hl-saving.net Open in urlscan Pro
2606:4700:3030::681b:a42b  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hl-saving.net/	55 KB 8 KB	1011ms 963ms	Document text/html	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.14 Resource Hash 71b0189e50252abd6171bf4026a04a1bade24ee2b25d121b437586b2f54adf5d Request headers :method GET :authority hl-saving.net :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Tue, 17 Mar 2020 06:41:07 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d60d3ea30dc7487164baca6bfbd9d34fa1584427266; expires=Thu, 16-Apr-20 06:41:06 GMT; path=/; domain=.hl-saving.net; HttpOnly; SameSite=Lax x-powered-by PHP/7.3.14 vary Accept-Encoding,User-Agent cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5754b9efad5c145a-FRA content-encoding br
GET H2	200	vendor.css hl-saving.net/assets/css/	290 KB 55 KB	253ms 252ms	Stylesheet text/css	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl-saving.net/assets/css/vendor.css Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08bb0b9d8f67bc0e1407b0f78836f176697d229bc5a4af10c21c9bf4f2806b8e Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 17 Mar 2020 06:41:07 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:36:19 GMT server cloudflare etag W/"a50dfc5-487de-58ece9fd401f9-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type text/css status 200 cf-ray 5754b9f63d2d145a-FRA
GET H2	200	style.css hl-saving.net/assets/css/	476 KB 59 KB	944ms 943ms	Stylesheet text/css	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl-saving.net/assets/css/style.css Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c6565df492f389f8fcd54fa5ed04c855dab8a55a791ce7f75fdc70f25e08461 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 17 Mar 2020 06:41:08 GMT content-encoding br cf-cache-status DYNAMIC last-modified Sat, 15 Feb 2020 09:22:37 GMT server cloudflare etag W/"a50dfc8-77113-59e99dced7484-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type text/css status 200 cf-ray 5754b9f63d2e145a-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	75 KB 28 KB	20ms 19ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-128389377-1 Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7532c058728126a369f9eec931c96e19378c62b371284265394bd3bdb6e2cc3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 06:41:07 GMT content-encoding br status 200 strict-transport-security max-age=31536000; includeSubDomains alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28556 x-xss-protection 0 last-modified Tue, 17 Mar 2020 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 17 Mar 2020 06:41:07 GMT
GET H2	200	logo-dark-h.svg hl-saving.net/assets/images/demo/logo/	35 KB 13 KB	676ms 676ms	Image image/svg+xml	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hl-saving.net/assets/images/demo/logo/logo-dark-h.svg Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24bbfb3c6d0e3ed88538f38be21b3570e93f6979b98579ef14d7f75b4f348bd3 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 06:41:08 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:38:03 GMT server cloudflare etag W/"a50e197-8a47-58ecea60d08d3-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type image/svg+xml status 200 cf-ray 5754b9f63d31145a-FRA
GET H2	200	0603-1.png hl-saving.net/assets/images/demo/banner/	106 KB 106 KB	15350ms 15348ms	Image image/png	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hl-saving.net/assets/images/demo/banner/0603-1.png Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf2c671c489c667d3d8de889df61ded60e90a8b15bdac7e89c28b8635aa9dd77 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 06:41:24 GMT cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:38:55 GMT server cloudflare etag "a50df32-1a60c-58ecea9242973" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png status 200 accept-ranges bytes cf-ray 5754ba003d05145a-FRA content-length 108044
GET		0603-2.png hl-saving.net/assets/images/demo/banner/	0 0
GET H2	200	0424-2.png hl-saving.net/assets/images/demo/banner/	101 KB 102 KB	1168ms 1166ms	Image image/png	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hl-saving.net/assets/images/demo/banner/0424-2.png Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3795740c278e28b79f50c700dc02098c35b60bb3bb49d82e40d1e6db736b736c Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 06:41:10 GMT cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:38:58 GMT server cloudflare etag "a50e221-1951d-58ecea954558e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png status 200 accept-ranges bytes cf-ray 5754ba003d0f145a-FRA content-length 103709
GET H2	200	0424-3.png hl-saving.net/assets/images/demo/banner/	66 KB 66 KB	339ms 337ms	Image image/png	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hl-saving.net/assets/images/demo/banner/0424-3.png Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de84c5dfd5b9755c2ed020394e32464389e5e5a97d37dee6bf76b44e36d45c99 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 06:41:09 GMT cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:38:59 GMT server cloudflare etag "a50e222-108b8-58ecea95d8522" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png status 200 accept-ranges bytes cf-ray 5754ba003d10145a-FRA content-length 67768
GET		01.png hl-saving.net/assets/images/demo/banner/0226/	0 0
