freesamples.thedimepress.com Open in urlscan Pro
2606:4700:3032::6815:3f45  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response freesamples.thedimepress.com/	22 KB 6 KB	231ms 147ms	Document text/html	2606:4700:3032::6815:3f45 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freesamples.thedimepress.com/?hitid=2384054794&prod=460993&c1=spinprize.thenickelpress.com/spin&c2=PSH_spinprize.thenickelpress.com/spin__PN_O266568__PRFRHVV2_reoccurring_pn&c3=v2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz&cat=PromoFreebieHV&c9=461106&c6=https%3A%2F%2Fspinprize.thenickelpress.com%2Fspin.php&c7=phone_US_PCP_reoccurring_pn&c8=_&c10=&c5=63ceebc1e6406c00120f4120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3f45 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 158003fa77da1c011efbaaecea0eed4ddad2d2ca6309faf5eb6c6a23e3555a8c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 78f99a887fde30d2-FRA content-encoding br content-location https://freesamples.thedimepress.com/ content-type text/html; charset=utf-8 date Thu, 26 Jan 2023 13:30:31 GMT link <https://freesamples.thedimepress.com/>; rel="canonical" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uihZj7nQs2DT4Ay9ygIfWBw%2B%2Bw2WwA4tT4fV6IP7AnSKwUh1FQwRwUAALYZDM5RBs1ZHcebBnMkZURxpoLdBth1Q%2Faq%2BnAlUxvENmeX2zy5dfk7syoAIwJEiejp6CwhxdZgzsIFIdZF41JykctVN1wQTmrVPDrueQU60"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-proxy-backend page-server x-unbounce-pageid 11770128-3752-4ec4-b9a7-be955ed282a2 x-unbounce-variant q x-unbounce-visitorid 160a4196-04b1-49aa-8e1b-49d18bbedcbf
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	127ms 38ms	Stylesheet text/css	99.86.4.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: freesamples.thedimepress.com URL: https://freesamples.thedimepress.com/?hitid=2384054794&prod=460993&c1=spinprize.thenickelpress.com/spin&c2=PSH_spinprize.thenickelpress.com/spin__PN_O266568__PRFRHVV2_reoccurring_pn&c3=v2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz&cat=PromoFreebieHV&c9=461106&c6=https%3A%2F%2Fspinprize.thenickelpress.com%2Fspin.php&c7=phone_US_PCP_reoccurring_pn&c8=_&c10=&c5=63ceebc1e6406c00120f4120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-92.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863 Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 07 Dec 2022 05:36:03 GMT content-encoding gzip via 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront) x-amz-version-id F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug last-modified Wed, 23 Nov 2022 23:24:30 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 4348469 etag "3d27e56a34e34b278ab5e182cbc3b587" x-cache Hit from cloudfront content-type text/css cache-control max-age=31536000 accept-ranges bytes content-length 2902 x-amz-cf-id S-mUlCR24PDE8Z_KVNJNbbcuY9ULzJQ1lvkr4YJOk-7FWvQUQG5MeA==
GET H2	200	ub.js Show response d34qb8suadcc4g.cloudfront.net/	5 KB 2 KB	154ms 44ms	Script application/javascript	2600:9000:211e:5a00:1d:11cf:5800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108 Requested by Host: freesamples.thedimepress.com URL: https://freesamples.thedimepress.com/?hitid=2384054794&prod=460993&c1=spinprize.thenickelpress.com/spin&c2=PSH_spinprize.thenickelpress.com/spin__PN_O266568__PRFRHVV2_reoccurring_pn&c3=v2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz&cat=PromoFreebieHV&c9=461106&c6=https%3A%2F%2Fspinprize.thenickelpress.com%2Fspin.php&c7=phone_US_PCP_reoccurring_pn&c8=_&c10=&c5=63ceebc1e6406c00120f4120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:5a00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 17 Jan 2023 21:41:41 GMT content-encoding gzip via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) x-amz-version-id TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06 last-modified Tue, 17 Jan 2023 21:14:25 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 748131 etag "fde4d3457a50df6eb5c2e00c8f2ae5b3" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 accept-ranges bytes content-length 1865 x-amz-cf-id 5YZtcfnydpdNS19ej6SCM14Zg6LOw_OoOtIhWG-rQZueKhdDZgMlMg==
