Submitted URL: http://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ
Effective URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Submission: On May 13 via manual from GB

Summary

This website contacted 9 IPs in 6 countries across 10 domains to perform 52 HTTP transactions. The main IP is 169.239.218.15, located in Johannesburg, South Africa and belongs to DIAMATRIX, ZA. The main domain is www.cleverheads.co.za.
This is the only time www.cleverheads.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 151.1.203.194 3242 (ASN-ITNET)
1 195.216.243.155 29226 (MASTERTEL...)
1 5 2a02:6b8::1:119 13238 (YANDEX)
1 2 88.212.201.194 39134 (UNITEDNET)
36 169.239.218.15 327979 (DIAMATRIX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
52 9
Domain Requested by
36 www.cleverheads.co.za u.to
www.cleverheads.co.za
5 mc.yandex.ru 1 redirects u.to
3 fonts.gstatic.com www.cleverheads.co.za
2 www.facebook.com connect.facebook.net
2 connect.facebook.net www.cleverheads.co.za
connect.facebook.net
2 counter.yadro.ru 1 redirects
2 www.infowine.com 2 redirects
1 staticxx.facebook.com connect.facebook.net
1 www.wiwo.de www.cleverheads.co.za
1 fonts.googleapis.com www.cleverheads.co.za
1 u.to
52 11
Subject Issuer Validity Valid
u.to
COMODO RSA Domain Validation Secure Server CA
2018-09-18 -
2019-09-18
a year crt.sh
bs.yandex.ru
Yandex CA
2018-10-03 -
2019-10-03
a year crt.sh
counter.yadro.ru
COMODO ECC Domain Validation Secure Server CA
2018-04-09 -
2020-04-08
2 years crt.sh
ssl944205.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-01-07 -
2019-09-18
8 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-04-22 -
2019-07-21
3 months crt.sh

This page contains 4 frames:

Primary Page: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Frame ID: F481990E4771CEBF672EB37A2EBF5035
Requests: 49 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 07BE958813FF09AEF021AC77F2750410
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=395202813876688&domain=www.cleverheads.co.za&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df5ce36b804818%26domain%3Dwww.cleverheads.co.za%26origin%3Dhttp%253A%252F%252Fwww.cleverheads.co.za%252Ff2b16294ec1c86%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
Frame ID: FB88CAD0FA894B7B2134D7F0495A8B97
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2b78dcf3304608%26domain%3Dwww.cleverheads.co.za%26origin%3Dhttp%253A%252F%252Fwww.cleverheads.co.za%252Ff2b16294ec1c86%26relation%3Dparent.parent&color_scheme=dark&container_width=192&header=true&height=800&href=https%3A%2F%2Fwww.facebook.com%2Fcleverheadssomersetwest&locale=en_GB&sdk=joey&show_border=true&show_faces=true&stream=true&width=250
Frame ID: 8048D2992E3E1A0FC1EF2BE31ED9E602
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ HTTP 301
    https://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ HTTP 302
    https://u.to/5FxfFQ Page URL
  2. http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • env /pp_(?:alreadyInitialized|descriptions|images|titles)/i

Overall confidence: 100%
Detected patterns
  • env /pp_(?:alreadyInitialized|descriptions|images|titles)/i

Page Statistics

52
Requests

23 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

9
IPs

6
Countries

671 kB
Transfer

1412 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ HTTP 301
    https://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ HTTP 302
    https://u.to/5FxfFQ Page URL
  2. http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ HTTP 301
  • https://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ HTTP 302
  • https://u.to/5FxfFQ
Request Chain 2
  • https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/5FxfFQ;1557764046121 HTTP 302
  • https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/5FxfFQ;1557764046121
Request Chain 3
  • https://mc.yandex.ru/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2F5FxfFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1557764043359%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190513161406%3Aet%3A1557764046%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A472765478%3Ahid%3A588119622%3Ads%3A18%2C186%2C60%2C1%2C2486%2C0%2C0%2C%2C%2C2769%2C%2C%2C%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1557764046%3Au%3A155776404642548270%3At%3ARedirecting HTTP 302
  • https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F5FxfFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1557764043359%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190513161406%3Aet%3A1557764046%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A472765478%3Ahid%3A588119622%3Ads%3A18%2C186%2C60%2C1%2C2486%2C0%2C0%2C%2C%2C2769%2C%2C%2C%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1557764046%3Au%3A155776404642548270%3At%3ARedirecting
Request Chain 45
  • http://connect.facebook.net/en_GB/all.js HTTP 307
  • https://connect.facebook.net/en_GB/all.js

