feels&s2=&v=1&n=0&e=ronnie.cobb@enbridge.com Page URL
- http://www.againjam.com/track/62f7f0f51b76f/?c=1&s=feels&s2=&v=1&n=0&e=ZmFkODllODA2MzBmNTg0OGU4ZWRlMmY1ZjVjMTIzYjZJUmVpekt2UVBUaGVKcFZnR09uY24yM2lPclFldGpMNQ%253D%253D&k=9413&ms=1670099599927&url=ZWRmYzAwYTRlY2QwYmEyYjFjMzZmZWYzMzg1ZDAwMzlQTFd6QmhDemQ4L1B5eEhYRzR2bGY3RFNvU0dSRGRHZXpyK0pQbGs0L2xKMWNOb1E3aEozMnFOYW1laDZOV05makl0Z2ZlMCtwaXJtSmRZWEF5U1puenhlTm5FTmVUQmtrTm9PUFVoVnFnQktwUXRjR3FiNkVST1RpL0RGUTdhbkxVKzh6TkRzcmpWcklOVE41L09GWmxtY2x4L05lVUNIT211REhqWXYxOXAwL01Mb1lWcVFTTVQ2R0c1eUp3NlVTY1JTRFVDTUhzZUwwaTNSejVLamhKOUNjK01Wd0tOM1MzOHdvMGhNUEl1QU1vc3Vubk9Id2ZLYmxIQVd1TkNzN1ZKSHhSdmd3SjFRTTR0cW9UZzRjeGRLYlhob2J3b1pRdWttWnpmUDBib1pyVEZjNG1sODRYY3BYeStySlZaWlRMWjdsWGJCM0xvaU5YUzZjTzUvVFpQbUFEZTV1UVhLellCRkpXTjd2bTA9 Page URL
-
http://www.againjam.com/rd/?u=http%253A%252F%252Fvalestic.com%252Fievreturn%252F%253Femail%253Dronnie.cobb%2540enbridge.com&r=138980730&d=-2&ad=0&cam=1
HTTP 302
http://valestic.com/ievreturn/?email=ronnie.cobb@enbridge.com Page URL
-
https://adultfriendfinder.com/go/g459775-pmob
HTTP 302
https://adultfriendfinder.com/go/page/cover?pid=g459775-pmob&ip=auto&no_click=1&alpo_redirect=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://www.againjam.com/rd/?u=http%253A%252F%252Fwww.againjam.com%252Ftrack%252F62f7f0f51b76f%252F%253Fc%253D1%2526s%253Dfeels%2526s2%253D%2526v%253D1%2526n%253D0%2526e%253Dronnie.cobb%2540enbridge.com&r=138980726&d=-2&ad=0&cam=1 HTTP 302
- http://www.againjam.com/track/62f7f0f51b76f/?c=1&s=feels&s2=&v=1&n=0&e=ronnie.cobb@enbridge.com
- http://www.againjam.com/rd/?u=http%253A%252F%252Fvalestic.com%252Fievreturn%252F%253Femail%253Dronnie.cobb%2540enbridge.com&r=138980730&d=-2&ad=0&cam=1 HTTP 302
- http://valestic.com/ievreturn/?email=ronnie.cobb@enbridge.com
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
3e0c7528
yolaserp.ml/ |
366 B 999 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.againjam.com/track/6362d569c0326/ |
713 B 951 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.againjam.com/track/6362d569c0326/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
focus.php
login.ievolved.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.againjam.com/ajax/ |
229 B 490 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.againjam.com/track/62f7f0f51b76f/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.againjam.com/track/62f7f0f51b76f/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
focus.php
login.ievolved.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.againjam.com/ajax/ |
151 B 412 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
valestic.com/ievreturn/ Redirect Chain
|
80 B 427 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
cover
adultfriendfinder.com/go/page/ Redirect Chain
|
181 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.css
adultfriendfinder.com/images/ffadult/css/ |
0 466 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset-1428465189.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
927 B 795 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fruit2-1654126279.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
75 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
badges-1635220630.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
23 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-select.css
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-v2.css
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/ |
135 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-custom.css
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider.css
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HoldOn.min.css
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/ |
13 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.min.css
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/ |
32 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-fruit3.css
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fruit3-svg.css
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/ |
2 KB 713 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
secureimage.securedataimages.com/images/production/gfonts/fonts/ |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
