urlscan.io logo urlscan.io
SecurityTrails logo

www.localsfling.com Open in urlscan Pro
35.203.113.247  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1710277539904.evenkiignore.com/
Effective URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jc...
Submission: On March 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 13 domains to perform 24 HTTP transactions. The main IP is 35.203.113.247, located in Montreal, Canada and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.localsfling.com.
TLS certificate: Issued by R3 on January 25th 2024. Valid for: 3 months.
This is the only time www.localsfling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 172.104.190.11 63949 (AKAMAI-LI...)
1 2 51.68.85.158 16276 (OVH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 94.237.92.107 202053 (UPCLOUD)
1 1 35.175.40.116 14618 (AMAZON-AES)
17 35.203.113.247 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 172.67.157.217 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
24 6
3    172.104.190.11 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-190-11.ip.linodeusercontent.com
1710277539904.evenkiignore.com
1710371849538.caulaai.com
1710371850100.fanpoprein.info
2    51.68.85.158 (France)

ASN16276 (OVH, FR)
www.haguhamitopsol.top
1    2606:4700:3037::ac43:8a5a (United States)

ASN13335 (CLOUDFLARENET, US)
www.sistematictrim.com
2    94.237.92.107 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-92-107.de-fra1.upcloud.host
1d7411ffa0d.fitnessfinessezone.com
1d741ac5b8d.blueair.pro
1    35.175.40.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-40-116.compute-1.amazonaws.com
ge.getrck.com
17    35.203.113.247 (Montreal, Canada)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.113.203.35.bc.googleusercontent.com
www.localsfling.com
2    2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:e6::ac40:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    172.67.157.217 (United States)

ASN13335 (CLOUDFLARENET, US)
notifybrowser.com
1    2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
17 www.localsfling.com www.haguhamitopsol.top
www.localsfling.com
2 use.fontawesome.com www.localsfling.com
use.fontawesome.com
2 fonts.googleapis.com www.localsfling.com
2 www.haguhamitopsol.top 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 notifybrowser.com www.localsfling.com
1 ge.getrck.com 1 redirects
1 1d741ac5b8d.blueair.pro 1 redirects
1 1d7411ffa0d.fitnessfinessezone.com 1 redirects
1 www.sistematictrim.com 1 redirects
1 1710371850100.fanpoprein.info 1 redirects
1 1710371849538.caulaai.com 1 redirects
1 1710277539904.evenkiignore.com 1 redirects
24 13

This site contains no links.

Subject Issuer Validity Valid
www.haguhamitopsol.top
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
localsfling.com
R3		 2024-01-25 -
2024-04-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
notifybrowser.com
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Frame ID: 19DF98E166F0A908FB845B046E3BF54A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LocalsFling- Locals Fling is a Sure Thing!

Page URL History Show full URLs

  1. http://1710277539904.evenkiignore.com/ HTTP 302
    http://1710371849538.caulaai.com/28370e30-01c9-4140-81f3-3a92ad2a5b10?n=1&t=1710371849538&l_next=aHR0cHM6Ly93... HTTP 302
    http://1710371850100.fanpoprein.info/eb5438d0-bf18-4a8c-afba-4f939fbeef0a?n=2&t=1710371849538&l_next=aHR0cHM6Ly93... HTTP 302
    https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag= Page URL
  2. https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=&eyeg=6e18521441b1177deac1e5... HTTP 302
    https://www.sistematictrim.com/click?offer_id=29784&pub_id=207471&pub_sub_sub_id=2&unique1=5757540-11d12&ap... HTTP 302
    https://1d7411ffa0d.fitnessfinessezone.com/?p=1086&plid=62&plid_hmac=bbf87c33e873634349a85b814f24fdee&wid=143860&wid_hm... HTTP 302
    https://1d741ac5b8d.blueair.pro/?p=1086&wid=143860&wid_hmac=4035494c16157e5b4aa4f253b3557fc8&click_id=BHUiMX... HTTP 302
    https://ge.getrck.com/tiny/GGnqw?_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086 HTTP 302
    https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