GET H2	200	main.bundle-384ff03.z.js Show response builder-assets.unbounce.com/published-js/	103 KB 33 KB	30ms 30ms	Script application/javascript	99.86.4.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js Requested by Host: freesamples.thedimepress.com URL: https://freesamples.thedimepress.com/?hitid=2384054794&prod=460993&c1=spinprize.thenickelpress.com/spin&c2=PSH_spinprize.thenickelpress.com/spin__PN_O266568__PRFRHVV2_reoccurring_pn&c3=v2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz&cat=PromoFreebieHV&c9=461106&c6=https%3A%2F%2Fspinprize.thenickelpress.com%2Fspin.php&c7=phone_US_PCP_reoccurring_pn&c8=_&c10=&c5=63ceebc1e6406c00120f4120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-92.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 07 Dec 2022 07:25:50 GMT content-encoding gzip via 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront) x-amz-version-id 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u last-modified Mon, 04 Jul 2022 16:47:26 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 4341882 etag "1825a0c47b2e38b6cf30a4072987bce1" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 accept-ranges bytes content-length 33495 x-amz-cf-id sqpG1Ljmjcl7X1RrY_uQ9_Rnw6wVhMnJcaJZTp0Sq6PLeOcOOCyB-g==
GET H2	200	5f91a9f6e47f06001001bad7 Show response api.pushnami.com/scripts/v1/pushnami-adv/	172 KB 49 KB	627ms 33ms	Script application/javascript	143.204.215.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pushnami.com/scripts/v1/pushnami-adv/5f91a9f6e47f06001001bad7 Requested by Host: freesamples.thedimepress.com URL: https://freesamples.thedimepress.com/?hitid=2384054794&prod=460993&c1=spinprize.thenickelpress.com/spin&c2=PSH_spinprize.thenickelpress.com/spin__PN_O266568__PRFRHVV2_reoccurring_pn&c3=v2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz&cat=PromoFreebieHV&c9=461106&c6=https%3A%2F%2Fspinprize.thenickelpress.com%2Fspin.php&c7=phone_US_PCP_reoccurring_pn&c8=_&c10=&c5=63ceebc1e6406c00120f4120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.68 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-68.fra53.r.cloudfront.net Software / Resource Hash 54f0103cfccb4b294bbcf7123ec739c000fd70893b8daa9b1e323d5c2f516ab5 Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 13:28:37 GMT content-encoding gzip via 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 115 vary accept-encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control no-cache x-amz-cf-id uzsd-uXjpZxvpLS0iFpoyg8pGFO0aJ459oRXoR3fiYyMXQ7RMPmvvQ==
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	sp-2.14.0.js Show response d34qb8suadcc4g.cloudfront.net/	98 KB 30 KB	51ms 50ms	Script application/javascript	2600:9000:211e:5a00:1d:11cf:5800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js Requested by Host: d34qb8suadcc4g.cloudfront.net URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:5a00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Sun, 11 Dec 2022 09:08:36 GMT content-encoding gzip via 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront) x-amz-version-id rVTqklA1qqyT_0VdOCY323BKPISR0uej last-modified Wed, 04 Nov 2020 01:35:32 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 3990116 etag "73de733c308b8b5e44d2a6242dc4bd99" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 accept-ranges bytes content-length 30399 x-amz-cf-id 0FUe3v4ytBaZHcYTxrMQ3yAOmbIw09zba9KlK7zY7tNbeGZkkX-7dw==
GET BLOB	200 OK	eafa034f-28d2-4245-ac3d-28aed9c2590a https://freesamples.thedimepress.com/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://freesamples.thedimepress.com/eafa034f-28d2-4245-ac3d-28aed9c2590a Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994 Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Length 5611 Content-Type text/css
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	162ms 61ms	Stylesheet text/css	2a00:1450:400d:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,regular%7CMontserrat:700 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3537ded66ad5d1a8553b79ab37a950e7524d4786972d96a2c2064cc7ba21a314 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 26 Jan 2023 13:30:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 26 Jan 2023 13:30:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 26 Jan 2023 13:30:32 GMT
GET H2	200	978c4b89-f0502bf5a8b06eed945854335a869ff0-3_10000000m807f00000201o.jpg d9hhrg4mnvzow.cloudfront.net/freesamples.thedimepress.com/	50 KB 50 KB	539ms 468ms	Image image/jpeg	143.204.214.118 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/freesamples.thedimepress.com/978c4b89-f0502bf5a8b06eed945854335a869ff0-3_10000000m807f00000201o.jpg Requested by Host: freesamples.thedimepress.com URL: https://freesamples.thedimepress.com/?hitid=2384054794&prod=460993&c1=spinprize.thenickelpress.com/spin&c2=PSH_spinprize.thenickelpress.com/spin__PN_O266568__PRFRHVV2_reoccurring_pn&c3=v2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz&cat=PromoFreebieHV&c9=461106&c6=https%3A%2F%2Fspinprize.thenickelpress.com%2Fspin.php&c7=phone_US_PCP_reoccurring_pn&c8=_&c10=&c5=63ceebc1e6406c00120f4120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.214.