urlscan.io logo urlscan.io
SecurityTrails logo

pay.obotofertas.online Open in urlscan Pro
172.67.202.27  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Submission: On December 14 via api from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 38 HTTP transactions. The main IP is 172.67.202.27, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay.obotofertas.online.
TLS certificate: Issued by GTS CA 1P5 on December 13th 2023. Valid for: 3 months.
This is the only time pay.obotofertas.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 172.67.202.27 13335 (CLOUDFLAR...)
1 172.217.18.10 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 3 104.16.125.175 13335 (CLOUDFLAR...)
1 104.16.89.20 13335 (CLOUDFLAR...)
2 52.216.248.164 16509 (AMAZON-02)
1 18.239.36.64 16509 (AMAZON-02)
1 172.217.23.99 15169 (GOOGLE)
1 54.74.59.74 16509 (AMAZON-02)
1 13.224.222.50 16509 (AMAZON-02)
38 12
27    172.67.202.27 (United States)

ASN13335 (CLOUDFLARENET, US)
pay.obotofertas.online
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.seondf.com
3    104.16.125.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    52.216.248.164 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
cloudfox-digital-products.s3.amazonaws.com
1    18.239.36.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-64.ams58.r.cloudfront.net
api.gateway.cashtimepay.com.br
1    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
fonts.gstatic.com
1    54.74.59.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-59-74.eu-west-1.compute.amazonaws.com
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondfresolver.com
1    13.224.222.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-222-50.lhr61.r.cloudfront.net
207ea8be-6675-4183-baaf-fbc064999cf1.seondfresolver.com
Apex Domain
Subdomains		 Transfer
27 obotofertas.online
pay.obotofertas.online
692 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 857
8 KB
2 seondfresolver.com
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondfresolver.com — Cisco Umbrella Rank: 327123
207ea8be-6675-4183-baaf-fbc064999cf1.seondfresolver.com
2 KB
2 amazonaws.com
cloudfox-digital-products.s3.amazonaws.com
355 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 cashtimepay.com.br
api.gateway.cashtimepay.com.br
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
3 KB
1 seondf.com
cdn.seondf.com — Cisco Umbrella Rank: 147321
158 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
38 10
Domain Requested by
27 pay.obotofertas.online pay.obotofertas.online
3 unpkg.com 2 redirects pay.obotofertas.online
2 cloudfox-digital-products.s3.amazonaws.com pay.obotofertas.online
1 207ea8be-6675-4183-baaf-fbc064999cf1.seondfresolver.com cdn.seondf.com
1 eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondfresolver.com cdn.seondf.com
1 fonts.gstatic.com fonts.googleapis.com
1 api.gateway.cashtimepay.com.br pay.obotofertas.online
1 cdn.jsdelivr.net pay.obotofertas.online
1 cdn.seondf.com pay.obotofertas.online
1 cdnjs.cloudflare.com pay.obotofertas.online
1 fonts.googleapis.com pay.obotofertas.online
38 11

This site contains no links.

Subject Issuer Validity Valid
obotofertas.online
GTS CA 1P5		 2023-12-13 -
2024-03-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
seondf.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
gateway.cashtimepay.com.br
Amazon RSA 2048 M02		 2023-09-19 -
2024-10-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-22 -
2024-03-22		 a year crt.sh
*.seondfresolver.com
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Frame ID: 0E591A975877EC67235B9FB21474C7B8
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kit Coffe - Checkout