secureimage.securedataimages.com/images/production/gfonts/fonts/ |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
videocover_ffadult_new2013_v2-1663296201.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
42 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
videocover_ffadult_d2022-1663296201.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font_face-1553209930.css
adultfriendfinder.com/css/live_cd/ffadult/dutch/0/secure/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_update-1591243034.css
secureimage.securedataimages.com/css/live_cd/ffadult/dutch/0/secure/ |
2 KB 892 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 847 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
secureimage.securedataimages.com/images/common/js/jquery/ |
86 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fruit3-svg_v2.js
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/js/ |
83 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hammy.png
secureimage.securedataimages.com/images/ffadult/39850/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
white_AFF.svg
secureimage.securedataimages.com/images/ffadult/39850/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enterprise.js
www.google.com/recaptcha/ |
974 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enterprise.js
www.google.com/recaptcha/ |
940 B 654 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avn_award2.png
secureimage.securedataimages.com/images/ffadult/cover/avn_award/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Women_bigsquare.jpg
secureimage.securedataimages.com/images/piclist/default/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uBiNnOUdV5Kykl5AywYpRQ.jpg
secureimage.securedataimages.com/ffadult/featured/external/photos/IN/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A4fWObUqTYtBuqE7rxk3Zw.jpg
secureimage.securedataimages.com/ffadult/featured/external/photos/FW/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
secureimage.securedataimages.com/images/ffadult/cover/AFFCoverVideo_FINAL_2021/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.jpg
secureimage.securedataimages.com/images/ffadult/cover/AFFCoverVideo_FINAL_2021/ |
116 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.jpg
secureimage.securedataimages.com/images/ffadult/cover/AFFCoverVideo_FINAL_2021/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.jpg
secureimage.securedataimages.com/images/ffadult/cover/AFFCoverVideo_FINAL_2021/ |
120 KB 120 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.jpg
secureimage.securedataimages.com/images/ffadult/cover/AFFCoverVideo_FINAL_2021/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.svg
secureimage.securedataimages.com/images/ffadult/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dutch_statedropdown_utf8.js
adultfriendfinder.com/images/common/js/ |
38 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
secureimage.securedataimages.com/images/common/js/ |
95 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate-1.4.1.min.js
secureimage.securedataimages.com/images/common/js/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ffadult-dutch-FFN_MC_ajax_register_page_short3_1-1664926094.js
secureimage.securedataimages.com/javascript/live_cd/secure/ |
41 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-sans-italic-v2.css
secureimage.securedataimages.com/images/production/gfonts/ |
14 KB 1003 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
116 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ |
401 KB 161 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.mp4
secureimage.securedataimages.com/images/ffadult/cover/AFFCoverVideo_FINAL_2021/ |
6 MB 6 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
handle_icon.svg
secureimage.securedataimages.com/images/ffadult/39850/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
psw_icon.svg
secureimage.securedataimages.com/images/ffadult/39850/ |
654 B 743 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red_btn_bg2.png
secureimage.securedataimages.com/images/ffadult/39850/ |
190 B 290 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red_piclist_bg.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-bold-webfont.woff2
adultfriendfinder.com/images/common/fonts/ |
