1wgafz.top
Open in
urlscan Pro
190.115.24.78
Public Scan
Effective URL: https://1wgafz.top/landing-fortune-wheel?sub1=d8b18442-b563-11ee-98d8-4b17d243677a&sub2=93374&
Submission: On January 17 via manual from GB — Scanned from AT
Summary
TLS certificate: Issued by R3 on December 12th 2023. Valid for: 3 months.
This is the only time 1wgafz.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 104.26.9.129 104.26.9.129 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 3.120.230.228 3.120.230.228 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 69.172.200.185 69.172.200.185 | 19324 (DOSARREST) (DOSARREST) | |
2 2 | 198.55.106.36 198.55.106.36 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
20 | 190.115.24.78 190.115.24.78 | 59692 (IQWEB) (IQWEB) | |
1 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
2 | 172.217.16.200 172.217.16.200 | 15169 (GOOGLE) (GOOGLE) | |
2 4 | 172.217.18.6 172.217.18.6 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.66.97.49 18.66.97.49 | 16509 (AMAZON-02) (AMAZON-02) | |
3 7 | 87.250.251.119 87.250.251.119 | 13238 (YANDEX) (YANDEX) | |
1 | 216.239.34.36 216.239.34.36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.32.27.54 13.32.27.54 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 142.250.184.194 142.250.184.194 | 15169 (GOOGLE) (GOOGLE) | |
1 | 3.160.212.84 3.160.212.84 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 142.250.186.98 142.250.186.98 | 15169 (GOOGLE) (GOOGLE) | |
2 | 44.229.210.160 44.229.210.160 | 16509 (AMAZON-02) (AMAZON-02) | |
41 | 13 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-230-228.eu-central-1.compute.amazonaws.com
expearsbectorlds.com |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 198.55.106.36.static.quadranet.com
djnl.decisionnowlive.com | |
djnl.spinfastconnected.com |
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
12688802.fls.doubleclick.net | |
12572451.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net
static.hotjar.com |
ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru | |
mc.yandex.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
adservice.google.com |
ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-84.mxp53.r.cloudfront.net
vc.hotjar.io |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
adservice.google.at |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-210-160.us-west-2.compute.amazonaws.com
api2.amplitude.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
1wgafz.top
1wgafz.top |
2 MB |
5 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 8747 |
3 KB |
4 |
doubleclick.net
2 redirects
12688802.fls.doubleclick.net — Cisco Umbrella Rank: 377654 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 380669 |
2 KB |
2 |
amplitude.com
api2.amplitude.com — Cisco Umbrella Rank: 1350 |
309 B |
2 |
google.at
adservice.google.at — Cisco Umbrella Rank: 87334 |
665 B |
2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 98 |
1 KB |
2 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3982 |
71 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996 |
59 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
172 KB |
2 |
expearsbectorlds.com
expearsbectorlds.com |
2 KB |
2 |
shorturl.at
2 redirects
shorturl.at — Cisco Umbrella Rank: 81535 www.shorturl.at — Cisco Umbrella Rank: 91454 |
1 KB |
1 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2633 |
259 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029 |
250 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 760 |
30 KB |
1 |
spinfastconnected.com
1 redirects
djnl.spinfastconnected.com |
680 B |
1 |
decisionnowlive.com
1 redirects
djnl.decisionnowlive.com |
705 B |
1 |
ffatric1.com
1 redirects
ffatric1.com |
503 B |
1 |
afflat3a1.com
1 redirects
afflat3a1.com — Cisco Umbrella Rank: 465964 |
513 B |
41 | 18 |
Domain | Requested by | |