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 5FxfFQ
u.to/
Redirect Chain
  • http://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ
  • https://www.infowine.com/gesban.asp?b=79&l=https://u.to/5FxfFQ
  • https://u.to/5FxfFQ
1 KB
1 KB
Document
General
Full URL
https://u.to/5FxfFQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash

Request headers

Host
u.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.8.0
Date
Mon, 13 May 2019 16:14:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
lng=en; path=/; expires=Tue, 12-May-2020 16:14:07 GMT; domain=.u.to;
Cache-Control
no-cache no-store
Pragma
no-cache
Vary
host
Content-Encoding
gzip

Redirect headers

Cache-Control
private
Content-Type
text/html
Location
https://u.to/5FxfFQ
Server
Microsoft-IIS/8.5
Set-Cookie
ASPSESSIONIDSWTADQSA=EKMNLBAAALHMJDPFIFCJCHPK; secure; path=/
X-Powered-By
ASP.NET
Date
Mon, 13 May 2019 16:14:03 GMT
Content-Length
151
tag.js
mc.yandex.ru/metrika/
332 KB
86 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: u.to
URL: https://u.to/5FxfFQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/5FxfFQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:06 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Apr 2019 09:34:44 GMT
Server
nginx/1.12.2
ETag
"5cc6c534-1555e"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
87390
Expires
Mon, 13 May 2019 17:14:06 GMT
hit;utostat
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/5FxfFQ;1557764046121
  • https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/5FxfFQ;1557764046121
43 B
421 B
Image
General
Full URL
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/5FxfFQ;1557764046121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.194 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host194.rax.ru
Software
nginx/1.11.1 /
Resource Hash