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

38
Requests

97 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

1272 kB
Transfer

2504 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://unpkg.com/@popperjs/core@2 HTTP 302
  • https://unpkg.com/@popperjs/core@2.11.8 HTTP 302
  • https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 65XDZB9wQwR3VJw
pay.obotofertas.online/ 		120 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf1a3ac6183548afa35c0088364ae8ff11d14559c262702a3c04615869fe07b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8358edd14d9a9b55-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 19:42:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMU2gIACmZ3rPH1JIyFKXTeDTtfVo94EZM2FCuWWXl2yl8g4SDdWrLXrsJiNaeXQWQHhz66X8OUIfPJ9H8R7cBMKYYiv5KcNZNLaasBNkhpPsIW5zs1AEsWVz%2BkEvyJ%2FCG28Dh5EriLg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
checkout.min.css
pay.obotofertas.online/assets/css/ 		293 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/assets/css/checkout.min.css?id=18d3e51ae5a823d5872b72114e9ad940
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf3c7c4d1934f1a517bfc597f28d7d0baf514e444d76b2ce69cf2e69163dfcd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Dec 2023 11:12:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6579918b-49232"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvL5gmpnZvwmASVZIzaxtj4pbdJ1V7M2JWFNJnYy63adUTnqzfTJGKUJXKPy1HaBsp%2FwGLaKdnlYJQkjg56eMww5lsPgeMQ0QgMdfNyzSwsTPKpirCtiUe1BLiJfHx8JNdJEYc4mI%2BTJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
8358edda08ea9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
sirius-font.min.css
pay.obotofertas.online/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/assets/css/sirius-font.min.css?id=3cf38d56b0abca59edb92e7a15069783
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709227fc385314e7db25548c5949212f3383d0e3c43f4c7506e77bab290b8c82

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 19 Apr 2023 18:19:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64403096-10ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dZcQO24lofXJzQdKv79PoSMJI4eJ7jK%2FT2fE7e9NjdNzIwkEyr8%2FiFxSUgC9Gy5w%2FiShpuTNt5s4EEpae4SQTrqOx%2F3XhqI4wyRwIeb%2FKtaXNjvjrxl5K3G2p7XmkaG0tZGLv87aLz6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
8358edda08f09b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
4544f00cd5f661622ed335dde404b4b24851ef95ec6d08e1b34c4e8d538b8994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 14 Dec 2023 19:42:17 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.obotofertas.online/
Origin
https://pay.obotofertas.online
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2985730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe7iPZ35RMnIHaVMAqE6W98wF1JVU8IdGMpgnKbTy0ymtkGDkklMU1yrdqvJ376HSRj9xQa3gSP4b6xfeeEszRQ4o6%2FvqctWLKY7IkofdYlHh%2Byfmx4voY1ZSc5GZEpIi1iq2uyg"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8358eddcbafd036e-FRA
expires
Tue, 03 Dec 2024 19:42:17 GMT
agent.js
cdn.seondf.com/js/v5/ 		523 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.seondf.com/js/v5/agent.js
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41a51116d42ac12de97ad20bf747405d397c4a86a977b0da3406b4a3f270f4dd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
x-amz-version-id
TZkBaDQvbB0IHp8g.DOhH5kVBmdqFzC0
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
age
2127
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Nov 2023 15:07:10 GMT
server
cloudflare
etag
W/"1ff42cb10464e542534564208ea9b1f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faQdFicoq1Feng146aqTLbbfE2Qi1l5qLDYk0i3nneEjXgp1bnWT171HPyg9289ejHhk1jKGpwhv%2FO6zO2XkEwM%2FzMTlG97KzXO8P1irGh2f2WHTM3neqcqd5ZRj3%2BCJng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8358eddccc191957-FRA
x-amz-cf-id
CHstKldVdHGlfSYTHWl53u21CFozKA4RHDYtNprgElUHwbghcEAqLg==
jquery-3.3.1.min.js
pay.obotofertas.online/assets/js/ 		192 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/assets/js/jquery-3.3.1.min.js?id=b4ae30631848f1183f71ddc2fa8e631d
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6527e807e636deed78a78349706962a9a907051bf378fed8042817bf2ebde193

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-2fece"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlZr%2FEtLojkkED7%2BVImI7tME5WSdg8reNdovIRuNvueWdBgdSF6p2SnY1euqp2OUuwFoZOYLSML8eS7v%2F4%2BOEdwqSvin9EwUcJ5Crbb7FLS4ZA3owGoN22vb9Z7Fs1ImRqmt2ROaWe%2F7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8358edda08f29b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
popper.min.js
unpkg.com/@popperjs/core@2.11.8/dist/umd/
Redirect Chain
  • https://unpkg.com/@popperjs/core@2
  • https://unpkg.com/@popperjs/core@2.11.8
  • https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Server
104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1188649
last-modified
Fri, 26 May 2023 17:27:16 GMT
fly-request-id
01HGHG12XEDV90S34W0Q68NBRW-fra
server
cloudflare
etag
W/"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8358eddd7dd718ff-FRA