GET H2	200	02.png hl-saving.net/assets/images/demo/banner/0226/	76 KB 76 KB	339ms 338ms	Image image/png	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hl-saving.net/assets/images/demo/banner/0226/02.png Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a250ce9d21d3a734d6a980f94182abf55341ea6eba7df1159fa6526bd72b5d4 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 06:41:09 GMT cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:39:02 GMT server cloudflare etag "a50e22a-12fe4-58ecea9899a5c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png status 200 accept-ranges bytes cf-ray 5754ba003d18145a-FRA content-length 77796
GET H2	200	04.png hl-saving.net/assets/images/demo/banner/0226/	92 KB 93 KB	1168ms 1167ms	Image image/png	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hl-saving.net/assets/images/demo/banner/0226/04.png Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15391c80c134123b3c86a18c06b5b29cd2fad799c27330a4fe96ae7f2f17c8fa Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 06:41:10 GMT cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:39:02 GMT server cloudflare etag "a50e22c-171f8-58ecea9911c40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png status 200 accept-ranges bytes cf-ray 5754ba003d19145a-FRA content-length 94712
GET		05.png hl-saving.net/assets/images/demo/banner/0226/	0 0
GET		i-01.png hl-saving.net/assets/images/demo/6characters/	0 0
GET		i-02.png hl-saving.net/assets/images/demo/6characters/	0 0
GET		i-03.png hl-saving.net/assets/images/demo/6characters/	0 0
GET		i-04.png hl-saving.net/assets/images/demo/6characters/	0 0
GET H2	200	i-05.png hl-saving.net/assets/images/demo/6characters/	722 B 847 B	16134ms 16133ms	Image image/png	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hl-saving.net/assets/images/demo/6characters/i-05.png Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64bc78a5fd210c1060cc4f28149428d6721348bb8255e9958704bd386267b491 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 06:41:25 GMT cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:37:02 GMT server cloudflare etag "a50e143-2d2-58ecea26b4b9a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png status 200 accept-ranges bytes cf-ray 5754ba003d25145a-FRA content-length 722
GET		i-06.png hl-saving.net/assets/images/demo/6characters/	0 0
GET H2	200	logo-light.svg hl-saving.net/assets/images/demo/logo/	19 KB 8 KB	16166ms 16164ms	Image image/svg+xml	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hl-saving.net/assets/images/demo/logo/logo-light.svg Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7aec38cfd2ea2a9aa72ad44d17b7629080b5c18b85f14a7806924983880e2f9d Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 06:41:25 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:38:05 GMT server cloudflare etag W/"a50e19d-4b72-58ecea62042bb-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type image/svg+xml status 200 cf-ray 5754ba003d29145a-FRA
GET H2	200	email-decode.min.js Show response hl-saving.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 845 B	8ms 8ms	Script application/javascript	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl-saving.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 06:41:07 GMT content-encoding gzip vary Accept-Encoding last-modified Fri, 06 Mar 2020 12:22:46 GMT server cloudflare etag W/"5e624096-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript status 200 cache-control max-age=172800, public cf-ray 5754b9f65d8c145a-FRA expires Thu, 19 Mar 2020 06:41:07 GMT
GET H2	200	vendor.js Show response hl-saving.net/assets/js/	1 MB 268 KB	15898ms 15897ms	Script application/javascript	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl-saving.net/assets/js/vendor.js Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f2fc292a44b2076c87c82b8bb2a18106aedfc40b484884183a5a553a950de44 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 06:41:23 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:36:22 GMT server cloudflare etag W/"a50dfcd-12540c-58ecea0044d4d-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type application/javascript status 200 cf-ray 5754b9f66d9e145a-FRA
GET H2	200	app.js Show response hl-saving.net/assets/js/	8 KB 2 KB	16355ms 16354ms	Script application/javascript	2606:4700:3030::681b:a42b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl-saving.net/assets/js/app.js Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681b:a42b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e888e9e753167646539a57b2aacee897b11e9d4361bd6bd5d7218c93c7e18370 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 06:41:24 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 29 Jul 2019 09:36:22 GMT server cloudflare etag W/"a50dfd0-2144-58ecea0088756-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type application/javascript status 200 cf-ray 5754b9fb78c5145a-FRA