Request headers

Referer
https://u.to/5FxfFQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 May 2019 16:14:06 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 12 May 2018 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 13 May 2019 16:14:06 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/5FxfFQ;1557764046121
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 12 May 2018 21:00:00 GMT
Primary Request /
www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/
87 KB
87 KB
Document
General
Full URL
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Requested by
Host: u.to
URL: https://u.to/5FxfFQ
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
4bddd6e677480a259bdbc7a8fdf930b18edaf8a81a6e0b46edbe2eb2da6d867b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Host
www.cleverheads.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:06 GMT
Server
Apache
Link
<http://www.cleverheads.co.za/index.php?rest_route=/>; rel="https://api.w.org/"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
User-Agent
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=50
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
1
mc.yandex.ru/watch/51604940/
Redirect Chain
  • https://mc.yandex.ru/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2F5FxfFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1557764043359%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3...
  • https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F5FxfFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1557764043359%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F5FxfFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1557764043359%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190513161406%3Aet%3A1557764046%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A472765478%3Ahid%3A588119622%3Ads%3A18%2C186%2C60%2C1%2C2486%2C0%2C0%2C%2C%2C2769%2C%2C%2C%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1557764046%3Au%3A155776404642548270%3At%3ARedirecting
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/5FxfFQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 May 2019 16:14:06 GMT
Last-Modified
Mon, 13-May-2019 16:14:06 GMT
Server
nginx/1.12.2
Location
/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F5FxfFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1557764043359%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190513161406%3Aet%3A1557764046%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A472765478%3Ahid%3A588119622%3Ads%3A18%2C186%2C60%2C1%2C2486%2C0%2C0%2C%2C%2C2769%2C%2C%2C%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1557764046%3Au%3A155776404642548270%3At%3ARedirecting
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://u.to
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 13-May-2019 16:14:06 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 13 May 2019 16:14:06 GMT
Last-Modified
Mon, 13-May-2019 16:14:06 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
https://u.to
Strict-Transport-Security
max-age=31536000
Location
/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F5FxfFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1557764043359%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190513161406%3Aet%3A1557764046%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A472765478%3Ahid%3A588119622%3Ads%3A18%2C186%2C60%2C1%2C2486%2C0%2C0%2C%2C%2C2769%2C%2C%2C%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1557764046%3Au%3A155776404642548270%3At%3ARedirecting
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 13-May-2019 16:14:06 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/5FxfFQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Mon, 13 May 2019 17:14:06 GMT
1
mc.yandex.ru/watch/51604940/
152 B
692 B
XHR
General
Full URL
https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F5FxfFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1557764043359%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190513161406%3Aet%3A1557764046%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A472765478%3Ahid%3A588119622%3Ads%3A18%2C186%2C60%2C1%2C2486%2C0%2C0%2C%2C%2C2769%2C%2C%2C%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1557764046%3Au%3A155776404642548270%3At%3ARedirecting
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/5FxfFQ
Origin
https://u.to
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 13 May 2019 16:14:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13-May-2019 16:14:06 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://u.to
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 13-May-2019 16:14:06 GMT
gallery-bank.css
www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/css/gallery-bank.css?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
81f2b4fc75d94e344480efc8d3c2af1afb17d953d5719fcf4852233132a1d0e2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 14:45:36 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Cache-Control
max-age=1209600
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=50
Content-Length
1398
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
pretty-photo.css
www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/css/
9 KB
2 KB
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/css/pretty-photo.css?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
310f3aaf8794bcbd1af30439881461f7e37637733c1a3b1052295b0dc2587959
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 14:45:36 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Cache-Control
max-age=1209600
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=50
Content-Length
1913
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
style.min.css
www.cleverheads.co.za/wp-includes/css/dist/block-library/
25 KB
5 KB
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-includes/css/dist/block-library/style.min.css?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jan 2019 06:40:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Cache-Control
max-age=1209600
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=50
Content-Length
4302
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
styles.css
www.cleverheads.co.za/wp-content/plugins/contact-form-7/includes/css/
1 KB
898 B
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.1
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jan 2015 23:59:44 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Cache-Control
max-age=1209600
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=50
Content-Length
469
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
public.css
www.cleverheads.co.za/wp-content/plugins/easy-facebook-likebox/public/assets/css/
697 B
797 B
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/easy-facebook-likebox/public/assets/css/public.css?ver=2.1.0
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
3ccf9d39b9d1aa2be14eb2dca5b860a0753d05690b92ff1c280fd2024bb12158