---|---|---|
20 | 1wgafz.top |
expearsbectorlds.com
1wgafz.top |
5 | mc.yandex.com |
2 redirects
1wgafz.top
|
2 | api2.amplitude.com |
1wgafz.top
|
2 | adservice.google.at |
adservice.google.com
|
2 | adservice.google.com |
12688802.fls.doubleclick.net
12572451.fls.doubleclick.net |
2 | mc.yandex.ru |
1 redirects
expearsbectorlds.com
|
2 | 12572451.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | 12688802.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.googletagmanager.com |
1wgafz.top
www.googletagmanager.com |
2 | expearsbectorlds.com |
expearsbectorlds.com
|
1 | vc.hotjar.io |
script.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
expearsbectorlds.com
|
1 | code.jquery.com |
1wgafz.top
|
1 | djnl.spinfastconnected.com | 1 redirects |
1 | djnl.decisionnowlive.com | 1 redirects |
1 | ffatric1.com | 1 redirects |
1 | afflat3a1.com | 1 redirects |
1 | www.shorturl.at | 1 redirects |
1 | shorturl.at | 1 redirects |
41 | 21 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
expearsbectorlds.com R3 |
2023-11-28 - 2024-02-26 |
3 months | crt.sh |
1wgafz.top R3 |
2023-12-12 - 2024-03-11 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-12-26 - 2024-06-05 |
5 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.hotjar.io Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
*.google.at GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2023-01-23 - 2024-02-14 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
https://1wgafz.top/landing-fortune-wheel?sub1=d8b18442-b563-11ee-98d8-4b17d243677a&sub2=93374&
Frame ID: E56B3862F3D6704B7EC57807879D851F
Requests: 34 HTTP requests in this frame
Frame:
https://12688802.fls.doubleclick.net/activityi;dc_pre=CKPOjuuC5YMDFbFCHgId898Ggw;src=12688802;type=actio0;cat=allpa0;ord=1;num=4287825192025;auiddc=677381787.1705515095;gtm=45He41a0v894400803;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wgafz.top%2Flanding-fortune-wheel%3F%26%26
Frame ID: E3ACD0E26CC019DFFC339A8F7A141C4E
Requests: 1 HTTP requests in this frame
Frame:
https://12572451.fls.doubleclick.net/activityi;dc_pre=CJbsjuuC5YMDFWNlHgIdQW0KNg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7880265536063.3955
Frame ID: 2B07CECC2C1DCDDF513B3D051A0C320F
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CKPOjuuC5YMDFbFCHgId898Ggw;src=12688802;type=actio0;cat=allpa0;ord=1;num=4287825192025;auiddc=677381787.1705515095;gtm=45He41a0v894400803;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wgafz.top%2Flanding-fortune-wheel%3F%26%26
Frame ID: 43494A3028C1D6BACC592A0582B1925C
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CJbsjuuC5YMDFWNlHgIdQW0KNg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7880265536063.3955;~oref=https://1wgafz.top/
Frame ID: 644EA3B7227E717C9EE59FDE77E939F0
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.at/ddm/fls/i/dc_pre=CKPOjuuC5YMDFbFCHgId898Ggw;src=12688802;type=actio0;cat=allpa0;ord=1;num=4287825192025;auiddc=677381787.1705515095;gtm=45He41a0v894400803;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wgafz.top%2Flanding-fortune-wheel%3F%26%26
Frame ID: 844F82417EC49B9E98A891F6A0A2492A
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.at/ddm/fls/i/dc_pre=CJbsjuuC5YMDFWNlHgIdQW0KNg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7880265536063.3955;~oref=https://1wgafz.top/
Frame ID: 837AB2FA099F36D242248BFB6425FE67
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
1winPage URL History Show full URLs
-
https://shorturl.at/tABY7
HTTP 301
https://www.shorturl.at/tABY7 HTTP 302
https://expearsbectorlds.com/voluum/95686ca3-08c1-4a98-b139-f9faf0f6272d Page URL
- https://expearsbectorlds.com/redirect?target=BASE64aHR0cHM6Ly9hZmZsYXQzYTEuY29tL3Ryay9sbmsvMUE3RjlGRDQtQj... Page URL
-
https://afflat3a1.com/trk/lnk/1A7F9FD4-B10B-4BA6-8BA5-06E1D1CBB62A/?o=21349&c=918277&a=584627&k=11...