GET H2	200	css fonts.googleapis.com/	4 KB 629 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rubik:300,400,700 Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3b46e4cf644509f527ac3b7143a3172ed0e420d0b0808ab8e1a393b0b0ace0c9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Mar 2020 06:41:09 GMT server ESF date Tue, 17 Mar 2020 06:41:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Mar 2020 06:41:09 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 622 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,500,700 Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1ecdc337aa1e9da3a6830b461ec365b5ef775e51834733ded4d512693da2d725 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Mar 2020 06:41:09 GMT server ESF date Tue, 17 Mar 2020 06:41:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Mar 2020 06:41:09 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 689 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Mono Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a54648bdc1b05c77c59e0db5b84cfe24d2df01f378a2fbd5377e21baded62e2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Mar 2020 06:41:09 GMT server ESF date Tue, 17 Mar 2020 06:41:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Mar 2020 06:41:09 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:814::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-128389377-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 457 date Tue, 17 Mar 2020 06:33:32 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 18174 expires Tue, 17 Mar 2020 08:33:32 GMT
GET H2	200	pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2 fonts.gstatic.com/s/nunitosans/v5/	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:815::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v5/pe03MImSLYBIv1o4X1M8cc8WAc5tU1ECVZl_.woff2 Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 209b73582ccb0edb5fe4e63a6f3d295aad989420e248f589ddce27f30cdcad88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,500,700 Origin https://hl-saving.net Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 09 Mar 2020 13:19:54 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:20:18 GMT server sffe age 667275 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 11412 x-xss-protection 0 expires Tue, 09 Mar 2021 13:19:54 GMT
GET H2	200	iJWKBXyIfDnIV7nBrXyw023e.woff2 fonts.gstatic.com/s/rubik/v9/	16 KB 16 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:815::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v9/iJWKBXyIfDnIV7nBrXyw023e.woff2 Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Rubik:300,400,700 Origin https://hl-saving.net Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 21:30:57 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:27:24 GMT server sffe age 551412 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 16268 x-xss-protection 0 expires Wed, 10 Mar 2021 21:30:57 GMT
GET H2	200	pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2 fonts.gstatic.com/s/nunitosans/v5/	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:815::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v5/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2 Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,500,700 Origin https://hl-saving.net Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 27 Feb 2020 12:40:36 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:19:39 GMT server sffe age 1620033 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 11552 x-xss-protection 0 expires Fri, 26 Feb 2021 12:40:36 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 111 B	14ms 14ms	Image image/gif	2a00:1450:4001:814::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1265213824&t=pageview&_s=1&dl=https%3A%2F%2Fhl-saving.net%2F&ul=en-us&de=UTF-8&dt=%E8%8A%B1%E8%93%AE%E7%B8%A3%E5%B8%82%E4%BD%8F%E5%95%86%E7%AF%80%E9%9B%BB%E8%A3%9C%E5%8A%A9%E7%94%B3%E8%AB%8B%E5%B9%B3%E5%8F%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=600809326&gjid=1415398265&cid=1524388315.1584427269&tid=UA-128389377-1&_gid=1374634046.1584427269&_r=1&gtm=2ou340&z=754349894 Requested by Host: hl-saving.net URL: https://hl-saving.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Tue, 17 Mar 2020 06:41:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	iframe_api Show response www.youtube.com/	859 B 931 B	20ms 20ms	Script application/javascript	2a00:1450:4001:818::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: hl-saving.net URL: https://hl-saving.net/assets/js/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash 6cd85cb2f8a71b24d19969cf6f55c7f346e05a91f37bb7d092028c022ed749d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 06:41:24 GMT x-content-type-options nosniff server YouTube Frontend Proxy content-type application/javascript status 200 cache-control no-cache alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 859 x-xss-protection 0 expires Tue, 27 Apr 1971 19:44:06 GMT
GET H2	200	www-widgetapi.js Show response s.ytimg.com/yts/jsbin/www-widgetapi-vflXnwWCE/	37 KB 13 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s.ytimg.com/yts/jsbin/www-widgetapi-vflXnwWCE/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b6513766c0974fcef7b28cd5adceb151659a74a329197f96ce33b53f8bfbec14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hl-saving.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 16 Mar 2020 06:28:38 GMT content-encoding gzip x-content-type-options nosniff age 87166 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13475 x-xss-protection 0 last-modified Mon, 16 Mar 2020 04:17:08 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=691200 accept-ranges bytes timing-allow-origin https://www.youtube.com expires Tue, 24 Mar 2020 06:28:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