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Feb 2015 08:32:48 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Cache-Control
max-age=1209600
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=50
Content-Length
368
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
magnific-popup.css
www.cleverheads.co.za/wp-content/plugins/easy-facebook-likebox/public/assets/popup/
8 KB
2 KB
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/easy-facebook-likebox/public/assets/popup/magnific-popup.css?ver=2.1.0
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
d166922c05a36bfca3bc5a366be935351848c9bb75e348aeda537fad6d4b8d59
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Feb 2015 08:32:48 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
1950
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
style.css
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/
66 KB
13 KB
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/style.css?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
f7f83395be6cb8a42d6d1baf253a3a24c0aad8a6199af93ff9f25f324d29b461
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Feb 2015 10:48:40 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
12789
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
responsive.css
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/css/
3 KB
1 KB
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/css/responsive.css?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
67e9bf75af6297c31f034631c0e73fbcfbbea74d05d9994c5e07e0beb268b8fa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Feb 2015 10:07:16 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
774
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
font-awesome.css
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/css/
25 KB
5 KB
Stylesheet
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/css/font-awesome.css?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
4983
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Cgreek-ext%2Ccyrillic%2Clatin-ext%2Cgreek%2Ccyrillic-ext%2Cvietnamese&ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
55080bffa77056458aeda3b7163b697620e24537b68417abb06cf99b475f990b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 16:14:07 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Mon, 13 May 2019 16:14:07 GMT
jquery.js
www.cleverheads.co.za/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 11:05:38 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
33766
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
jquery-migrate.min.js
www.cleverheads.co.za/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 11:05:38 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
4014
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
jquery.masonry.min.js
www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/js/
8 KB
3 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/js/jquery.masonry.min.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
e84af797481320cc3dd05841f3fd77ccf0f709736f2608cfecbdc63735d54e0e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 14:45:36 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
2945
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
isotope.pkgd.js
www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/js/
56 KB
13 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/js/isotope.pkgd.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
d886986fc4395cfb213cd7c96eacafdd1c4a0dbf19d46488eb6447edabc598b3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 14:45:36 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
12509
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
img-liquid.js
www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/js/
13 KB
4 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/js/img-liquid.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
58caabd25674c4bef57bacd8f5c2940242abff7b9592ee32c94fd3d2bc059b4c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 14:45:36 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
3341
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
jquery.pretty-photo.js
www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/js/
30 KB
7 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/gallery-bank/assets/js/jquery.pretty-photo.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
8f7e1f0a0745712d936f375968f9ff5089afcebf93fe4027fbf418c75db927fb
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 14:45:36 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
7033
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
jquery.fancyzoom.min.js
www.cleverheads.co.za/wp-content/plugins/random-image-gallery-with-fancy-zoom/js/
9 KB
3 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/random-image-gallery-with-fancy-zoom/js/jquery.fancyzoom.min.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
23badbd3a57ecbbe9291aa864ee1d01ba332c9c3fcd82f352ac6ea0e528e8a97
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jan 2015 12:28:14 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=47
Content-Length
3069
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
jquery.magnific-popup.min.js
www.cleverheads.co.za/wp-content/plugins/easy-facebook-likebox/public/assets/popup/
21 KB
8 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/easy-facebook-likebox/public/assets/popup/jquery.magnific-popup.min.js?ver=2.1.0
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
c2d56dd7e65d0d121af8c7d350de071bcc29fd117dc7802f7f9cee66e24d9798
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Feb 2015 08:32:48 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
7691
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
public.js
www.cleverheads.co.za/wp-content/plugins/easy-facebook-likebox/public/assets/js/
125 B
545 B
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/easy-facebook-likebox/public/assets/js/public.js?ver=2.1.0
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
2c93b1355dc090806c65b5c4bd7bdbcf39ac6c4ef9e052be532bbaa2a5001147
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Feb 2015 08:32:48 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=47
Content-Length
126
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
superfish.js
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/
5 KB
2 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/superfish.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
0512c7fada9c8d115cb932e91ebe5a621c70146dd32d5a01e59bfe9bf05acfad
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=47
Content-Length
1763
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
supersubs.js
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/
3 KB
2 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/supersubs.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
8223d671d9905e6845c6b7e308612663ab40b03430230623834f70c9cd9e2450
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=46
Content-Length
1548