HTTP 302
https://ffatric1.com/def.cfm?i=584627&o=21349&c=AT&d=D HTTP 302
https://djnl.decisionnowlive.com/?kw=584627&s1=21349&s2=147150&s3=AT&s4=D HTTP 302
https://djnl.spinfastconnected.com/o/OSOGSWEW/d82638a6-b563-11ee-a78f-7facea208684/d82e165c-b563-11ee-8658-bbc4... HTTP 302
https://1wgafz.top/landing-fortune-wheel?sub1=d8b18442-b563-11ee-98d8-4b17d243677a&sub2=93374& Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://shorturl.at/tABY7
HTTP 301
https://www.shorturl.at/tABY7 HTTP 302
https://expearsbectorlds.com/voluum/95686ca3-08c1-4a98-b139-f9faf0f6272d Page URL
- https://expearsbectorlds.com/redirect?target=BASE64aHR0cHM6Ly9hZmZsYXQzYTEuY29tL3Ryay9sbmsvMUE3RjlGRDQtQjEwQi00QkE2LThCQTUtMDZFMUQxQ0JCNjJBLz9vPTIxMzQ5JmM9OTE4Mjc3JmE9NTg0NjI3Jms9MTFCRDMyNEUwREU0ODNFNjY3MzIwQzYwNDU4NUQ4N0QmbD0yMjU1NSZTMj13NTBxYjkwaWtudjhwYWh1MnQ5OHJjODQ&ts=1705515090842&hash=fNy8lrtB8YJURG0fStZAmUXA5Zhl1QDAgb_JZHLh6Tc&rm=DJ Page URL
-
https://afflat3a1.com/trk/lnk/1A7F9FD4-B10B-4BA6-8BA5-06E1D1CBB62A/?o=21349&c=918277&a=584627&k=11BD324E0DE483E667320C604585D87D&l=22555&S2=w50qb90iknv8pahu2t98rc84
HTTP 302
https://ffatric1.com/def.cfm?i=584627&o=21349&c=AT&d=D HTTP 302
https://djnl.decisionnowlive.com/?kw=584627&s1=21349&s2=147150&s3=AT&s4=D HTTP 302
https://djnl.spinfastconnected.com/o/OSOGSWEW/d82638a6-b563-11ee-a78f-7facea208684/d82e165c-b563-11ee-8658-bbc49d5be09d HTTP 302
https://1wgafz.top/landing-fortune-wheel?sub1=d8b18442-b563-11ee-98d8-4b17d243677a&sub2=93374& Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://shorturl.at/tABY7 HTTP 301
- https://www.shorturl.at/tABY7 HTTP 302
- https://expearsbectorlds.com/voluum/95686ca3-08c1-4a98-b139-f9faf0f6272d
- https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=4287825192025;auiddc=677381787.1705515095;gtm=45He41a0v894400803;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wgafz.top%2Flanding-fortune-wheel%3F%26%26 HTTP 302
- https://12688802.fls.doubleclick.net/activityi;dc_pre=CKPOjuuC5YMDFbFCHgId898Ggw;src=12688802;type=actio0;cat=allpa0;ord=1;num=4287825192025;auiddc=677381787.1705515095;gtm=45He41a0v894400803;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wgafz.top%2Flanding-fortune-wheel%3F%26%26
- https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7880265536063.3955 HTTP 302
- https://12572451.fls.doubleclick.net/activityi;dc_pre=CJbsjuuC5YMDFWNlHgIdQW0KNg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7880265536063.3955
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10251.IJ23xN-LRLxGdGPz728J0YYUswNU9uyivTp85bN-oRIvbfzcSjJEOLkHMizKoFnL.YQE24RPJTr0MTI6eCvRbTX1dNr4%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10251.6lnNqa6wLyQwleYD9ziBDomZhF2wr3XTgS2ELHtacS58S7KRROizkvm4Qth7C-a4ahobRUWrhaN2Dg3fhbIsaAUgZk3OAIYm3dB25H2GjIfwQGTiRud6HhWh7g2rpAFtAGs_jHvKLwmPIpaMr_1UCJlEEnBiIT9d08Btv4q6xndZCSQjWa7wW8a6HzCZ2Jq6RhO3Y2xWnpFsVmPCOL9NhUDEJ4DHKOf-D1ZWcPhQt24%2C.oKQnSMO6etBkFm0jBqgf5xq9JRM%2C
- https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wgafz.top%2Flanding-fortune-wheel%3F%26%26&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1234771803553%3Ahid%3A445667281%3Az%3A60%3Ai%3A20240117191135%3Aet%3A1705515095%3Ac%3A1%3Arn%3A1017395292%3Arqn%3A1%3Au%3A1705515095820624567%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C111%2C98%2C13%2C2899%2C0%2C%2C330%2C0%2C%2C%2C%2C3692%3Aco%3A0%3Acpf%3A1%3Ans%3A1705515090984%3Agi%3AR0ExLjEuMTQ1MDczODM0Mi4xNzA1NTE1MDk1%3Afp%3A3437%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705515095%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