Redirect headers

date
Thu, 14 Dec 2023 19:42:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HGHZCXM94EZZDB6EK8A705VP-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1172533
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@popperjs/core@2.11.8/dist/umd/popper.min.js
cache-control
public, max-age=31536000
cf-ray
8358eddd1d3618ff-FRA
fp.min.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs-pro@3/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs-pro@3/dist/fp.min.js
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1bbcdb46ed57a2bb052568dc68e96c61135ea65d51db9f904942085141746c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8788
x-jsd-version
3.8.6
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230127-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"1a0c-LPrChSZt9St9icCZWR/P1edvevo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JECfRXebXuUaGTiHiiSQt3RXvbI6LrEmpOZczWsWFt3Tdm1S0hPGJN%2FU90d588MtSZyv4sUJEaQaJqg8%2FCIS79tJ%2Fz0ENsnBpIq2Ydtjx%2B9wCLwsxLEI5F4QzJH%2BtnJizbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8358eddcbe0d2bea-FRA
vkdsmAMIwYyex13fhHKkCgRixRZKxvx8UX0s6WHM.png
cloudfox-digital-products.s3.amazonaws.com/uploads/user/KN1nVZpj8jglM6B/public/stores/2RmA83E1D13PVpY/logo/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudfox-digital-products.s3.amazonaws.com/uploads/user/KN1nVZpj8jglM6B/public/stores/2RmA83E1D13PVpY/logo/vkdsmAMIwYyex13fhHKkCgRixRZKxvx8UX0s6WHM.png
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.248.164 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
67ca34577fcb9f9c67c65fa2e9fe699adb403d56cf330961c113b94a268aaaa3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 14 Dec 2023 19:42:18 GMT
x-amz-version-id
3X8D6fLYVl2Jl5ZZTVlNCiRpNh3ukIrF
Last-Modified
Thu, 14 Dec 2023 09:22:46 GMT
Server
AmazonS3
x-amz-request-id
W40HJ962R02R7V38
ETag
"57bf5f254834fefd917654a19d90f03d"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
20355
x-amz-id-2
ejplu4uJbGjkqDiWGWVsKN99UvmaFSW1e9josq4mzyxSEqh6HaR1KYYYx4YAfXomGHKEWcE0/T0=
safe-payment.svg
pay.obotofertas.online/assets/img/ 		14 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/safe-payment.svg?v=1702582936
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7466ec09c936a7445fb3abe05cfc2a639376188071f80ef41823adc953ea7fcf

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Oct 2023 22:50:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65306147-3753"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEBP%2FHejZGebMtVZqYQdP28mR6rtJB4Q2hbCfaEaXfjX5LbYuRZRP%2FhO62R%2FK7S7WQjogw2BQgeTkiSt1ufYOs5n5EQavJS3qXCdFya5pKZpJS0cRCUKhEIxTKrRfOYRJHED4smhJAlV"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358edda08f79b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
HfIQr6Z9nIrheTWmk2AfNkxHoLzRUHKPozeDqV03.png
cloudfox-digital-products.s3.amazonaws.com/uploads/public/products/ 		334 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloudfox-digital-products.s3.amazonaws.com/uploads/public/products/HfIQr6Z9nIrheTWmk2AfNkxHoLzRUHKPozeDqV03.png
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.248.164 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e4a9dd37c2dba34558556a9a1c8b5a09196c675f44cd9512eaf84667bd445810

