www.spotifypremiumgratis.tusgamings.com Open in urlscan Pro
64.37.62.231  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.spotifypremiumgratis.tusgamings.com/	14 KB 4 KB	508ms 125ms	Document text/html	64.37.62.231 HostDime.com
General Check archive.org Show headers Download Go to Full URL https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.37.62.231 Orlando, United States, ASN33182 (DIMENOC - HostDime.com, Inc., US), Reverse DNS single-4650.banahosting.com Software / Resource Hash d2f8d207b670d686e245d267cf29d757d4825afb98394dda9e294001b5d2301a Request headers :method GET :authority www.spotifypremiumgratis.tusgamings.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 content-type text/html last-modified Wed, 30 Nov 2016 02:51:22 GMT accept-ranges bytes content-encoding br vary Accept-Encoding content-length 4169 date Tue, 17 Sep 2019 04:06:50 GMT alt-svc quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
GET H2	200	script_include.php Show response bearmobiles.com/	28 KB 7 KB	341ms 275ms	Script text/javascript	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bearmobiles.com/script_include.php?id=527418 Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 04fae32a0ccc37195fc51351847b68c1b293477d553d0ab8bd75aad14941a6e6 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 17 Sep 2019 04:06:51 GMT content-encoding br server cloudflare cf-ray 517835bd085659be-VIE expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript
GET H/1.1	200 OK	r5Qpqxg.jpg i.imgur.com/	200 KB 200 KB	188ms 182ms	Image image/jpeg	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/r5Qpqxg.jpg Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 3b60bae28e2ade405dcd472a1f77d104604a6000beb947149b768e43e55a4f40 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:51 GMT Age 0 X-Cache MISS, MISS x-amz-storage-class STANDARD_IA Connection keep-alive Content-Length 204442 X-Served-By cache-bwi5136-BWI, cache-hhn4052-HHN Last-Modified Wed, 10 Sep 2014 13:20:37 GMT Server cat factory 1.0 X-Timer S1568693212.624547,VS0,VE175 ETag "e455bd53b53680762173746e32bf987e" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H/1.1	200 OK	93IujlY.png i.imgur.com/	5 KB 6 KB	142ms 136ms	Image image/png	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/93IujlY.png Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 66794c90636e48fc31a5f6a070ddae5b95c5c03e89bad96faf941bc3c8f00e89 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:51 GMT Age 0 X-Cache MISS, MISS Connection keep-alive Content-Length 5602 X-Served-By cache-bwi5144-BWI, cache-hhn4081-HHN Last-Modified Wed, 10 Sep 2014 13:19:00 GMT Server cat factory 1.0 X-Timer S1568693212.624729,VS0,VE129 ETag "c8da69504907e72b5f6a826155b44e70" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H/1.1	200 OK	eXU7XKk.jpg i.imgur.com/	23 KB 23 KB	139ms 139ms	Image image/jpeg	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/eXU7XKk.jpg Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash ffaa8682208dc9cf3636afea696ddb9508809b228e1d6c794434a42e58698a60 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:51 GMT Age 0 X-Cache MISS, MISS Connection keep-alive Content-Length 23254 X-Served-By cache-bwi5144-BWI, cache-hhn4081-HHN Last-Modified Wed, 08 Jun 2016 03:17:47 GMT Server cat factory 1.0 X-Timer S1568693212.760775,VS0,VE133 ETag "5f853f073a3578f6cf908363ffd5bad7" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H/1.1	200 OK	ePC34dI.jpg i.imgur.com/	23 KB 23 KB	127ms 127ms	Image image/jpeg	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/ePC34dI.jpg Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 5b4b35742625e8a2e2a1ba31e2439d0010c7dbcc508e61cd4736bb306d580926 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:51 