- https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wgafz.top%2Flanding-fortune-wheel%3F%26%26&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1234771803553%3Ahid%3A445667281%3Az%3A60%3Ai%3A20240117191135%3Aet%3A1705515095%3Ac%3A1%3Arn%3A1017395292%3Arqn%3A1%3Au%3A1705515095820624567%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C111%2C98%2C13%2C2899%2C0%2C%2C330%2C0%2C%2C%2C%2C3692%3Aco%3A0%3Acpf%3A1%3Ans%3A1705515090984%3Agi%3AR0ExLjEuMTQ1MDczODM0Mi4xNzA1NTE1MDk1%3Afp%3A3437%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705515095%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
95686ca3-08c1-4a98-b139-f9faf0f6272d
expearsbectorlds.com/voluum/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect
expearsbectorlds.com/ |
666 B 831 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
landing-fortune-wheel
1wgafz.top/ Redirect Chain
|
172 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.31018b03adaae4e1c230.css
1wgafz.top/landing-fortune-wheel/ |
68 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logotype.svg
1wgafz.top/landing-fortune-wheel/img/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle.png
1wgafz.top/landing-fortune-wheel/img/ |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pointer.png
1wgafz.top/landing-fortune-wheel/img/ |
140 KB 141 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
present.png
1wgafz.top/landing-fortune-wheel/img/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rectangle2.png
1wgafz.top/landing-fortune-wheel/img/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rectangle2x.png
1wgafz.top/landing-fortune-wheel/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flags.svg
1wgafz.top/landing-fortune-wheel/img/ |
15 KB 4 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.1d8119ef67f002bbb18e.bundle.js
1wgafz.top/landing-fortune-wheel/ |
1 KB 883 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.b1a2f64360405694ed7b.bundle.js
1wgafz.top/landing-fortune-wheel/ |
289 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
1wgafz.top/landing-fortune-wheel/img/ |
210 KB 211 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
giftbox.png
1wgafz.top/landing-fortune-wheel/img/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rectangle.png
1wgafz.top/landing-fortune-wheel/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFProDisplay-Heavy.ttf
1wgafz.top/landing-fortune-wheel/fonts/ |
328 KB 328 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFProDisplay-Regular.ttf
1wgafz.top/landing-fortune-wheel/fonts/ |
404 KB 405 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFProDisplay-Bold.ttf
1wgafz.top/landing-fortune-wheel/fonts/ |
426 KB 426 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFProDisplay-Medium.ttf
1wgafz.top/landing-fortune-wheel/fonts/ |
423 KB 424 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
312 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
affiliate:link_visit
1wgafz.top/ |
15 B 1008 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2
1wgafz.top/lang-server/ |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
232 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CKPOjuuC5YMDFbFCHgId898Ggw;src=12688802;type=actio0;cat=allpa0;ord=1;num=4287825192025;auiddc=677381787.1705515095;gtm=45He41a0v894400803;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;u...
