urlscan.io logo urlscan.io
SecurityTrails logo

rigarem.pro Open in urlscan Pro
5.9.30.202  Public Scan

Go To Rescan Add Verdict Report
URL: https://rigarem.pro/
Submission: On October 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 5.9.30.202, located in Giessen, Germany and belongs to HETZNER-AS, DE. The main domain is rigarem.pro.
TLS certificate: Issued by R11 on September 26th 2024. Valid for: 3 months.
This is the only time rigarem.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 5.9.30.202 24940 (HETZNER-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.68 15169 (GOOGLE)
6 142.250.186.67 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
22 6
9    5.9.30.202 (Giessen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 2website.lv
rigarem.pro
2    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
6    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 rigarem.pro
rigarem.pro
59 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
303 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
969 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
58 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
22 5
Domain Requested by
9 rigarem.pro rigarem.pro
6 fonts.gstatic.com fonts.googleapis.com
3 www.google.com rigarem.pro
www.gstatic.com
2 cdn.jsdelivr.net rigarem.pro
1 www.gstatic.com www.google.com
1 fonts.googleapis.com rigarem.pro
22 6

This site contains no links.

Subject Issuer Validity Valid
rigarem.pro
R11		 2024-09-26 -
2024-12-25		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://rigarem.pro/
Frame ID: 714B359C2D90FBCA9C64F11989283F45
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcnjz0UAAAAAIxsDVEQZh9Sv-lRKAi5nUNdecCD&co=aHR0cHM6Ly9yaWdhcmVtLnBybzo0NDM.&hl=lv&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=55zdc5nvcn6f
Frame ID: 3DED1EBC24A612E78B21D88A6A1D7932
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=lv&v=xds0rzGrktR88uEZ2JUvdgOY&k=6Lcnjz0UAAAAAIxsDVEQZh9Sv-lRKAi5nUNdecCD
Frame ID: 710DB2F3D6173B61ECD652C9A9822AF1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Domēns pārdošanai: rigarem.pro

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

422 kB
Transfer

1156 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rigarem.pro/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
c65e4bdc80ba3421b9533c9f0e03eaffaf678c542e58e0f246d66085f2c1f45a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, no-store, no-cache, must-revalidate, no-transform, max-age=0
content-encoding
gzip
content-length
2770
content-type
text/html; charset=UTF-8
date
Wed, 09 Oct 2024 10:27:38 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 		227 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://rigarem.pro/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
age
11294130
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ay%2F8Ocki3ha3icodB5TxPWfRVRVdzoVhqFnFZb%2FrgObIHx4JLUBiXc8E6%2BUH7Pr6mIyT8Ici5jS9E6s6BFTMsEe7NMkShd6Y173%2Bp7vMFot1eiFsBvnsroGTJ3TWkw9wuY68QwnbbyW9gugMfhI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
x-cache
HIT, HIT
date
Wed, 09 Oct 2024 10:27:39 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230118-FRA, cache-lga21937-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cfdadec3fe81ca9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
34908
server
cloudflare
x-jsd-version
5.3.3
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap&subset=cyrillic,cyrillic-ext
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 10:27:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 10:27:39 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 09:46:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
animate.css
rigarem.pro/sale1/css/ 		56 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/sale1/css/animate.css
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
fa89f91bd83b48ee12dceb0f127808efa00006b891e548172a4ea0d447991b23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
max-age=290304000, public
content-encoding
gzip
etag
"def3-61bcb2b1e9700-gzip"
expires
Wed, 21 Dec 2033 10:27:39 GMT
accept-ranges
bytes
content-length
4327
date
Wed, 09 Oct 2024 10:27:39 GMT
last-modified
Wed, 26 Jun 2024 13:41:16 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
style.css
rigarem.pro/sale1/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/sale1/css/style.css
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
87603257dc31c3da04b75bd50df2561ab91ed2679fa746cbfe74f69b220b5d91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
max-age=290304000, public
content-encoding
gzip
etag
"34da-620729f67bb40-gzip"
expires
Wed, 21 Dec 2033 10:27:39 GMT
accept-ranges
bytes
content-length
3249
date
Wed, 09 Oct 2024 10:27:39 GMT
last-modified
Sat, 24 Aug 2024 19:08:53 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
api.js
www.google.com/recaptcha/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=lv
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
ESF /
Resource Hash
333ab5f2dc3adc325ea52b2061e04d1f7fe1b72c1016c11908a22feb07f53f14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 10:27:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 09 Oct 2024 10:27:39 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
jquery-2.1.1.js
rigarem.pro/sale1/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/sale1/js/jquery-2.1.1.js
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
max-age=290304000, public
content-encoding
gzip
etag
"14915-61bcb2cf79cc0-gzip"
expires
Wed, 16 Oct 2024 10:27:39 GMT
accept-ranges
bytes
content-length
29497
date
Wed, 09 Oct 2024 10:27:39 GMT
last-modified
Wed, 26 Jun 2024 13:41:47 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://rigarem.pro/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"13b51-3cbp6tbRaukjc5nOQejBYgzFnDY"
age
3820873
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=piBOOvvcCfKm%2FhYcLSvXY3KWyaEGDJ7sxu3WBgvQVM8Xs%2FYKti87xRS6hThLqAYwKxL0BvQUTdSA%2FSj3gdkHvBDcsLQN8NDvjdKcjiF8KPGLEUozohLonfmCih5GZ7bR5TefwFgHuXqTyh14i7s%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
x-cache
HIT, HIT
date
Wed, 09 Oct 2024 10:27:39 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230062-FRA, cache-lga21924-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cfdadec3fea1ca9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
22790
server
cloudflare
x-jsd-version
5.3.3
plugins.js
rigarem.pro/sale1/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/sale1/js/plugins.js
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
58afa12e2223887bc597311f25c02de48945c1f30da0914fa73d0d659241e031