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:07 GMT
jquery.flexslider.js
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/
40 KB
9 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/jquery.flexslider.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
026b7d9dec37d7235d687d1d5d55e14c840ebcda96d536a4cb42821e51aa831d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
8980
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
tinynav.js
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/
2 KB
1 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/tinynav.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
e29e89e4d847ee4046ea428ff9fad57cb107219dd10d6dee71f27cdc8728b487
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=47
Content-Length
849
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
jquery.refineslide.js
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/
29 KB
7 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/jquery.refineslide.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
d8dcd1672847a13096a76de5f775ef7bb4a16dc222352e2319a3e7bfb3080494
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=47
Content-Length
7153
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
imgLiquid.js
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/
12 KB
4 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/imgLiquid.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
7d530245f62b88ee342ceb5aafa8373f52e58c9fdce6375e8906a67a938dc78f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=46
Content-Length
3308
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
wp-emoji-release.min.js
www.cleverheads.co.za/wp-includes/js/
12 KB
5 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-includes/js/wp-emoji-release.min.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 11:05:38 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=46
Content-Length
4382
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
logooo.png
www.cleverheads.co.za/wp-content/uploads/2015/02/
74 KB
75 KB
Image
General
Full URL
http://www.cleverheads.co.za/wp-content/uploads/2015/02/logooo.png
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
f63cc96a2f1b5a6caa0f422f7f37bfb831f588222d3295de200f496576a82edc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Last-Modified
Mon, 23 Feb 2015 10:46:26 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=45
Content-Length
76228
X-XSS-Protection
1; mode=block
Expires
Tue, 14 May 2019 16:14:08 GMT
2-format1001.jpg
www.wiwo.de/images/studienkredite-nicht-uebereilt-aufnehmen-konditionen-gut-vergleichen/7063420/
46 KB
47 KB
Image
General
Full URL
https://www.wiwo.de/images/studienkredite-nicht-uebereilt-aufnehmen-konditionen-gut-vergleichen/7063420/2-format1001.jpg
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:de0e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8424dc63dc7adf36d3549a84bc1f612bd07451e949a76c6087b35a574fc3b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 16:14:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=48320, status=webp_bigger
status
200
edge-control
max-age=31104000
vary
Accept-Encoding
content-length
47322
x-xss-protection
1; mode=block
last-modified
Wed, 29 Aug 2012 05:20:47 GMT
server
cloudflare
etag
"5ab1a51c17d694966dc14d720215add9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
*
content-type
image/jpeg;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31104000
accept-ranges
bytes
cf-ray
4d65ec787f0a63d1-FRA
access-control-allow-headers
Accept,Accept-Charset,Accept-Encoding,Accept-Language,Connection,Content-Type,Cookie,DNT,Host,Keep-Alive,Origin,Referer,User-Agent,X-CSRF-Token,X-Requested-With
cf-bgj
imgq:100
crop-random-image.php
www.cleverheads.co.za/wp-content/plugins/random-image-gallery-with-fancy-zoom/
10 KB
10 KB
Image
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/random-image-gallery-with-fancy-zoom/crop-random-image.php?AC=YES&DIR=wp-content/plugins/random-image-gallery-with-fancy-zoom/random-gallery/&IMGNAME=IMG_20150213_115746.JPG&MAXWIDTH=210
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
d5f72da511f0aebc37cda3b89987a8a233c53f4b233440747391ad354614eda9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/jpeg
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=44
X-XSS-Protection
1; mode=block
pdf2.png
www.cleverheads.co.za/wp-content/uploads/2015/02/
35 KB
35 KB
Image
General
Full URL
http://www.cleverheads.co.za/wp-content/uploads/2015/02/pdf2.png
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
132c6776d3f5d75b713124d9cbde9f24f2e0dc8ba90361fd0c0e5394f56c7f95
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Last-Modified
Fri, 20 Feb 2015 09:14:30 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=45
Content-Length
35603
X-XSS-Protection
1; mode=block
Expires
Tue, 14 May 2019 16:14:08 GMT
jquery.form.min.js
www.cleverheads.co.za/wp-content/plugins/contact-form-7/includes/js/
15 KB
6 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jan 2015 23:59:44 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=45
Content-Length
5860
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
scripts.js
www.cleverheads.co.za/wp-content/plugins/contact-form-7/includes/js/
11 KB
3 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.1
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
80101386673ac21ee83bdf9d17415fc9eb68c4fc97f0a29feccf724f5268d3ad
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jan 2015 23:59:44 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=46
Content-Length
3104
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
custom.js
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/
819 B
885 B
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/custom.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
4af09ae1ff01e7318486c3dc83c2ad5d862ef44e6b099841b316834a8c6a1347
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=46
Content-Length
466
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
scrollup.js
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/
472 B
684 B
Script
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/js/scrollup.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
f46d0b0917c786b85bdc3d1aef921e2ceba7949dc7961b05beb289cc570a1672
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=47
Content-Length
265
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
wp-embed.min.js
www.cleverheads.co.za/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
http://www.cleverheads.co.za/wp-includes/js/wp-embed.min.js?ver=5.0.4
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 11:05:38 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=45
Content-Length
753
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v10/
11 KB
12 KB
Font
General
Full URL
http://fonts.gstatic.com/s/ptsans/v10/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Cgreek-ext%2Ccyrillic%2Clatin-ext%2Cgreek%2Ccyrillic-ext%2Cvietnamese&ver=5.0.4
Origin
http://www.cleverheads.co.za