12688802.fls.doubleclick.net/ Frame E3AC Redirect Chain
|
613 B 527 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CJbsjuuC5YMDFWNlHgIdQW0KNg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 2B07 Redirect Chain
|
555 B 484 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2606090.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
202 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.2472296d2d26f0040059.js
script.hotjar.com/ |
219 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CKPOjuuC5YMDFbFCHgId898Ggw;src=12688802;type=actio0;cat=allpa0;ord=1;num=4287825192025;auiddc=677381787.1705515095;gtm=45He41a0v894400803;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=...
adservice.google.com/ddm/fls/i/ Frame 4349 |
612 B 725 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adservice.google.com/ddm/fls/i/dc_pre=CJbsjuuC5YMDFWNlHgIdQW0KNg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 644E |
554 B 379 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2606090
vc.hotjar.io/sessions/ |
0 259 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CKPOjuuC5YMDFbFCHgId898Ggw;src=12688802;type=actio0;cat=allpa0;ord=1;num=4287825192025;auiddc=677381787.1705515095;gtm=45He41a0v894400803;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=...
adservice.google.at/ddm/fls/i/ Frame 844F |
194 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adservice.google.at/ddm/fls/i/dc_pre=CJbsjuuC5YMDFWNlHgIdQW0KNg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame 837A |
194 B 150 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 674 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 502 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/92006234/ Redirect Chain
|
427 B 546 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
httpapi
api2.amplitude.com/2/ |
94 B 309 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
httpapi
api2.amplitude.com/2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| $ function| jQuery object| dataLayer object| webpackJsonp object| amplitude object| gtm object| regeneratorRuntime function| IMask function| onClickRegister function| useLang object| analyticsConnectorInstances object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings function| ym object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| Ya object| yaCounter9200623434 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.expearsbectorlds.com/ | Name: 95686ca3-08c1-4a98-b139-f9faf0f6272d-v4 Value: ZYnNTTJI8MUmL6hZqxRxhVt8_mh8TPpsRx7Asz55hpw |
|
.expearsbectorlds.com/ | Name: cc-v4 Value: 6b8NYLuXejYOgkgJuSGYBq0rYLUEyqj65sTdKzVGX%2Bsw77kc%2B638sMvBIYH%2FbEH%2FR4BRBU8Rtw2c4%2BYGbjiYoSmMEtnhaNYllsyxIn7qnssGn25dwTeO7Xfgjae43fb99T2N0Xn8ZelQMCE8RpeJ1g%3D%3D |
|
afflat3a1.com/ | Name: I Value: 0 |
|