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 14 Dec 2023 19:42:18 GMT
x-amz-version-id
Il3vkPUsrSwPT5utOE.39HyMaPcJkALH
Last-Modified
Thu, 14 Dec 2023 09:05:53 GMT
Server
AmazonS3
x-amz-request-id
W40NBCVK6HKMG3SE
ETag
"583f9af84e722dd60d1f56298effcf6b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
342404
x-amz-id-2
jZgQHX+C+BsA71ENTy4qwmiLo+ymU0ziF50IllpZJCV5oz70Rrhs3F1DyQNO6ctFgDkbrcbPqi0=
minus.svg
pay.obotofertas.online/assets/img/ 		236 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/minus.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee7c8a64545ee88b6820c39ac79488d03b79f630162ffbdcc08600146715381f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djWCjqcUNQqs3Ew%2BPJYvgmQ1h4N3Yqp3KIRbJv0MjierS4va5%2FTWoI%2FhbH6Rc5D2AxfULu7uPgSpbp52cbWSWlc5Hbs6ESfHU2Qc2Q2jgVziOlq8zUuxRfxI7mGcsKomGXFEqevntYE%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358edde3fda9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
plus.svg
pay.obotofertas.online/assets/img/ 		359 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/plus.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb546b51bc8f8c5d1ddbc278f48bd76827bda323c1fb5ef695a74a26aa55b75

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-167"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5trEEXJXKCB7RMGSdKREpItG2s9uWqmwr04Ifd6NyL%2FNm9qUzUuUnk5hckHDr%2FBD4CWZNckQTPNsEpARJqkOcdhbBaXIl0XjuUl9jiwsQ29OTIDmX9cyh1OjReWCeNkXW%2BHHtvgDQKb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede03aa19b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
safebuyshild.svg
pay.obotofertas.online/assets/img/ 		835 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/safebuyshild.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9e86109ac46a54c1fe11afe973ed6bb1991dde5a75b3bc398be46db2acf49f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-343"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWe2TxHywik4s5Y1skP2M1Iq%2Fi88sFybUm2rYJlyu3oFj%2Brjx31L5kXtBvZ66PoMUYllsS0zn606bbKhh0sgjeVUm0FKbnYpK%2BXasu8RKGR9ZEEqUOgmyDXDH9MhUrNu1H1CJljbTERF"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede04abb9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
loading-gif-cloudfox.gif
pay.obotofertas.online/assets/gif/ 		432 KB
433 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/gif/loading-gif-cloudfox.gif
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbab5cbf7b28ff8bda40e28131fc491b7945e8cd90e510d535b76b8792475d0e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:18 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"638f8a68-6c0bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDaF2TbsOyn0WmlGt1rUQ8O8wQXCVsckVALoGGy%2FU0puXr8gEINFX0FLyQYp3DMH1jZ%2FEz7XWa%2BOHKOyB84vsSSOmhFgdWFKLnBSjPuCcZGZUpmCeDa%2F%2Beugp9%2BaBUBot9%2FAZf%2BOv%2BxH"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8358ede04abd9b55-FRA
alt-svc
h3=":443"; ma=86400
content-length
442559
expires
Thu, 31 Dec 2037 23:55:55 GMT
error_cupom.svg
pay.obotofertas.online/assets/img/ 		811 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/error_cupom.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc419562d45f96d96b084be4ddd337cd7d84f953e505f33d6a3656b74adc0fd4

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-32b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oi3goiU%2BCCulWyrtc1%2FMy8hjrFa%2F%2BAB4ysxftbe4ZyO4LAu7vuqWQWMLvVQuwePZsgQght4Rs3I7CI3Ul2OkkdiGN6agXrF9MnvManvmSt1VrG%2BWOlVHDD3CcqUyn%2Bmpb%2FE1xILOdWjw"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede04abf9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
safe.svg
pay.obotofertas.online/assets/img/ 		750 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/safe.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c415e96fee56febe0b29bf679939c2f8269214531902a3361156565766839f40

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-2ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FRjEFSYSaEGZslGaLs02GEAOvW1I38qwx3qDZcbTPw1AO5eVFmkuJn1f%2FqxbL0V4wp6EZLPWeSqEwJ76Cz%2Bpo49wl48B%2ByjhAjgjx6aQExrspquwmKC86k3qo6L%2FY5pfxl7U2JF3nHe"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede04ac19b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
safe-outline.svg
pay.obotofertas.online/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/safe-outline.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373f2261dbf8d91b85042f2003b40bfd9a01fe881a3b8a745ac8527a0fda9729