Response headers

Date
Sat, 09 Mar 2019 00:13:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Feb 2019 22:36:22 GMT
Server
sffe
Age
5673660
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11380
X-XSS-Protection
1; mode=block
Expires
Sun, 08 Mar 2020 00:13:08 GMT
fontawesome-webfont.woff
www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/fonts/
82 KB
82 KB
Font
General
Full URL
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.cleverheads.co.za/wp-content/themes/simpleo.2.0.2/simpleo/css/font-awesome.css?ver=5.0.4
Origin
http://www.cleverheads.co.za

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Last-Modified
Wed, 21 May 2014 18:54:58 GMT
Server
Apache
Vary
User-Agent
Content-Type
font/woff
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=44
Content-Length
83760
X-XSS-Protection
1; mode=block
Expires
Mon, 27 May 2019 16:14:08 GMT
jizYRExUiTo99u79D0e0x8mIAjcQ-w.woff2
fonts.gstatic.com/s/ptsans/v10/
12 KB
12 KB
Font
General
Full URL
http://fonts.gstatic.com/s/ptsans/v10/jizYRExUiTo99u79D0e0x8mIAjcQ-w.woff2
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
07a19c207c010d8519c928d38b756bb3785b088a89058bc280aa49c37db2d225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Cgreek-ext%2Ccyrillic%2Clatin-ext%2Cgreek%2Ccyrillic-ext%2Cvietnamese&ver=5.0.4
Origin
http://www.cleverheads.co.za

Response headers

Date
Fri, 08 Mar 2019 23:55:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Feb 2019 22:37:02 GMT
Server
sffe
Age
5674724
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
12048
X-XSS-Protection
1; mode=block
Expires
Sat, 07 Mar 2020 23:55:24 GMT
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v10/
11 KB
12 KB
Font
General
Full URL
http://fonts.gstatic.com/s/ptsans/v10/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Cgreek-ext%2Ccyrillic%2Clatin-ext%2Cgreek%2Ccyrillic-ext%2Cvietnamese&ver=5.0.4
Origin
http://www.cleverheads.co.za

Response headers

Date
Fri, 08 Mar 2019 23:16:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Feb 2019 22:36:54 GMT
Server
sffe
Age
5677042
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11504
X-XSS-Protection
1; mode=block
Expires
Sat, 07 Mar 2020 23:16:46 GMT
all.js
connect.facebook.net/en_GB/
Redirect Chain
  • http://connect.facebook.net/en_GB/all.js
  • https://connect.facebook.net/en_GB/all.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_GB/all.js
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f55c160ff2d000ebbfe7778821a42055364794aededb76303223652b45adac0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5iNDBwp7hL8qfgkYzFR4LA==
status
200
date
Mon, 13 May 2019 16:14:08 GMT
vary
Accept-Encoding
content-length
1781
x-fb-debug
jZEDBwyshOStdYrHNiH22xiEYOo92VKgtCc3XhsIZqyRqdXLDgC82Qjlxs10ZOPJj11ABjQLt4ehvg/kS/HylQ==
x-fb-content-md5
75cb3f78cfb1ede5a37f6b61a75f59e7
etag
"4196f269f8f794627204495d1f414ba6"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 13 May 2019 16:15:47 GMT

Redirect headers

Location
https://connect.facebook.net/en_GB/all.js#xfbml=1&appId=395202813876688
Non-Authoritative-Reason
HSTS
all.js
connect.facebook.net/en_GB/
187 KB
55 KB
Script
General
Full URL
https://connect.facebook.net/en_GB/all.js?hash=30f1ff9f890062d074576dd3314f216f&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fef03b24fd3d07b5e048918bf0d3655add24151d2c747d3eba216de14f11edef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Origin
http://www.cleverheads.co.za