19 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info
adultfriendfinder.com/qz/phone/ |
646 B 827 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blue_btn_bg.png
secureimage.securedataimages.com/images/ffadult/39850/ |
240 B 340 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grey_img_bg.jpg
secureimage.securedataimages.com/images/ffadult/39850/ |
48 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite_newaff.png
secureimage.securedataimages.com/images/ffadult/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
xmlfeed.cgi
adultfriendfinder.com/p/ |
58 B 527 B |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
city_list.html
adultfriendfinder.com/go/page/ |
3 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon-email.svg
secureimage.securedataimages.com/images/ffadult/39850/ |
432 B 534 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon-tick.svg
secureimage.securedataimages.com/images/ffadult/39850/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check-list.json
adultfriendfinder.com/images/common/json/ |
714 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/enterprise/ Frame 4BAB |
42 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/enterprise/ Frame 01CB |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
216 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 01CB |
52 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 01CB |
401 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 4BAB |
52 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 4BAB |
401 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 351 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4BAB |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BAB |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BAB |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/enterprise/ Frame 4BAB |
102 B 133 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.ievolved.com
- URL
- http://login.ievolved.com/focus.php?insert=1&publisher_id=254&pub_sub_id=45670&email=ronnie.cobb%40enbridge.com&ip=31.204.152.211&pub_sub_name=feels&browser=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&focus=1&tpl=TPL-1-F
- Domain
- login.ievolved.com
- URL
- http://login.ievolved.com/focus.php?insert=1&publisher_id=235&pub_sub_id=45671&email=ronnie.cobb%40enbridge.com&ip=31.204.152.211&pub_sub_name=feels&browser=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&focus=1&tpl=TPL-1-F
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.againjam.com/ | Name: cpc_unique_id Value: 638bb28f2ae91 |
|
.adultfriendfinder.com/ | Name: ALPO Value: 235527115 |
|
.adultfriendfinder.com/ | Name: click_id_time Value: 1777803175_2022-12-03 12:33:22 |
|
.adultfriendfinder.com/ | Name: AB_TRACKING Value: k06VtpmGdreOlsTp6SWSjO |
|
.adultfriendfinder.com/ | Name: ffadult_who Value: r_h3BxBwZTPswOA6Skqz2ogSUd.MH5uxZu0kVhSgkju8PjNd3LLp5NyOV3il6MJ2lYO4BSlAmtqqpgncujqeUgtocTJKo__sYpAE9TGfHgjK4CY7uPBUBGi8zqfllLsb54nvwI0N.YhDjQK_2aY3SZ3w-- |
|
.adultfriendfinder.com/ | Name: v_hash Value: _dutch_0 |
|
.adultfriendfinder.com/ | Name: IP_COUNTRY Value: Netherlands |
|
.adultfriendfinder.com/ | Name: ffadult_tr Value: r_asgec73Dk._W0r3QfMgEFp98aBdpfRywyFEXqMfqzT9XdDEAarLDqtHkfmRkYDdz |
|
.adultfriendfinder.com/ | Name: LOCATION_FROM_IP Value: country&Netherlands&area_code&&longitude&4.4264&country_name&Netherlands&lat&51.93®ion_name&South+Holland&country_code&NL®ion&ZH&state&&city&Rotterdam&postal_code&3044&latitude&51.93&lon&4.4264&dma_code&&country_code3&NLD |
|
.adultfriendfinder.com/ | Name: HISTORY Value: 20221203-1-Dc |
|
.adultfriendfinder.com/ | Name: throttling Value: {"time":1670099602,"AppD":1,"GTM":0} |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adultfriendfinder.com
fonts.googleapis.com
fonts.gstatic.com
login.ievolved.com
region1.google-analytics.com
secureimage.securedataimages.com
valestic.com
www.againjam.com
www.google.com
www.googletagmanager.com
www.gstatic.com
yolaserp.ml
login.ievolved.com
192.229.233.220
2001:4860:4802:34::36
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2003
2a06:98c1:3121::3
67.55.114.36
69.165.107.69
80.98.174.206
029331b2dfa330cc76a8de3c1cefb8f3ab5ea472314637e641626e952c095be6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