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-214-118.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash d8d9326493c4090ef23d170c5d5f45dfba010bf815fc8365c0a87030cae74d23 Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 13:30:33 GMT x-amz-version-id cfbF4No4RmAWWhOmV8TK5Bz_Mb1ewHd0 via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Tue, 25 Oct 2022 18:28:55 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "dc1ecdaab210f57d06e6d827983be8aa" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31557600 accept-ranges bytes content-length 51076 x-amz-cf-id Er7ScZQA2MRfkWe9fcbyWdOdh2_wO8nqnAMi-GBhhNqy11ew6VuFpQ==
GET H2	200	i events.ub-analytics.com/	43 B 245 B	864ms 274ms	Image image/gif	54.164.38.118 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://events.ub-analytics.com/i?stm=1674739832042&e=pv&url=https%3A%2F%2Ffreesamples.thedimepress.com%2F%3Fhitid%3D2384054794%26prod%3D460993%26c1%3Dspinprize.thenickelpress.com%2Fspin%26c2%3DPSH_spinprize.thenickelpress.com%2Fspin__PN_O266568__PRFRHVV2_reoccurring_pn%26c3%3Dv2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz%26cat%3DPromoFreebieHV%26c9%3D461106%26c6%3Dhttps%253A%252F%252Fspinprize.thenickelpress.com%252Fspin.php%26c7%3Dphone_US_PCP_reoccurring_pn%26c8%3D_%26c10%3D%26c5%3D63ceebc1e6406c00120f4120&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=7c951148-35c9-4c02-b741-2eef0c911ac9&dtm=1674739832040&vp=1600x1200&ds=1600x1225&vid=1&sid=2986ddd0-36e3-4c91-a88a-5f6eac2c69f9&duid=a53dd60e-37a1-420e-be6e-7712bec73f24&uid=160a4196-04b1-49aa-8e1b-49d18bbedcbf&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMTE3NzAxMjgtMzc1Mi00ZWM0LWI5YTctYmU5NTVlZDI4MmEyIiwidmFyaWFudElkIjoicSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0 Requested by Host: freesamples.thedimepress.com URL: https://freesamples.thedimepress.com/?hitid=2384054794&prod=460993&c1=spinprize.thenickelpress.com/spin&c2=PSH_spinprize.thenickelpress.com/spin__PN_O266568__PRFRHVV2_reoccurring_pn&c3=v2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz&cat=PromoFreebieHV&c9=461106&c6=https%3A%2F%2Fspinprize.thenickelpress.com%2Fspin.php&c7=phone_US_PCP_reoccurring_pn&c8=_&c10=&c5=63ceebc1e6406c00120f4120 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.38.118 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-38-118.compute-1.amazonaws.com Software akka-http/10.0.9 / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-origin * date Thu, 26 Jan 2023 13:30:32 GMT access-control-allow-credentials true p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" server akka-http/10.0.9 content-length 43 content-type image/gif
POST H2	200	track Show response trc.pushnami.com/api/push/	2 B 168 B	166ms 166ms	Fetch text/html	100.26.12.248 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f91a9f6e47f06001001bad7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 100.26.12.248 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-26-12-248.compute-1.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept application/json, text/plain, */* Referer https://freesamples.thedimepress.com/ accept-language it-IT,it;q=0.9 key 5f91a9f6e47f06001001bad7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Thu, 26 Jan 2023 13:30:32 GMT access-control-expose-headers WWW-Authenticate,Server-Authorization cache-control no-cache content-length 2 content-type text/html; charset=utf-8
OPTIONS H2	204	track trc.pushnami.com/api/push/ Frame	0 0	653ms 149ms	Preflight	100.26.12.248 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 100.26.12.248 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-26-12-248.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers key Access-Control-Request-Method POST Origin https://freesamples.thedimepress.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-headers Accept,Authorization,Content-Type,If-None-Match,key access-control-allow-methods POST access-control-allow-origin * access-control-expose-headers WWW-Authenticate,Server-Authorization access-control-max-age 86400 cache-control no-cache date Thu, 26 Jan 2023 13:30:32 GMT