GMT Age 0 X-Cache MISS, MISS Connection keep-alive Content-Length 23381 X-Served-By cache-bwi5151-BWI, cache-hhn4052-HHN Last-Modified Wed, 08 Jun 2016 03:17:51 GMT Server cat factory 1.0 X-Timer S1568693212.828433,VS0,VE120 ETag "5dcf231484921f22f6629388a1759682" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H/1.1	200 OK	epxLvxL.jpg i.imgur.com/	21 KB 21 KB	158ms 158ms	Image image/jpeg	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/epxLvxL.jpg Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash c34bf1df60f47ea21e1431f5c4e0e108d770e7c8b8c3278dac687e65f1bf73c6 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:52 GMT Age 0 X-Cache MISS, MISS Connection keep-alive Content-Length 21124 X-Served-By cache-bwi5124-BWI, cache-hhn4081-HHN Last-Modified Wed, 10 Sep 2014 13:24:39 GMT Server cat factory 1.0 X-Timer S1568693212.906258,VS0,VE151 ETag "e07f44956773037cac2b974c07c4a82c" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H/1.1	200 OK	YcCduHW.png i.imgur.com/	3 KB 3 KB	8ms 7ms	Image image/png	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/YcCduHW.png Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash af001ded128b89bc1189dc4f2b2fb0c586e9396b4a6430f171df0726ccd070fb Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:51 GMT Age 3420457 X-Cache HIT, HIT Connection keep-alive Content-Length 2866 X-Served-By cache-bwi5125-BWI, cache-hhn4052-HHN Last-Modified Tue, 08 Jul 2014 23:21:19 GMT Server cat factory 1.0 X-Timer S1568693212.956942,VS0,VE0 ETag "5622c4c65ed072a6221d550a6ba07838" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 1, 1
GET H/1.1	200 OK	eKbKlWx.png i.imgur.com/	36 KB 37 KB	133ms 132ms	Image image/png	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/eKbKlWx.png Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash dc91276f53bc684b39963c11eb86a209e15f6cb8a534ce17aeea542f3db4b950 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:52 GMT Age 0 X-Cache MISS, MISS Connection keep-alive Content-Length 37320 X-Served-By cache-bwi5138-BWI, cache-hhn4052-HHN Last-Modified Wed, 08 Jun 2016 03:17:58 GMT Server cat factory 1.0 X-Timer S1568693212.965072,VS0,VE126 ETag "b5fd2fc6a4861515be7990a36f095f48" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H/1.1	200 OK	VWuJL2G.png i.imgur.com/	6 KB 6 KB	161ms 159ms	Image image/png	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/VWuJL2G.png Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 83728089021040ebe0f411c6ef169d8fc8e7d4846d07de7cccf8ad39d6f45627 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:52 GMT Age 0 X-Cache MISS, MISS Connection keep-alive Content-Length 5832 X-Served-By cache-bwi5122-BWI, cache-hhn4081-HHN Last-Modified Wed, 08 Jun 2016 03:17:54 GMT Server cat factory 1.0 X-Timer S1568693212.065919,VS0,VE153 ETag "6b26602b70e5bb81d782c4f8c2900d06" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H/1.1	200 OK	QNDGOyA.png i.imgur.com/	5 KB 5 KB	134ms 127ms	Image image/png	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/QNDGOyA.png Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 58dbbeaaaed5135a1b1567b48e9ede78d7179d847999d34919d7b6a03c5eccdf Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:52 GMT Age 0 X-Cache MISS, MISS Connection keep-alive Content-Length 5109 X-Served-By cache-bwi5121-BWI, cache-hhn4072-HHN Last-Modified Wed, 10 Sep 2014 13:19:02 GMT Server cat factory 1.0 X-Timer S1568693212.071287,VS0,VE121 ETag "7fae8639fbdf2c3ba50182283e738679" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H/1.1	200 OK	ToO8KSW.png i.imgur.com/	56 KB 56 KB	131ms 125ms	Image image/png	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/ToO8KSW.png Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash c058510cf4f0bd157020f6afa67546cabdf120c26080a5cc2b0cf3fa85ecd68a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:52 GMT Age 0 X-Cache MISS, MISS Connection keep-alive Content-Length 57252 X-Served-By cache-bwi5144-BWI, cache-hhn4066-HHN Last-Modified Wed, 10 Sep 2014 13:20:13 GMT Server cat factory 1.0 X-Timer S1568693212.071369,VS0,VE118 ETag "dcbad3ffbababedf102fcf49d9ca4a17" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H2	200	giphy.gif media.giphy.com/media/WyPrNKGaHnKBq/	205 B 409 B	11ms 8ms	Image image/gif	151.101.114.2 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://media.giphy.com/media/WyPrNKGaHnKBq/giphy.gif Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 061ea268189a4261114c80cc76f11edf4d3058a1f6c31a68c28afb60e353c0e2 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Sep 2019 04:06:52 GMT via 1.1 varnish, 1.1 varnish last-modified Fri, 26 Jul 2019 06:57:05 GMT age 1496710 etag "d20c6d6f04678e4135eef390bef32937" x-served-by cache-bwi5142-BWI, cache-hhn4030-HHN status 200 x-cache HIT, HIT content-type image/gif access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-timer S1568693212.067838,VS0,VE1 content-length 205 x-cache-hits 1, 1
GET H2	200	preload.php Show response bearmobiles.com/common/	927 B 569 B	259ms 257ms	Script application/javascript	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bearmobiles.com/common/preload.php?t=1568693211&dat=69696a414141416d6f6a416d6a6f717168416d706d416970416a68686a684169696d6f411f41412632322e3172676735353566312e2d322724372e30232b27332b25301f32273166323331251f2b272c253166212d2b67416a6868 Requested by Host: bearmobiles.com URL: https://bearmobiles.com/script_include.php?id=527418 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 327f78fcf734ccb4cd38c204c466949fa50c2a6da0d3b41d6c19f49b74d70528 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Sep 2019 04:06:52 GMT content-encoding br server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 1000 access-control-allow-methods POST, GET, OPTIONS content-type application/javascript access-control-allow-origin cf-ray 517835bf697059be-VIE access-control-allow-headers Content-Type
GET H2	200	scriptcss.php bearmobiles.com/common/boxes/plain/	2 KB 769 B	229ms 227ms	Stylesheet text/css	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bearmobiles.com/common/boxes/plain/scriptcss.php?l=g06ssvr8y0&s=uev3cft Requested by Host: bearmobiles.com URL: https://bearmobiles.com/script_include.php?id=527418 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 575efd1a80343eddb592e0e3c58ec952c8e9f73045f6f851ee8ef73af8b974f3 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 17 Sep 2019 04:06:52 GMT content-encoding br server cloudflare cf-ray 517835bf696d59be-VIE expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css
GET H2	200	ie_functions.js Show response bearmobiles.com/common/	4 KB 1 KB	229ms 227ms	Script text/javascript	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bearmobiles.com/common/ie_functions.js Requested by Host: bearmobiles.com URL: https://bearmobiles.com/script_include.php?id=527418 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash be4d7c12f9e05aff0d4b1050019d8d08ac408a5b42d92b218f7385458b80398f Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 17 Sep 2019 04:06:52 GMT content-encoding br cf-cache-status MISS last-modified Tue, 17 Sep 2019 00:28:54 GMT server cloudflare etag W/"36026c-e94-592b4ce2d82f9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=14400 cf-ray 517835bf696e59be-VIE expires Tue, 17 Sep 2019 08:06:52 GMT