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
max-age=290304000, public
content-encoding
gzip
etag
"7672-61bcb2debc0c0-gzip"
expires
Wed, 16 Oct 2024 10:27:39 GMT
accept-ranges
bytes
content-length
9408
date
Wed, 09 Oct 2024 10:27:39 GMT
last-modified
Wed, 26 Jun 2024 13:42:03 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
contact.js
rigarem.pro/sale1/js/ 		2 KB
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/sale1/js/contact.js
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
a882537524d6f24743503cfe511084d1584b5b5c82504f8b626656373ba6b4dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
max-age=290304000, public
content-encoding
gzip
etag
"786-62072771cca40-gzip"
expires
Wed, 16 Oct 2024 10:27:39 GMT
accept-ranges
bytes
content-length
736
date
Wed, 09 Oct 2024 10:27:39 GMT
last-modified
Sat, 24 Aug 2024 18:57:37 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
validator.js
rigarem.pro/sale1/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/sale1/js/validator.js
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
1c28f9a02703ff408d83eca702247abcbb36b1f8ee51b47163fc1f5a7d98760c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
max-age=290304000, public
content-encoding
gzip
etag
"2e5e-61bcb2e28c9c0-gzip"
expires
Wed, 16 Oct 2024 10:27:39 GMT
accept-ranges
bytes
content-length
3543
date
Wed, 09 Oct 2024 10:27:39 GMT
last-modified
Wed, 26 Jun 2024 13:42:07 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
custom.js
rigarem.pro/sale1/js/ 		524 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/sale1/js/custom.js
Requested by
Host: rigarem.pro
URL: https://rigarem.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
8cff028459db779e9f5f6cc4888a464a01c50efc7341c835fd842c3fffd8b619

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
max-age=290304000, public
content-encoding
gzip
etag
"20c-61bcb3376d200-gzip"
expires
Wed, 16 Oct 2024 10:27:39 GMT
accept-ranges
bytes
content-length
318
date
Wed, 09 Oct 2024 10:27:39 GMT
last-modified
Wed, 26 Jun 2024 13:43:36 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://fonts.googleapis.com/