djnl.decisionnowlive.com/ | Name: yredir_session Value: eyJpdiI6ImtzQ3h5emQrOGxGeXN6NGpmNThIVUE9PSIsInZhbHVlIjoiKzRLdXpXQ0FKOFlTTDlOOHVNR1ZWczBqTU9PMkxrUjFwNlpaNm43RWdBYVJUdXNKT0lPellXUSthUWcwUFlSQ1ZadGZ4MTBuaHpnK1hzTWFWUW9lRk9JK3JlVDBSTlMreUpjS3B6eTVRbmJlVE5OeUJSTmdPS1lyMjI5bHRUcGoiLCJtYWMiOiI1YzlmY2E4MTgzZjJiOTNmY2FiNTA0NTZhODhiYWQyMzY3Yzc3MTQ0M2U5ZGRlODE0Yjk5MTkxYWY2NTQ5ZDlkIiwidGFnIjoiIn0%3D |
|
djnl.spinfastconnected.com/ | Name: yredir_session Value: eyJpdiI6IjE5TEMyTkp2RmdQb0M2YzNZOUVNS2c9PSIsInZhbHVlIjoiWEhTSmJNVmZxcS9qME9zVUxaNm9jUlpmVlNuQnVCQURldXZpakZSSCtMRW9paTJLUDhqaFF3aE4wQ2IzdzhwaEoyaUR4cXN0OEZlWE44Y3RrSXBEMnlKaWMrR282aWxRRDd5MURQQ2NIRnY1Sm9XaXR3NU9oU2lXVzd2aG15UUQiLCJtYWMiOiJkNGY2YTAxMTdjMDE0YWIzZGMwYWU0Yzg3ZmU0MzgzNDIxNGMzMzk0Y2Q0ZjA5MGI2YTcwMjgwOGRkNWE1OGRmIiwidGFnIjoiIn0%3D |
|
.1wgafz.top/ | Name: __ddg1_ Value: veKTIsrnt1EeZ0WLtSHm |
|
1wgafz.top/ | Name: sub_ids Value: sub1=d8b18442-b563-11ee-98d8-4b17d243677a&sub2=93374 |
|
1wgafz.top/ | Name: visit_domain Value: 1wgafz.top |
|
.1wgafz.top/ | Name: AMP_MKTG_494cccfe21 Value: JTdCJTdE |
|
1wgafz.top/ | Name: core-sticky Value: http://10.233.108.243:80 |
|
.1wgafz.top/ | Name: _gcl_au Value: 1.1.677381787.1705515095 |
|
.1wgafz.top/ | Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJiMmIzZjQ5OS1kMTliLTRkMmQtODVlYy00NjMzYTI4ODNkN2MlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzA1NTE1MDk0NjY3JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcwNTUxNTA5NDc5OSUyQyUyMmxhc3RFdmVudElkJTIyJTNBMyU3RA== |
|
.1wgafz.top/ | Name: _ga_548949LWLW Value: GS1.1.1705515094.1.0.1705515094.0.0.0 |
|
.1wgafz.top/ | Name: _ga Value: GA1.1.1450738342.1705515095 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.1wgafz.top/ | Name: _hjSessionUser_2606090 Value: eyJpZCI6IjZkNDVmYjFkLTkwMmUtNTVjYS1hMzhhLThiZWE5NTMyYjU5MiIsImNyZWF0ZWQiOjE3MDU1MTUwOTUwNjEsImV4aXN0aW5nIjpmYWxzZX0= |
|
.1wgafz.top/ | Name: _hjIncludedInSessionSample_2606090 Value: 0 |
|
.1wgafz.top/ | Name: _hjSession_2606090 Value: eyJpZCI6ImJmNzQ3YTY3LWU0YWUtNDFmMS05MmIxLTllMmM0OTNlMjkwOCIsImMiOjE3MDU1MTUwOTUwNjMsInMiOjAsInIiOjAsInNiIjoxLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0= |
|
1wgafz.top/ | Name: _hjHasCachedUserAttributes Value: true |
|
.yandex.ru/ | Name: i Value: BDEBHqoWvyzYkuw361PLBmZGz8eFWte6cCgX5k/ToOFgi/nNkUUh7v1DwnPk2T0oL2sZuFwOo6OW9VbC+UV9VE1BzyU= |
|
.yandex.ru/ | Name: yandexuid Value: 3252779331705515094 |
|
.1wgafz.top/ | Name: _ym_uid Value: 1705515095820624567 |
|
.1wgafz.top/ | Name: _ym_d Value: 1705515095 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 4189061229fake |
|
.1wgafz.top/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 1358554754fake |
|
.yandex.com/ | Name: yandexuid Value: 3252779331705515094 |
|
.yandex.com/ | Name: yuidss Value: 3252779331705515094 |
|
.yandex.com/ | Name: i Value: BDEBHqoWvyzYkuw361PLBmZGz8eFWte6cCgX5k/ToOFgi/nNkUUh7v1DwnPk2T0oL2sZuFwOo6OW9VbC+UV9VE1BzyU= |
|
.yandex.com/ | Name: yp Value: 1705601495.yu.4667328501705515095 |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