GET H2	400	css fonts.googleapis.com/	0 0	18ms 16ms	Stylesheet text/html	2a00:1450:4001:81a::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed Requested by Host: bearmobiles.com URL: https://bearmobiles.com/script_include.php?id=527418 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	back.png bearmobiles.com/common/	4 KB 4 KB	239ms 237ms	Image image/png	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bearmobiles.com/common/back.png Requested by Host: bearmobiles.com URL: https://bearmobiles.com/script_include.php?id=527418 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 9c10b464a02589dd3755b4992a91e6a7a47d1bae064e0f53f100ca38cf6d82a4 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Sep 2019 04:06:52 GMT cf-cache-status MISS last-modified Tue, 17 Sep 2019 00:28:54 GMT server cloudflare etag "360e25-10f6-592b4ce2d82f9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 517835bf697159be-VIE content-length 4342 expires Tue, 17 Sep 2019 08:06:52 GMT
GET H2	200	search.gif bearmobiles.com/common/	11 KB 11 KB	234ms 233ms	Image image/gif	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bearmobiles.com/common/search.gif Requested by Host: bearmobiles.com URL: https://bearmobiles.com/script_include.php?id=527418 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 76d63eff8a8983a8ce578f4dd2610ec07c4a6aa7ccab3edba5aba5bb4ff441cd Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Sep 2019 04:06:52 GMT cf-cache-status MISS last-modified Tue, 17 Sep 2019 00:28:54 GMT server cloudflare etag "360374-2b43-592b4ce2d8eb1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 517835bf697259be-VIE content-length 11075 expires Tue, 17 Sep 2019 08:06:52 GMT
GET H2	200	spinner.gif bearmobiles.com/assets/images/	664 B 748 B	235ms 234ms	Image image/gif	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://bearmobiles.com/assets/images/spinner.gif Requested by Host: bearmobiles.com URL: https://bearmobiles.com/script_include.php?id=527418 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0a31c6c106edae3d89a940cb914b821edea7ae2d4d1000ba513f4c8a3e1be21d Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Sep 2019 04:06:52 GMT cf-cache-status MISS last-modified Tue, 17 Sep 2019 00:28:54 GMT server cloudflare etag "360dd0-298-592b4ce2bc98d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 517835bf697359be-VIE content-length 664 expires Tue, 17 Sep 2019 08:06:52 GMT
GET H/1.1	200 OK	hfb0AL6.jpg i.imgur.com/	147 KB 148 KB	209ms 204ms	Image image/jpeg	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/hfb0AL6.jpg Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 3fbde2b493ea033c44c72614773ea175ab40893f01eaccf31c0568268bb2541f Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:52 GMT Age 0 X-Cache MISS, MISS x-amz-storage-class STANDARD_IA Connection keep-alive Content-Length 150957 X-Served-By cache-bwi5148-BWI, cache-hhn4082-HHN Last-Modified Wed, 10 Sep 2014 13:18:39 GMT Server cat factory 1.0 X-Timer S1568693212.071703,VS0,VE197 ETag "8f3ba8092cad5479c39b92aea1a662cc" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 0, 0
GET H2	400	css fonts.googleapis.com/	0 0	16ms 15ms	Stylesheet text/html	2a00:1450:4001:81a::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.2/	93 KB 33 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81e::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 30 Aug 2019 10:43:40 GMT content-encoding gzip x-content-type-options nosniff age 1531392 status 200 alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 33845 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Aug 2020 10:43:40 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.8.19/	198 KB 51 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81e::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.19/jquery-ui.min.js Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 82476fa2d1bb366936df648fc59ffcad435d90adbde4c5b5d8c8b9b01a91f29b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 29 Aug 2019 02:56:28 GMT content-encoding gzip x-content-type-options nosniff age 1645824 status 200 alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 51929 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 28 Aug 2020 02:56:28 GMT