Response headers

age
98920
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:59:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 06:59:00 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://fonts.googleapis.com/

Response headers

age
101153
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:21:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 06:21:47 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://fonts.googleapis.com/

Response headers

age
130519
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 22:12:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 22:12:21 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://fonts.googleapis.com/

Response headers

age
94119
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:19:01 GMT
last-modified
Thu, 01 Aug 2024 20:41:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12304
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://fonts.googleapis.com/

Response headers

age
94316
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:15:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:15:44 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12456
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://fonts.googleapis.com/

Response headers

age
105746
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 05:05:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 05:05:14 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9852
x-xss-protection
0
server
sffe
recaptcha__lv.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 		542 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__lv.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=lv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
ad25b0d641ed1484f10e32fcd478816b7b648dcf39975cf9dab50b6514913daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rigarem.pro
Referer
https://rigarem.pro/

Response headers

content-encoding
gzip
age
69094
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 15:16:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 15:16:06 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220154
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 3DED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcnjz0UAAAAAIxsDVEQZh9Sv-lRKAi5nUNdecCD&co=aHR0cHM6Ly9yaWdhcmVtLnBybzo0NDM.&hl=lv&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=55zdc5nvcn6f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__lv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A3vMKW5MqAmWTRRJ3o0Eqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rigarem.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-A3vMKW5MqAmWTRRJ3o0Eqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Oct 2024 10:27:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.png
rigarem.pro/sale1/images/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rigarem.pro/sale1/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.30.202 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
2website.lv
Software
Apache /
Resource Hash
d96f969064c65e9adb5f3afa4cc46a5cb0a8cf4ea2445be9a355739d54a2f4e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rigarem.pro/

Response headers

cache-control
max-age=290304000, public
etag
"1313-61bcb29735800"
expires
Wed, 21 Dec 2033 10:27:41 GMT
accept-ranges
bytes
content-length
4883
date
Wed, 09 Oct 2024 10:27:41 GMT
last-modified
Wed, 26 Jun 2024 13:40:48 GMT
content-type
image/png
server
Apache
bframe
www.google.com/recaptcha/api2/ Frame 710D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=lv&v=xds0rzGrktR88uEZ2JUvdgOY&k=6Lcnjz0UAAAAAIxsDVEQZh9Sv-lRKAi5nUNdecCD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__lv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K0VipAWySWjk-CWOQMrxbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rigarem.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-K0VipAWySWjk-CWOQMrxbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Oct 2024 10:27:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery number| uidEvent object| bootstrap function| SmoothScroll function| WOW object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_938699

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
rigarem.pro
www.google.com
www.gstatic.com
142.250.184.227
142.250.186.67
142.250.186.68
2606:4700::6812:bb1f
2a00:1450:4001:82b::200a
5.9.30.202
0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c
1c28f9a02703ff408d83eca702247abcbb36b1f8ee51b47163fc1f5a7d98760c
333ab5f2dc3adc325ea52b2061e04d1f7fe1b72c1016c11908a22feb07f53f14
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
58afa12e2223887bc597311f25c02de48945c1f30da0914fa73d0d659241e031
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87603257dc31c3da04b75bd50df2561ab91ed2679fa746cbfe74f69b220b5d91
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8cff028459db779e9f5f6cc4888a464a01c50efc7341c835fd842c3fffd8b619
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
a882537524d6f24743503cfe511084d1584b5b5c82504f8b626656373ba6b4dd
ad25b0d641ed1484f10e32fcd478816b7b648dcf39975cf9dab50b6514913daa
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
c65e4bdc80ba3421b9533c9f0e03eaffaf678c542e58e0f246d66085f2c1f45a
d96f969064c65e9adb5f3afa4cc46a5cb0a8cf4ea2445be9a355739d54a2f4e5
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
fa89f91bd83b48ee12dceb0f127808efa00006b891e548172a4ea0d447991b23