hl-saving.net

URL

https://hl-saving.net/assets/images/demo/banner/0603-2.png

Domain

hl-saving.net

URL

https://hl-saving.net/assets/images/demo/banner/0226/01.png

Domain

hl-saving.net

URL

https://hl-saving.net/assets/images/demo/banner/0226/05.png

Domain

hl-saving.net

URL

https://hl-saving.net/assets/images/demo/6characters/i-01.png

Domain

hl-saving.net

URL

https://hl-saving.net/assets/images/demo/6characters/i-02.png

Domain

hl-saving.net

URL

https://hl-saving.net/assets/images/demo/6characters/i-03.png

Domain

hl-saving.net

URL

https://hl-saving.net/assets/images/demo/6characters/i-04.png

Domain

hl-saving.net

URL

https://hl-saving.net/assets/images/demo/6characters/i-06.png

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _self object| Prism function| $ function| jQuery object| bootstrap function| Swiper function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded object| skrollr function| Vivus number| vdata1584427284166 object| vttjs function| WebVTT function| videojs undefined| Youtube function| Headroom function| Typed object| AOS function| SmoothScroll object| Modernizr object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubSubscribedKeys object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportDispatchedStats_ object| ytytLoggingTransportCapturedTime_ object| ytLoggingGelSequenceIdObj_

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hl-saving.net
s.ytimg.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
hl-saving.net
2606:4700:3030::681b:a42b
2a00:1450:4001:800::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:814::200e
2a00:1450:4001:815::2003
2a00:1450:4001:818::200e
08bb0b9d8f67bc0e1407b0f78836f176697d229bc5a4af10c21c9bf4f2806b8e
15391c80c134123b3c86a18c06b5b29cd2fad799c27330a4fe96ae7f2f17c8fa
1ecdc337aa1e9da3a6830b461ec365b5ef775e51834733ded4d512693da2d725
209b73582ccb0edb5fe4e63a6f3d295aad989420e248f589ddce27f30cdcad88
24bbfb3c6d0e3ed88538f38be21b3570e93f6979b98579ef14d7f75b4f348bd3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a250ce9d21d3a734d6a980f94182abf55341ea6eba7df1159fa6526bd72b5d4
3795740c278e28b79f50c700dc02098c35b60bb3bb49d82e40d1e6db736b736c
3b46e4cf644509f527ac3b7143a3172ed0e420d0b0808ab8e1a393b0b0ace0c9
4f2fc292a44b2076c87c82b8bb2a18106aedfc40b484884183a5a553a950de44
64bc78a5fd210c1060cc4f28149428d6721348bb8255e9958704bd386267b491
6cd85cb2f8a71b24d19969cf6f55c7f346e05a91f37bb7d092028c022ed749d4
71b0189e50252abd6171bf4026a04a1bade24ee2b25d121b437586b2f54adf5d
7532c058728126a369f9eec931c96e19378c62b371284265394bd3bdb6e2cc3a
797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6
7aec38cfd2ea2a9aa72ad44d17b7629080b5c18b85f14a7806924983880e2f9d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9c6565df492f389f8fcd54fa5ed04c855dab8a55a791ce7f75fdc70f25e08461
a54648bdc1b05c77c59e0db5b84cfe24d2df01f378a2fbd5377e21baded62e2a
b6513766c0974fcef7b28cd5adceb151659a74a329197f96ce33b53f8bfbec14
bf2c671c489c667d3d8de889df61ded60e90a8b15bdac7e89c28b8635aa9dd77
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
de84c5dfd5b9755c2ed020394e32464389e5e5a97d37dee6bf76b44e36d45c99
e888e9e753167646539a57b2aacee897b11e9d4361bd6bd5d7218c93c7e18370
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d