24
Requests

100 %
HTTPS

40 %
IPv6

13
Domains

13
Subdomains

6
IPs

5
Countries

287 kB
Transfer

717 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1710277539904.evenkiignore.com/ HTTP 302
    http://1710371849538.caulaai.com/28370e30-01c9-4140-81f3-3a92ad2a5b10?n=1&t=1710371849538&l_next=aHR0cHM6Ly93d3cuaGFndWhhbWl0b3Bzb2wudG9wLz9zbD01NzU3NTQwLTExZDEyJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
    http://1710371850100.fanpoprein.info/eb5438d0-bf18-4a8c-afba-4f939fbeef0a?n=2&t=1710371849538&l_next=aHR0cHM6Ly93d3cuaGFndWhhbWl0b3Bzb2wudG9wLz9zbD01NzU3NTQwLTExZDEyJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
    https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag= Page URL
  2. https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=&eyeg=6e18521441b1177deac1e5b174e9df6a&eyer=0.9862329750669601&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://www.sistematictrim.com/click?offer_id=29784&pub_id=207471&pub_sub_sub_id=2&unique1=5757540-11d12&app=opt&app_store_id=ncd&unique2=Track1&unique3=Track2 HTTP 302
    https://1d7411ffa0d.fitnessfinessezone.com/?p=1086&plid=62&plid_hmac=bbf87c33e873634349a85b814f24fdee&wid=143860&wid_hmac=4035494c16157e5b4aa4f253b3557fc8&click_id=BHUiMXgAAAGOOhtOSQAAdFgAAypvAAAAAAAAAAAU HTTP 302
    https://1d741ac5b8d.blueair.pro/?p=1086&wid=143860&wid_hmac=4035494c16157e5b4aa4f253b3557fc8&click_id=BHUiMXgAAAGOOhtOSQAAdFgAAypvAAAAAAAAAAAU&media_type=adult&co=1&noback=1 HTTP 302
    https://ge.getrck.com/tiny/GGnqw?_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086 HTTP 302
    https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://1710277539904.evenkiignore.com/ HTTP 302
  • http://1710371849538.caulaai.com/28370e30-01c9-4140-81f3-3a92ad2a5b10?n=1&t=1710371849538&l_next=aHR0cHM6Ly93d3cuaGFndWhhbWl0b3Bzb2wudG9wLz9zbD01NzU3NTQwLTExZDEyJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
  • http://1710371850100.fanpoprein.info/eb5438d0-bf18-4a8c-afba-4f939fbeef0a?n=2&t=1710371849538&l_next=aHR0cHM6Ly93d3cuaGFndWhhbWl0b3Bzb2wudG9wLz9zbD01NzU3NTQwLTExZDEyJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
  • https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.haguhamitopsol.top/
Redirect Chain
  • http://1710277539904.evenkiignore.com/
  • http://1710371849538.caulaai.com/28370e30-01c9-4140-81f3-3a92ad2a5b10?n=1&t=1710371849538&l_next=aHR0cHM6Ly93d3cuaGFndWhhbWl0b3Bzb2wudG9wLz9zbD01NzU3NTQwLTExZDEyJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazIm...
  • http://1710371850100.fanpoprein.info/eb5438d0-bf18-4a8c-afba-4f939fbeef0a?n=2&t=1710371849538&l_next=aHR0cHM6Ly93d3cuaGFndWhhbWl0b3Bzb2wudG9wLz9zbD01NzU3NTQwLTExZDEyJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFj...
  • https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Wed, 13 Mar 2024 23:17:31 GMT
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
226
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Mar 2024 23:17:30 GMT
Keep-Alive
timeout=5
Location
https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=
Vary
Accept
X-Powered-By
Express
Primary Request /
www.localsfling.com/
Redirect Chain
  • https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=&eyeg=6e18521441b1177deac1e5b174e9df6a&eyer=0.9862329750669601&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://www.sistematictrim.com/click?offer_id=29784&pub_id=207471&pub_sub_sub_id=2&unique1=5757540-11d12&app=opt&app_store_id=ncd&unique2=Track1&unique3=Track2
  • https://1d7411ffa0d.fitnessfinessezone.com/?p=1086&plid=62&plid_hmac=bbf87c33e873634349a85b814f24fdee&wid=143860&wid_hmac=4035494c16157e5b4aa4f253b3557fc8&click_id=BHUiMXgAAAGOOhtOSQAAdFgAAypvAAAAA...
  • https://1d741ac5b8d.blueair.pro/?p=1086&wid=143860&wid_hmac=4035494c16157e5b4aa4f253b3557fc8&click_id=BHUiMXgAAAGOOhtOSQAAdFgAAypvAAAAAAAAAAAU&media_type=adult&co=1&noback=1
  • https://ge.getrck.com/tiny/GGnqw?_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086
  • https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNT...
94 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Requested by
Host: www.haguhamitopsol.top
URL: https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf09da7e6d3caa624e1f86434d870f9ca9a5c6aa5572a3f2bcbbf877b8fc35c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.haguhamitopsol.top/?sl=5757540-11d12&data1=Track1&data2=Track2&tag=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 23:17:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-asset-type
dynamic
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 23:17:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
pragma
no-cache
server
Apache/2.4.41 (Ubuntu)
jquery-ui.css
www.localsfling.com/css/jquery/ 		35 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/css/jquery/jquery-ui.css
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
79b7db1429438b43cfb569027486426b27161f92bb7b1b639cbfed0fda098e56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:38:05 GMT
server
nginx
x-asset-type
static
etag
W/"65ef4f8d-8d1b"
content-type
text/css
access-control-allow-origin
*
cache-tag
css
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
css2
fonts.googleapis.com/ 		2 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@400;700&display=swap
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b16a2a13d4ab55ef39042b40c65f72ecd15aa828cdfbad45949d262685a323cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 22:58:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Mar 2024 23:17:34 GMT
css2
fonts.googleapis.com/ 		2 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 22:02:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Mar 2024 23:17:34 GMT
all.css
use.fontawesome.com/releases/v5.4.1/css/ 		49 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.4.1/css/all.css
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
19035
etag
W/"beb60a9475685e87a9738a7306591e69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHkbbzjwnYEJUqTpdP0ZPjXBCtF1QpdK1BO9M0Gu01Pj6qY3KKjy5X8ivBxqawlIGWP3%2BosGPwqEFpg6g1tgdSpGvVwmfkTJKjutTI68a3aLN98dz9dQVkc25bVR5KewF5kGkBu2Z691woz1OVUvfspu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
863fbcfa3d0b4328-EWR
alt-svc
h3=":443"; ma=86400
jquery.min.js
www.localsfling.com/js/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/jquery.min.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:40:38 GMT
server
nginx
x-asset-type
static
etag
W/"65ef5026-15d9d"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
jquery-ui.min.js