GET H2	200	0fZBqV_yMq4 www.youtube.com/embed/ Frame EB96	0 0	68ms 67ms	Document text/html	2a00:1450:4001:819::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/0fZBqV_yMq4 Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/0fZBqV_yMq4 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://www.spotifypremiumgratis.tusgamings.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://www.spotifypremiumgratis.tusgamings.com/ Response headers status 200 content-encoding br content-type text/html; charset=utf-8 cache-control no-cache expires Tue, 27 Apr 1971 19:44:06 EST strict-transport-security max-age=31536000 x-content-type-options nosniff p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." date Tue, 17 Sep 2019 04:06:52 GMT server YouTube Frontend Proxy x-xss-protection 0 set-cookie VISITOR_INFO1_LIVE=yGO5hXlMZUg; path=/; domain=.youtube.com; expires=Sun, 15-Mar-2020 04:06:52 GMT; httponly VISITOR_INFO1_LIVE=yGO5hXlMZUg; path=/; domain=.youtube.com; expires=Sun, 15-Mar-2020 04:06:52 GMT; httponly YSC=O5D1d87TUm8; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sun, 17-May-2020 15:59:52 GMT GPS=1; path=/; domain=.youtube.com; expires=Tue, 17-Sep-2019 04:36:52 GMT alt-svc quic=":443"; ma=2592000; v="46,43,39"
GET H2	200	jquery.thetool_tip.js Show response bearmobiles.com/common/js/	7 KB 2 KB	226ms 225ms	Script text/javascript	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bearmobiles.com/common/js/jquery.thetool_tip.js Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 67da4c69345a785a5292e752c98ad0fe51672a77e893e34934966c7bd43c1e16 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Sep 2019 04:06:52 GMT content-encoding br cf-cache-status MISS last-modified Tue, 17 Sep 2019 00:28:54 GMT server cloudflare etag W/"3805af-1db2-592b4ce2e658b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=14400 cf-ray 517835c13a3359be-VIE expires Tue, 17 Sep 2019 08:06:52 GMT
GET H2	200	scriptjs.php Show response bearmobiles.com/common/	9 KB 4 KB	231ms 228ms	Script text/javascript	2606:4700:20::6819:251c Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bearmobiles.com/common/scriptjs.php?l=g06ssvr8y0&s=uev3cft Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:251c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 5c3f69fe492db8ed6d5746267ae22c6773411541af9104aa3649c5b94c4492e2 Request headers Sec-Fetch-Mode no-cors Referer https://www.spotifypremiumgratis.tusgamings.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 17 Sep 2019 04:06:52 GMT content-encoding br server cloudflare cf-ray 517835c2babe59be-VIE expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript
GET H/1.1	200 OK	ER7XqkS.png i.imgur.com/	40 KB 41 KB	97ms 96ms	Image image/png	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/ER7XqkS.png Requested by Host: www.spotifypremiumgratis.tusgamings.com URL: https://www.spotifypremiumgratis.tusgamings.com/ Protocol HTTP/1.1 Security , , Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 400d23f3f20188f3c412586ea62d0aa844528e079dc0012634cf7c33273a6e42 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 17 Sep 2019 04:06:52 GMT Age 753517 X-Cache HIT, MISS Connection keep-alive Content-Length 41307 X-Served-By cache-bwi5137-BWI, cache-hhn4082-HHN Last-Modified Wed, 25 May 2016 08:03:59 GMT Server cat factory 1.0 X-Timer S1568693213.827413,VS0,VE90 ETag "2ea41fb92304a56d500c41a433d29ce2" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 1, 0