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
w5I6zdLTjDNlk4xjsWJ/gA==
status
200
date
Mon, 13 May 2019 16:14:08 GMT
vary
Accept-Encoding
content-length
56492
x-fb-debug
o7PDGY6l+FWPT04t3i/+86ZEn4r3dbqtRzu/YyQI5OM4zJgNqJ7Caueu5DkGMiZvF3lqfEaHSRJ044qwB91Z2Q==
x-fb-content-md5
45fa730ae40825d4e47cf9c7e1a12341
etag
"25dfa043933965f645758952edd56695"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 12 May 2020 15:15:45 GMT
zoom.png
www.cleverheads.co.za/wp-content/plugins/random-image-gallery-with-fancy-zoom/ressources/
1 KB
1 KB
Image
General
Full URL
http://www.cleverheads.co.za/wp-content/plugins/random-image-gallery-with-fancy-zoom/ressources/zoom.png
Requested by
Host: www.cleverheads.co.za
URL: http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
Protocol
HTTP/1.1
Server
169.239.218.15 Johannesburg, South Africa, ASN327979 (DIAMATRIX, ZA),
Reverse DNS
cp5.domains.co.za
Software
Apache /
Resource Hash
8361b57982becee4215a9a7d86599f74d9be7afef2208c779790b7dec353bead
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 16:14:08 GMT
Last-Modified
Tue, 06 Jan 2015 12:28:14 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=46
Content-Length
1140
X-XSS-Protection
1; mode=block
Expires
Tue, 14 May 2019 16:14:08 GMT
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 07BE
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=30f1ff9f890062d074576dd3314f216f&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
accept-encoding
gzip, deflate, br
cookie
fr=0XoOYisReaAyCRomU..Bc2ZfO...1.0.Bc2ZfO.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Wed, 06 May 2020 21:12:03 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
Jb8FVIF/+Xk+98KeJCVfXS5Id7SExi6362BHktE2zCZJNdB6ih0RXayyFpaY9smEKxVqPxCV5ZOpmixA0wfpjg==
content-length
11009
date
Mon, 13 May 2019 16:14:09 GMT
ping
www.facebook.com/connect/ Frame FB88
0
0
Document
General
Full URL
https://www.facebook.com/connect/ping?client_id=395202813876688&domain=www.cleverheads.co.za&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df5ce36b804818%26domain%3Dwww.cleverheads.co.za%26origin%3Dhttp%253A%252F%252Fwww.cleverheads.co.za%252Ff2b16294ec1c86%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=30f1ff9f890062d074576dd3314f216f&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/connect/ping?client_id=395202813876688&domain=www.cleverheads.co.za&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df5ce36b804818%26domain%3Dwww.cleverheads.co.za%26origin%3Dhttp%253A%252F%252Fwww.cleverheads.co.za%252Ff2b16294ec1c86%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
accept-encoding
gzip, deflate, br
cookie
fr=0XoOYisReaAyCRomU..Bc2ZfO...1.0.Bc2ZfO.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
oUjxLhzCa6CadxupHC8q2AYdcGQiBumLTKhSnoREXyyEVyGsdcrpwltFyKtQDj0V/Ayaoad4vWra+opNFjWfDw==
date
Mon, 13 May 2019 16:14:09 GMT
like_box.php
www.facebook.com/plugins/ Frame 8048
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2b78dcf3304608%26domain%3Dwww.cleverheads.co.za%26origin%3Dhttp%253A%252F%252Fwww.cleverheads.co.za%252Ff2b16294ec1c86%26relation%3Dparent.parent&color_scheme=dark&container_width=192&header=true&height=800&href=https%3A%2F%2Fwww.facebook.com%2Fcleverheadssomersetwest&locale=en_GB&sdk=joey&show_border=true&show_faces=true&stream=true&width=250
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=30f1ff9f890062d074576dd3314f216f&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like_box.php?app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2b78dcf3304608%26domain%3Dwww.cleverheads.co.za%26origin%3Dhttp%253A%252F%252Fwww.cleverheads.co.za%252Ff2b16294ec1c86%26relation%3Dparent.parent&color_scheme=dark&container_width=192&header=true&height=800&href=https%3A%2F%2Fwww.facebook.com%2Fcleverheadssomersetwest&locale=en_GB&sdk=joey&show_border=true&show_faces=true&stream=true&width=250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw
accept-encoding
gzip, deflate, br
cookie
fr=0XoOYisReaAyCRomU..Bc2ZfO...1.0.Bc2ZfO.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.cleverheads.co.za/docs/cache/atde-myoffice/privat_products.php/bcbzc/haz/?youll=t10tuxvydx110dw

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
ngVsiE1v6UjqE/Kef4Rzs5kmwqsTw8N702/XeAlePsO+AqaRlp4L9hHdJBlBUAzwRZVNSs/jXkM2e7bHVuax1w==
date
Mon, 13 May 2019 16:14:09 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings undefined| $ function| jQuery object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| imgLiquid boolean| pp_alreadyInitialized object| CGMPGlobal object| twemoji object| wp object| _wpcf7 function| script function| sf object| jQuery112409149571561943566 object| FB function| scrollup object| $ULs

1 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0XoOYisReaAyCRomU..Bc2ZfO...1.0.Bc2ZfO.