www.localsfling.com/js/ 		249 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/jquery-ui.min.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
35a7406dc0d84ee2ed457f21927a47b1044e3961abd40a5b74cf778e68b5d1cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:39:26 GMT
server
nginx
x-asset-type
static
etag
W/"65ef4fde-3e466"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
jquery.emailverifyservice.js
www.localsfling.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/jquery.emailverifyservice.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
40dcf17934282f7d2f98d24114da272b30945e105b2c3d5bd60f2f2212383df6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:39:53 GMT
server
nginx
x-asset-type
static
etag
W/"65ef4ff9-a8f"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
jquery.usernameverifyservice.js
www.localsfling.com/js/ 		1 KB
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/jquery.usernameverifyservice.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
16937354ca082d8180cf2fe27991ec6fea4070c1b0630a39951a8cf9734772c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:41:00 GMT
server
nginx
x-asset-type
static
etag
W/"65ef503c-52c"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
jquery.formValidation.js
www.localsfling.com/js/join/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/join/jquery.formValidation.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
00fedc2be4b75ffff76a05edc22cc54780e8a0e0fec9ee836d399850a2c3a05b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:38:23 GMT
server
nginx
x-asset-type
static
etag
W/"65ef4f9f-5fae"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
jquery.formValidation.js
www.localsfling.com/js/join/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/join/jquery.formValidation.js?version=659a0f4b8
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
00fedc2be4b75ffff76a05edc22cc54780e8a0e0fec9ee836d399850a2c3a05b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:39:53 GMT
server
nginx
x-asset-type
static
etag
W/"65ef4ff9-5fae"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
lqFormUiWidget.js
www.localsfling.com/js/join/renderers/ 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/join/renderers/lqFormUiWidget.js?version=659a0f4b8
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
04f3a4fe4abde600e15227110adea211e168e85bafc15bc506d88b6b28c0fa3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:41:00 GMT
server
nginx
x-asset-type
static
etag
W/"65ef503c-549"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
jquery.location_list.js
www.localsfling.com/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/jquery.location_list.js?version=659a0f4b8
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4c4b23d8f53f33c936cce8543a03edcef26d274e5120ea537ce1182584a8359d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:40:38 GMT
server
nginx
x-asset-type
static
etag
W/"65ef5026-3297"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
footerLinks.js
www.localsfling.com/js/landing_pages/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/landing_pages/footerLinks.js?version=659a0f4b8
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c3f0d39963e27bd8feb58be07ad25387c17fe20dee330e521349f2c54e3bbb82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:39:26 GMT
server
nginx
x-asset-type
static
etag
W/"65ef4fde-b00"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
webpush.js
notifybrowser.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notifybrowser.com/webpush.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.157.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60314ab75030d1fcc90650df2b166b5b2dc3bb4b06ff100c730b3542c33459ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-asset-type
static
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23656
cf-polished
origSize=3527
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 18:39:57 GMT
server
cloudflare
etag
W/"644c12fd-dc7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9rYqpRAG%2B%2FJiayG2NlWKh6WfZVK1nf%2BdZWM6H61N%2BZ7TwF711hR5cQMAVu7FWm7GZ19lITWWnKbV70syy7%2F2M5IS3U4hxS2oc2DnkAslLaLwlIl4OHK4IhfOzgVcxzkZuTNwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=172800
cf-ray
863fbcfa58ac4366-EWR
expires
Fri, 15 Mar 2024 16:43:18 GMT
push-notifications.js
www.localsfling.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/push-notifications.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b087a626c110fc6f4464702d81d489656344c6a58d2ef428e070a4a9207cdf87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:37:42 GMT
server
nginx
x-asset-type
static
etag
W/"65ef4f76-1375"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
aiCont.js
www.localsfling.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/aiCont.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9b716475281320e50abc248637e0ef1dd8cfa3634ed7b786fc7223465d69d4f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:40:27 GMT
server
nginx
x-asset-type
static
etag
W/"65ef501b-8c7"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
modalBase.js
www.localsfling.com/js/reminders/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/js/reminders/modalBase.js
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0b7e47499591b606f280575c883843ead1ab13b909430c76fd9dc95d80faa011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 18:39:35 GMT
server
nginx
x-asset-type
static
etag
W/"65ef4fe7-3fe9"
content-type
application/javascript
access-control-allow-origin
*
cache-tag
js
cache-control
max-age=172800, public
expires
Fri, 15 Mar 2024 23:17:34 GMT
trans.png
www.localsfling.com/images/whitelabel/68338/mini_icons/ 		130 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.localsfling.com/images/whitelabel/68338/mini_icons/trans.png
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
140ea3365d11e39d5428b3d3094fb36d62fd99fe2a6925cec591003722f32a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 18:44:46 GMT
server
nginx
etag
"65ef511e-82"
content-type
image/png
cache-control
max-age=172800, public
accept-ranges
bytes
content-length
130
expires
Fri, 15 Mar 2024 23:17:34 GMT
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.localsfling.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 09:13:06 GMT
x-content-type-options
nosniff
age
50668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 09:13:06 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.4.1/webfonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.4.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a