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 fonts.gstatic.com/s/montserrat/v25/	13 KB 13 KB	186ms 80ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,regular%7CMontserrat:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://freesamples.thedimepress.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 23 Jan 2023 17:02:57 GMT x-content-type-options nosniff age 246455 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12848 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:56:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 23 Jan 2024 17:02:57 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	144ms 39ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,regular%7CMontserrat:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://freesamples.thedimepress.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 23 Jan 2023 11:48:56 GMT x-content-type-options nosniff age 265296 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 23 Jan 2024 11:48:56 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	152ms 48ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,regular%7CMontserrat:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://freesamples.thedimepress.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 24 Jan 2023 22:49:45 GMT x-content-type-options nosniff age 139247 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Jan 2024 22:49:45 GMT
GET H2	200	hub Show response api.pushnami.com/scripts/v1/ Frame 7795	2 KB 1 KB	26ms 25ms	Document text/html	143.204.215.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pushnami.com/scripts/v1/hub Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f91a9f6e47f06001001bad7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.68 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-68.fra53.r.cloudfront.net Software / Resource Hash 2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4 Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' * X-Content-Security-Policy default-src 'unsafe-inline' * Request headers Referer https://freesamples.thedimepress.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers access-control-allow-headers X-Requested-With access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-origin * age 1716 cache-control no-cache content-encoding gzip content-security-policy default-src 'unsafe-inline' * content-type text/html; charset=utf-8 date Thu, 26 Jan 2023 13:01:56 GMT vary accept-encoding via 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront) x-amz-cf-id 6w9y68eR0jH6d_cNT0tsARKIg69wEqcGtCxiNABoHRoxdZno0Dd8TA== x-amz-cf-pop FRA53-C1 x-cache Hit from cloudfront x-content-security-policy default-src 'unsafe-inline' * x-webkit-csp default-src 'unsafe-inline' *
GET H2	200	request.js Show response script.anura.io/	53 KB 19 KB	209ms 111ms	Script application/javascript	52.56.141.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/request.js?instance=3688597576&source=461106&campaign=spinprize.thenickelpress.com%2Fspin&callback=Pushnami.anTrack&971796035873 Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f91a9f6e47f06001001bad7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.56.141.12 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-56-141-12.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash d6322706ad6b38f3b6949aeb9809cd3b70ba27de0feff576b30440f7277742d1 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache date Thu, 26 Jan 2023 13:30:33 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H2	200	showads.js Show response ads.anura.io/	0 352 B	151ms 38ms	XHR application/javascript	13.32.110.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.anura.io/showads.js?549063484220 Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=3688597576&source=461106&campaign=spinprize.thenickelpress.com%2Fspin&callback=Pushnami.anTrack&971796035873 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.110.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-110-51.vie50.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://freesamples.thedimepress.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 26 Jan 2023 00:39:08 GMT content-encoding gzip via 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront) server nginx x-amz-cf-pop VIE50-C2 age 46285 vary Accept-Encoding x-cache Hit from cloudfront access-control-allow-methods GET access-control-allow-origin * content-type application/javascript; charset=utf-8 x-amz-cf-id 6kyAs3Z0Zl04aINgvqbA_kzxkUeiE9WwlBor2LVuVgfvGYGlc5bJBg==
POST H2	200	response.json Show response script.anura.io/	51 B 404 B	566ms 484ms	XHR application/json	52.56.141.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/response.json Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=3688597576&source=461106&campaign=spinprize.thenickelpress.com%2Fspin&callback=Pushnami.anTrack&971796035873 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.56.141.12 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-56-141-12.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash 0a19a7f42432b7cf883d4b11c54b6676731653328e0ad1bb067396c1841bb294 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://freesamples.thedimepress.com/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Thu, 26 Jan 2023 13:30:34 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