182f7849e8be3281c3368ef36edc9f410ab247487ca6db24da1a5d62f72b9701
1b2075481ab490e4875252cc1848a151c6c8c7a1349ec4f490bf6e6c961f3a9f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e97892826dab7d94a377602bc1d502dfeca5250b9ec7370d97fe03f8228bf87
2094f1355fd952868c5f7b375deb2d65c0e6582b66f5940dc9659a006e7fac28
218c0230e7c7a16912de76857bdcdfe7aee3a7d74647369d21206f78acc69872
386262083346b94322fbd3f04bf30d279fda24376efeca806829d20926216f5c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405f04f60751e0476552ff9f091e648c2b3ab9f19715f4b372b0a1e371d06b3b
440b5b44fd25e326c7c3197ba13520ffd5c3e7f732876000335be95df3796da1
44d36e87ac12fc1cff9a377738adaab317444acd3794d2cfdabe98c03b1c7c90
44f1a303e8502e0fcf57b025665f33cff69e46cde4f492b027ca389f1980fda1
47d4ae9f42c83403537dca6e59a641ca2f7ea1aadf2ee1f49388da324ab59a12
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
54b1a80afc4cc263f4bf82abca543c00deea34554abea50c99b0d7e2492ed4f6
567550ab5b1d9b9e43af479f368fc5257e27c8029c1f100f8b745ed9f00aca3c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cae1308f05103ab1d71d258865bdc36d7042fbfc25c90bf2c7477f9d28ef8f6
5d006b4443d89b4296f22ccdda534b9b113dc46a8e005ed8581c2bf1b25a4f78
620e619ded934a055977b264c22d8d72785d257ef83a681cf97d0f4d200097c0
64a78305331f527586d6be1e1d1c5d7a4e7eb5a6f787c205e820fb5669459d88
651e80326399048890bd80ba242b3f96a20f46a70b4b2dae46750e07b2074224
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6dd0acb03c3000f2c403e190b27a1b349ca003ca3bb006c2092c26b2cfacac10
715b710e779ac97d93853cc72a0d937456871f09a954f0279ea1de6af3e9513d
7238f8a3e5352dcf1fa3301e213ffdfcc151e99eaa37bc147e4d874bbec87fed
770ffd8a4ea59351ec4e060225609b886993f7593d3605e9596f45c42c28e367
80afd271d14f455ba53e581cf3719f9d6c6a432af9d749e634a58065ae10f965
849b11f768a36c8ffddbe7a483a7b87b1ecc79919069aae74a22cd44cff8ca85
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a94fd43071c1926a919f7ad71aff1e8837fcebd76021d7538e2ec23a32c7638
8bdfc1597c67608d4036b9dfa303e9016826ff76b701b03d138bf5611755a9ab
8de6e59daf8fbdc96ba20634b7f54252484c22d503955364aa28ddc66823dce8
98ee02101403ce256672034d77279e2c19787a27aafef52a93a570a52a726901
9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b
9e425554f9d411c4f9daa9845b3936161b2d297d4c8c2093ca780d47496fba2b
a154113d304843f9784159cc6d73551b32249851eb69571221423c45275defab
a49abd98c8c4a52604f675696ae9a38ffd8d05b9f7b860036c3b2b5761c1a3ae
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
a7af83c6d6395cd1d4cf76497a0fca86c8703f61795080628f61fee469de1071
ab1039ea5e388184cc3f8ba3f6d859a41f895a38718c301f9608e2660e67099b
b6b57ce5d874c279a9733f0a09203f2eb93229c36c0533b45a7fac72e43539fa
bd5ebe0fb6311a5d05ed2849cf10b424138e2d8b3181adad355eca90555e5ac9
c7a4159104559ae3512cb781834023fecdfcc252019a1a538ad5ee2de9148db9
c9c348ac00235a9e377b2db609915c4e37ad5045d4755193e2dc50af22ac0f8f
ca4c473a808b53f9b209cc6eafda22fa8a1765a2e4cdb8f0bbbdc850bc870b71
d09144a35393f5c7764a664b032f0f0afad3d2a250f93cace2539609147aec4c
d104ab6112b448a0acf63a95521e5c282eb5002e14b9c040999f7c0a37f66a08
d21eb8eb4baa860acbebcf61e31682f3a8c45e425c5232203b5272b1b685677f
d4e39e8030b8beae93b359e6db4de52a1bd5a905d471f4356183167998bacf25
d813224d85f5cffc190a3e2ca325eab557896f66e88145e1c59e2bff8bd3cd43
da24ada20d567263ea2ba0742c24b98efc7ae7e072f54575c8f9553aeb5af848
da282c7fa098a359e8f79425396d287f7acc596dfd8000c849718615cebb2467
e2688429069936fd2f4afd18bb771555132beb1f845b46325fe2f73e18223505
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d865d5e1d03193116108c1118035693c346c87ad91285aded0eb78157c2c3a
e7e2dca5083cb432b604f7ea5b924551527bc3cc2e86b3edb989206b14ce7875
ebfc72549a2dbb497b5733038defe5f1d8a0f0103ff9c39fc8ca17896bfe420e
ed82438642b448b9884d3f9d99b0b273e1bc353a8fe40f4f6512030ee821dbe2
f0344c4ab3396a35d691302a41bc6fe16c2129e7eb330ee77f182b7a2d38f7ea
f2560052bfc2254bfb8330aa47c6ab295c8d74363d9ea36c51f6a3712ff27b29
f30821151041db9c4903b8b49135f7c8315027214243cd49c494a7bcc1ba9e6b
f44afb3e3e0a4d5f209a1bfdba5fbe61e383f34780bea7136621bb8477f637b7
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f6fff718a8cd59e55f538cfb4faab325ae8236395c3086b33291aa1f1a7c3630
fb8a449fd4b22358bee4adabbef3cc76216faedbd0a0fad8c27b80fa082d76b1
fcd98efd67c3f8b9c7bca7fbe96c932b516a8f9db8c9c2ba9f8fa05e2806d382