Request headers

Referer
https://use.fontawesome.com/releases/v5.4.1/css/all.css
Origin
https://www.localsfling.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:17:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12697
alt-svc
h3=":443"; ma=86400
content-length
72000
last-modified
Fri, 22 Sep 2023 01:45:35 GMT
server
cloudflare
etag
"1dc5b6dd4bf409a6f919be38603f76a0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvTDOFLjKSS9SOIyU5u6gmuXkUVDzeA9H5lhZbZGusOugMN0UDQm3om2tvHTfuJPnEcPErOHws2sJct8hayvlWLomvP3909U8VrpYVKq7JfBB%2FKj%2FElSnEv2PjSeCF6A5PDijC%2F8zQ2PJhGQmTeHKqdi"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
863fbcfd6aa24375-EWR
ajax_location_list.php
www.localsfling.com/includes/ 		74 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/includes/ajax_location_list.php
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a42b8ff14ac65e2e1883e4d70e317ee1adcdae74212ed33ca3a49903134f0782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache, no-cache
date
Wed, 13 Mar 2024 23:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-asset-type
dynamic
server
nginx
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, private, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
notification_modals_track.php
www.localsfling.com/ 		34 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.localsfling.com/notification_modals_track.php
Requested by
Host: www.localsfling.com
URL: https://www.localsfling.com/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.203.113.247 Montreal, Canada, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.113.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b48511786df39f6a5605c70cccfa232f01cbe80ad9a54e21402e3443ebc02410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.localsfling.com/?ainfo=Njc3NzJ8MTY0MzR8Mg==&skin=351&click_id=265f2340d172b17.80290512&xcc=130&_ocid=ltqf8nww3jcvkgoeilogwkw4c,17675764,5,1086&autocamp=1086&ocode=MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 23:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-asset-type
dynamic
server
nginx
content-type
text/html; charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| smartyVar_sessionString string| smartyVar_popContact undefined| $ function| jQuery string| link string| backbutton_skin_redirect string| query_string string| address object| redirect object| current string| separator string| popunder_skin_url string| pu_primary string| pu_secondary string| pu_primary_id function| getQueryParameters function| getQueryObjectToString function| openPop function| popInit function| lqFormUiWidget function| ownKeys function| _objectSpread function| _defineProperty function| _classCallCheck function| _defineProperties function| _createClass function| WebPush function| setCookie function| getAllCookies function| getCookie function| trackEvent function| openActionModal function| getActionModal number| staleLpRedirectTimeout number| staleLpRedirectTimeoutHandle function| staleLpRedirect function| set_display_status