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| gift1 string| gift2 string| gift3 string| gift_given function| data function| randomString number| prg_width function| progress1 function| mark1 function| mark2 function| mark3 function| OnMouseIn function| OnMouseOut boolean| lck boolean| is_loaded boolean| isloaded string| doc_ref number| main_min number| main_max number| a number| b number| c number| d number| e number| f string| g string| h string| p string| encoded string| decoded string| tracking_id string| preloader_tag string| preloader_js_url function| hex_encode function| hex_decode number| min number| max function| do_ie_replaces9 function| do_ie_replaces boolean| bypass object| js object| html_doc string| ref function| call1 function| call2 function| call3 function| call4 boolean| process_click boolean| has_been_init boolean| do_refire boolean| dblchk boolean| jquery_loaded function| call5 undefined| extra1 function| call_locker function| do_dblchk function| fix_iframe_embed function| g06ssvr8y0_forceclose function| g06ssvr8y0_completed undefined| timed_function function| Start_Ajax function| Back_Ajax function| check_lead boolean| deferInlineUpdate object| deferredData function| update_inline_html function| $ function| jQuery boolean| exit_ready function| load_slidepage function| informUpdate boolean| preloaded object| preload_data function| DP_jQuery_1568693212338 object| theBody function| disablelinksfunc

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1970-01-19 09:35:31	Name: PREF Value: f1=50000000
			.youtube.com/	1970-01-19 03:44:55	Name: GPS Value: 1
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: O5D1d87TUm8
			.youtube.com/	1970-01-19 08:04:05	Name: VISITOR_INFO1_LIVE Value: yGO5hXlMZUg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bearmobiles.com
fonts.googleapis.com
i.imgur.com
media.giphy.com
www.spotifypremiumgratis.tusgamings.com
www.youtube.com
151.101.112.193
151.101.114.2
2606:4700:20::6819:251c
2a00:1450:4001:819::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:81e::200a
64.37.62.231
04fae32a0ccc37195fc51351847b68c1b293477d553d0ab8bd75aad14941a6e6
061ea268189a4261114c80cc76f11edf4d3058a1f6c31a68c28afb60e353c0e2
0a31c6c106edae3d89a940cb914b821edea7ae2d4d1000ba513f4c8a3e1be21d
327f78fcf734ccb4cd38c204c466949fa50c2a6da0d3b41d6c19f49b74d70528
3b60bae28e2ade405dcd472a1f77d104604a6000beb947149b768e43e55a4f40
3fbde2b493ea033c44c72614773ea175ab40893f01eaccf31c0568268bb2541f
400d23f3f20188f3c412586ea62d0aa844528e079dc0012634cf7c33273a6e42
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
575efd1a80343eddb592e0e3c58ec952c8e9f73045f6f851ee8ef73af8b974f3
58dbbeaaaed5135a1b1567b48e9ede78d7179d847999d34919d7b6a03c5eccdf
5b4b35742625e8a2e2a1ba31e2439d0010c7dbcc508e61cd4736bb306d580926
5c3f69fe492db8ed6d5746267ae22c6773411541af9104aa3649c5b94c4492e2
66794c90636e48fc31a5f6a070ddae5b95c5c03e89bad96faf941bc3c8f00e89
67da4c69345a785a5292e752c98ad0fe51672a77e893e34934966c7bd43c1e16
76d63eff8a8983a8ce578f4dd2610ec07c4a6aa7ccab3edba5aba5bb4ff441cd
82476fa2d1bb366936df648fc59ffcad435d90adbde4c5b5d8c8b9b01a91f29b
83728089021040ebe0f411c6ef169d8fc8e7d4846d07de7cccf8ad39d6f45627
9c10b464a02589dd3755b4992a91e6a7a47d1bae064e0f53f100ca38cf6d82a4
af001ded128b89bc1189dc4f2b2fb0c586e9396b4a6430f171df0726ccd070fb
be4d7c12f9e05aff0d4b1050019d8d08ac408a5b42d92b218f7385458b80398f
c058510cf4f0bd157020f6afa67546cabdf120c26080a5cc2b0cf3fa85ecd68a
c34bf1df60f47ea21e1431f5c4e0e108d770e7c8b8c3278dac687e65f1bf73c6
d2f8d207b670d686e245d267cf29d757d4825afb98394dda9e294001b5d2301a
dc91276f53bc684b39963c11eb86a209e15f6cb8a534ce17aeea542f3db4b950
ffaa8682208dc9cf3636afea696ddb9508809b228e1d6c794434a42e58698a60