mc.yandex.com/ | Name: yabs-sid Value: 883489641705515095 |
|
.yandex.com/ | Name: ymex Value: 1708107095.oyu.4667328501705515095#1737051095.yrts.1705515095 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wgafz.top
adservice.google.at
adservice.google.com
afflat3a1.com
api2.amplitude.com
code.jquery.com
djnl.decisionnowlive.com
djnl.spinfastconnected.com
expearsbectorlds.com
ffatric1.com
mc.yandex.com
mc.yandex.ru
region1.google-analytics.com
script.hotjar.com
shorturl.at
static.hotjar.com
vc.hotjar.io
www.googletagmanager.com
www.shorturl.at
104.26.9.129
13.32.27.54
142.250.184.194
142.250.186.98
151.101.130.137
172.217.16.200
172.217.18.6
18.66.97.49
190.115.24.78
198.55.106.36
216.239.34.36
3.120.230.228
3.160.212.84
44.229.210.160
69.172.200.185
87.250.251.119
0525ae40435a1d9d4719e9e7d4e03be4702df1c2e97c5ff1f29908da31c991fa
05976cc7c686a8e30c1679efad2190f00a240841c2f5003a64156a6890552215
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0ce11f4418c2e8904ceae909dd329ac04923a23a7e1f0e1375c13d5902155e66
18648125f49f75d41fb7e0a5a8799ef094d6c3912e6562b54cf571764b884d0c
1a346f2afd5296905dcf2944ba2d489d8583faf887ef0acc30e71da644b55102
36ed3901629972772e50b03779b37be773775a926b1262e111d979f8440d418e
3b25aa6f5dbaa6f7f54bd609eeee7bc29b71c496d29effe1f05cc28c0e09eac0
3e3bc361fb625b129336e0c374822281455cf03ddeac8a68f87b2d3d15d8b943
3e80b36f337d3f8aa02e2d2ad14d7d5bf52a63ed51293f776cd553921dbaaaed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bdaa2d2fac01a05dee8737ec7b70ad184651961d3a3998c1efa7cf147ae1ba1
5d1423c958ca2ecfe2815bc663132b6e6c4680da56922e072940872f864e12a7
649beb3470e4794e7b986e480ec236507d6339cff202c3ea6925ba151c88b1f5
66513c2c9cbc3956d30e52834191f907f908d5110b871d6504e7e683ce8eabee
697944b9376492b4a2bb527040bc1687fc3032be50f453217dbc340e622fe3cb
78b6bf8253596dd9ce92b988920735a6a0a6f9ed917d00766e2a6ca5469a0e45
7ad898a53be8160240496f802ce90bdf62709fdfdabd2f2f4d9b5e80c0a2d1e1
82c0074b622afc9edf73ff3abe82bde8dc45b749a40e844f1c19473b40117506
92ffadf792ea89aedeac3d59913333fbc12b3705fe6d92d8a2d1768ed6db0e85
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a6bef65d01d51ecbdf84a077bfbff74f6e2b5e94560b0867aaa593349d5e052d
a6f801bf0f497d550f9c10fb1e13356718b91ca165c4b8b3ee7dd2275fd69d7e
b227e096036034c102b0fcc0e587a782c25dcc155b1e2dce9e6dc71cfdabb4b7
b3510b59711babb6cb36bd68ef389e1fa735531dada8496802621c2f64170f46
b5531100cf20a4b3ed57c6ca16a0e47889238ff2b7abca819f8d40fdaadb533f
bd38ab3cd19028c911bfa25af668af57e4f6b0f785e77edbac355ee89315b26f
ca39d19c8cfadca946560a3bdf8625a99ef6e6f58aecde721ab7d4552f0b2a56
d8f21f83a45dc9877acb2aee096a156ecd2b3e98b209a1229634b3cfd03a2c3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f28a6f8db0c9b13174ff70ca7ccb6f88c3bc30a36a7861a35f2985ce71e03cef
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fca3eb53c5ed22817c3cc1a116facfe9c80f06aa908823cd9028bdf7f8f11fd7
fe5ff5f484e03e3d9d53f75675d52370708aed4c817eeefe32357bb6b2c6bcd8