14 Cookies

Domain/Path Name / Value
.1d741ac5b8d.blueair.pro/ Name: rts-trck
Value: 1
.1d741ac5b8d.blueair.pro/ Name: t-uuid
Value: 629c8en4z8fjgko7qfqko4c8o
.1d741ac5b8d.blueair.pro/ Name: traffic-back
Value: ok
ge.getrck.com/ Name: AWSALB
Value: yIs40EcSjrs3tBkZyjjcU0ZUpMAOEN5cbbQVXGVrpc6lpJ06cT4kjey5GS4holkEasqCAeC4YWpncU7yKQ6yBg/EJE1PGm2BF5sPV8EDX86AUWWQDzdj25EPaBRf
ge.getrck.com/ Name: AWSALBCORS
Value: yIs40EcSjrs3tBkZyjjcU0ZUpMAOEN5cbbQVXGVrpc6lpJ06cT4kjey5GS4holkEasqCAeC4YWpncU7yKQ6yBg/EJE1PGm2BF5sPV8EDX86AUWWQDzdj25EPaBRf
ge.getrck.com/ Name: PHPSESSID
Value: mrd77qsljpktnfrt1jlfe0vk1n
.getrck.com/ Name: offerit_unique_595_4911_5117
Value: MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
.getrck.com/ Name: ocode_595_5117
Value: MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
.getrck.com/ Name: ocode_595
Value: MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA
.getrck.com/ Name: offerit_595_5117_cookie
Value: No+Referring+URL
.getrck.com/ Name: offerit_595_5117
Value: MTMwLjEwNjgzLjQ5MTEuNTExNy43LjAuMC4wLjAuMC4wLjA|||265f2340d172b17.80290512
www.localsfling.com/ Name: PHPSESSID
Value: 845f08e13c28b484b6465f32540ea0b3
www.localsfling.com/ Name: mobile
Value: 0
www.localsfling.com/ Name: page_u
Value: 108328966

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1710277539904.evenkiignore.com
1710371849538.caulaai.com
1710371850100.fanpoprein.info
1d7411ffa0d.fitnessfinessezone.com
1d741ac5b8d.blueair.pro
fonts.googleapis.com
fonts.gstatic.com
ge.getrck.com
notifybrowser.com
use.fontawesome.com
www.haguhamitopsol.top
www.localsfling.com
www.sistematictrim.com
172.104.190.11
172.67.157.217
2606:4700:3037::ac43:8a5a
2606:4700:e6::ac40:ce26
2607:f8b0:4006:80b::2003
2607:f8b0:4006:816::200a
35.175.40.116
35.203.113.247
51.68.85.158
94.237.92.107
00fedc2be4b75ffff76a05edc22cc54780e8a0e0fec9ee836d399850a2c3a05b
04f3a4fe4abde600e15227110adea211e168e85bafc15bc506d88b6b28c0fa3e
0b7e47499591b606f280575c883843ead1ab13b909430c76fd9dc95d80faa011
140ea3365d11e39d5428b3d3094fb36d62fd99fe2a6925cec591003722f32a58
16937354ca082d8180cf2fe27991ec6fea4070c1b0630a39951a8cf9734772c8
35a7406dc0d84ee2ed457f21927a47b1044e3961abd40a5b74cf778e68b5d1cd
40dcf17934282f7d2f98d24114da272b30945e105b2c3d5bd60f2f2212383df6
4c4b23d8f53f33c936cce8543a03edcef26d274e5120ea537ce1182584a8359d
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
60314ab75030d1fcc90650df2b166b5b2dc3bb4b06ff100c730b3542c33459ee
79b7db1429438b43cfb569027486426b27161f92bb7b1b639cbfed0fda098e56
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
9b716475281320e50abc248637e0ef1dd8cfa3634ed7b786fc7223465d69d4f9
a42b8ff14ac65e2e1883e4d70e317ee1adcdae74212ed33ca3a49903134f0782
a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a
b087a626c110fc6f4464702d81d489656344c6a58d2ef428e070a4a9207cdf87
b16a2a13d4ab55ef39042b40c65f72ecd15aa828cdfbad45949d262685a323cd
b48511786df39f6a5605c70cccfa232f01cbe80ad9a54e21402e3443ebc02410
c3f0d39963e27bd8feb58be07ad25387c17fe20dee330e521349f2c54e3bbb82
cf09da7e6d3caa624e1f86434d870f9ca9a5c6aa5572a3f2bcbbf877b8fc35c6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e