OPTIONS H2	200	psp psp.pushnami.com/api/ Frame	0 0	403ms 124ms	Preflight application/json	54.209.198.197 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://psp.pushnami.com/api/psp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.209.198.197 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-198-197.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers key Access-Control-Request-Method POST Origin https://freesamples.thedimepress.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers key access-control-allow-methods POST access-control-allow-origin https://freesamples.thedimepress.com access-control-expose-headers content-type, content-length, etag access-control-max-age 600 cache-control no-cache content-encoding gzip content-type application/json; charset=utf-8 date Thu, 26 Jan 2023 13:30:34 GMT vary accept-encoding
POST H2	200	psp Show response psp.pushnami.com/api/	2 B 231 B	633ms 633ms	Fetch text/html	54.209.198.197 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://psp.pushnami.com/api/psp Requested by Host: api.pushnami.com URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f91a9f6e47f06001001bad7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.209.198.197 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-209-198-197.compute-1.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept application/json, text/plain, */* Referer https://freesamples.thedimepress.com/ accept-language it-IT,it;q=0.9 key 5f91a9f6e47f06001001bad7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 content-type application/x-www-form-urlencoded Response headers access-control-allow-origin https://freesamples.thedimepress.com date Thu, 26 Jan 2023 13:30:35 GMT cache-control no-cache access-control-allow-credentials true content-encoding gzip vary accept-encoding content-type text/html; charset=utf-8

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| ub function| getParam function| setProd function| isValidProd string| prod function| clock function| isAllowedPub function| setPub object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow boolean| isRollbar object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| __core-js_shared__ object| core object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami function| CrossStorageClient object| pushnamiStorage function| uuid object| Anura

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			freesamples.thedimepress.com/	1970-01-20 13:31:31	Name: ubvs Value: 160a4196-04b1-49aa-8e1b-49d18bbedcbf
			.thedimepress.com/	1970-01-20 09:16:39	Name: ubvt Value: 160a4196-04b1-49aa-8e1b-49d18bbedcbf
			freesamples.thedimepress.com/	1970-01-20 13:37:17	Name: ubpv Value: q%2C11770128-3752-4ec4-b9a7-be955ed282a2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://freesamples.thedimepress.com/?hitid=2384054794&prod=460993&c1=spinprize.thenickelpress.com/spin&c2=PSH_spinprize.thenickelpress.com/spin__PN_O266568__PRFRHVV2_reoccurring_pn&c3=v2___vuuAQAY87rweZAbAASD0EgX2vLquh00BfP4tNMY9Jh4HGLlwAT6EoXNXJlZGlz&cat=PromoFreebieHV&c9=461106&c6=https%3A%2F%2Fspinprize.thenickelpress.com%2Fspin.php&c7=phone_US_PCP_reoccurring_pn&c8=_&c10=&c5=63ceebc1e6406c00120f4120 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
api.pushnami.com
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
freesamples.thedimepress.com
psp.pushnami.com
script.anura.io
trc.pushnami.com
100.26.12.248
13.32.110.51
143.204.214.118
143.204.215.68
2600:9000:211e:5a00:1d:11cf:5800:93a1
2606:4700:3032::6815:3f45
2a00:1450:400d:804::200a
2a00:1450:400d:80a::2003
52.56.141.12
54.164.38.118
54.209.198.197
99.86.4.92
0a19a7f42432b7cf883d4b11c54b6676731653328e0ad1bb067396c1841bb294
158003fa77da1c011efbaaecea0eed4ddad2d2ca6309faf5eb6c6a23e3555a8c
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3537ded66ad5d1a8553b79ab37a950e7524d4786972d96a2c2064cc7ba21a314
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
54f0103cfccb4b294bbcf7123ec739c000fd70893b8daa9b1e323d5c2f516ab5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d6322706ad6b38f3b6949aeb9809cd3b70ba27de0feff576b30440f7277742d1
d8d9326493c4090ef23d170c5d5f45dfba010bf815fc8365c0a87030cae74d23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615