1 Console Messages

Source Level URL
Text
console-api log URL: http://www.cleverheads.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
staticxx.facebook.com
u.to
www.cleverheads.co.za
www.facebook.com
www.infowine.com
www.wiwo.de
151.1.203.194
169.239.218.15
195.216.243.155
2606:4700::6813:de0e
2a00:1450:4001:817::200a
2a00:1450:4001:81e::2003
2a02:6b8::1:119
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
88.212.201.194
026b7d9dec37d7235d687d1d5d55e14c840ebcda96d536a4cb42821e51aa831d
0512c7fada9c8d115cb932e91ebe5a621c70146dd32d5a01e59bfe9bf05acfad
07a19c207c010d8519c928d38b756bb3785b088a89058bc280aa49c37db2d225
132c6776d3f5d75b713124d9cbde9f24f2e0dc8ba90361fd0c0e5394f56c7f95
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
23badbd3a57ecbbe9291aa864ee1d01ba332c9c3fcd82f352ac6ea0e528e8a97
2c93b1355dc090806c65b5c4bd7bdbcf39ac6c4ef9e052be532bbaa2a5001147
305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655
310f3aaf8794bcbd1af30439881461f7e37637733c1a3b1052295b0dc2587959
3ccf9d39b9d1aa2be14eb2dca5b860a0753d05690b92ff1c280fd2024bb12158
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4af09ae1ff01e7318486c3dc83c2ad5d862ef44e6b099841b316834a8c6a1347
4bddd6e677480a259bdbc7a8fdf930b18edaf8a81a6e0b46edbe2eb2da6d867b
55080bffa77056458aeda3b7163b697620e24537b68417abb06cf99b475f990b
58caabd25674c4bef57bacd8f5c2940242abff7b9592ee32c94fd3d2bc059b4c
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
67e9bf75af6297c31f034631c0e73fbcfbbea74d05d9994c5e07e0beb268b8fa
7d530245f62b88ee342ceb5aafa8373f52e58c9fdce6375e8906a67a938dc78f
80101386673ac21ee83bdf9d17415fc9eb68c4fc97f0a29feccf724f5268d3ad
81f2b4fc75d94e344480efc8d3c2af1afb17d953d5719fcf4852233132a1d0e2
8223d671d9905e6845c6b7e308612663ab40b03430230623834f70c9cd9e2450
8361b57982becee4215a9a7d86599f74d9be7afef2208c779790b7dec353bead
8f7e1f0a0745712d936f375968f9ff5089afcebf93fe4027fbf418c75db927fb
96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
c2d56dd7e65d0d121af8c7d350de071bcc29fd117dc7802f7f9cee66e24d9798
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
d166922c05a36bfca3bc5a366be935351848c9bb75e348aeda537fad6d4b8d59
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d5f72da511f0aebc37cda3b89987a8a233c53f4b233440747391ad354614eda9
d886986fc4395cfb213cd7c96eacafdd1c4a0dbf19d46488eb6447edabc598b3
d8dcd1672847a13096a76de5f775ef7bb4a16dc222352e2319a3e7bfb3080494
e29e89e4d847ee4046ea428ff9fad57cb107219dd10d6dee71f27cdc8728b487
e84af797481320cc3dd05841f3fd77ccf0f709736f2608cfecbdc63735d54e0e
f46d0b0917c786b85bdc3d1aef921e2ceba7949dc7961b05beb289cc570a1672
f55c160ff2d000ebbfe7778821a42055364794aededb76303223652b45adac0e
f63cc96a2f1b5a6caa0f422f7f37bfb831f588222d3295de200f496576a82edc
f7f83395be6cb8a42d6d1baf253a3a24c0aad8a6199af93ff9f25f324d29b461
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fef03b24fd3d07b5e048918bf0d3655add24151d2c747d3eba216de14f11edef
ff8424dc63dc7adf36d3549a84bc1f612bd07451e949a76c6087b35a574fc3b7