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uk2AUff5aGFu7U8Q5L4b6ZiTm0xAqgNbyifZ%2F9duSkry%2FQJVK6PnOzTrI0kJe%2BxBpI8vcGUVrtT2LT9iYPj5T%2Bz9Wc6OpE1GUjta%2BzGXjWUyB0uG6DdttqT%2F%2BvwA8fBaERHkfGOJadL8"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede05ac29b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
shield-lock.svg
pay.obotofertas.online/assets/img/ 		1 KB
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/shield-lock.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b3bfee2b60ca042992e900df5b1d3058af3c8bd767e8e979b5b149da9a415e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-4ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2uKr2oaWmJKgHHPwwYWawktk0GOQuBJH1DsKwB80ec0LWEod9yMGOcu6I5XO2Jo%2BDWjrhY3jPUBXDKCyvN3A0k3SQmUDQAKAQb0mUPgec6q16ykGHGg857ECdpasWUjDmPWQpyY9I7T"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede05ac69b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
clock.svg
pay.obotofertas.online/assets/img/ 		1 KB
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/clock.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c5ff80fcd20bd0215a3759dd512682e59ebb3aca8629475e2e54285a6bc4c29

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-436"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktS4pcynxQP4s%2FRxovE25y9wq9e5pU9Iq%2B0VGQL8WhkImUKvcSz%2FfNuomRbsIqKxJeoKEaPcRJ8%2BKqBn03DgkGd6ZkdZ1aBDVX%2BjgswZFa2HLlDzHLoMRBWWCQIABZWZ7b%2BUZkQ4Ac%2BD"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab699b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
contact-card.svg
pay.obotofertas.online/assets/img/ 		1 KB
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/contact-card.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ab7df67358d9860a6ebda8b74470fb419cb43ac825ce6a27df78212d0c76d5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7T2fs1ulTJDxCYb%2FbPwxD3%2BEde4cX5hnBRuW4bT3Bfow4gaQjz1WDLxqMDF8Hw5TDkRGy6RqUAyHpe50lI8swOGwUws6djhQDqVOmmQlElgv8Ytq1K26zs8wOiJ%2BUrgQSlRqZ3MooAYv"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab6a9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
certificate.svg
pay.obotofertas.online/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/certificate.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f929a8ccab785fda6f0c9b773113243a44c0a49d08b5ec18d3a817238201811e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-7e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCF%2BR1wgh4r53KXytG3U8UrPe3%2BWq0rZP0togVUIBzkY%2BdOShgZVY3%2FDhSUtoc%2BA5PDt%2BA617BtD3vgcBhSWIOFNcjeNmZ0aur7orQ%2FIlxyNqc8qXOyhc6fPbWdvkRao7gTgFnN5Pa%2Fb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab6b9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
mastercard.svg
pay.obotofertas.online/assets/img/ 		1 KB
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/mastercard.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6904d88d3dc2adf741c1cb0202a04443551a7437f0b0d387c76c7ca2bcdcfd7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-4a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaEmwLXKQ9F4GlAfKELMRHXKgU3BKbgrYdVIAwe36A%2BQdTdROUz%2F6kjNa1LqCiHZhOWdcrnRSNV0E9MoRAwZf%2FEYaXZwTy3h7KAKNz8hpMOzY2ylMo%2BKkuFbTbs6blgzL2O9Q98wzIMz"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab6c9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
visa.svg
pay.obotofertas.online/assets/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/visa.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d986934e6c366d9738e16f6c1a6030561457e93be118f43dd3e04463436661

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-c0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abOESUORlkgbLWaQJqjyMHQXs5SgM7L6LJkcs0DT7YCKrLl0Qf9IJIXf%2F7h89L7NH9XGeJYKHcGxPkeo2ARxQ2c45RPh%2Bm5kbpVwlt4s5w2s3P5yp67svx%2F2tMWAViop65GBU6BXwMJx"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab6d9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
amex.svg
pay.obotofertas.online/assets/img/ 		994 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/amex.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8295874de0e0b4cf744715f44f736f6d8646bf86c0148aa3a57d7a5393ccb460

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-3e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ891xAnfkDBzXURwi2aU9%2BwF1jzgCtJPF5p1fLEfhEghEvC7pTDscu0ndU848Kd%2BO5RiGS1OioSdJRWqkgMQwp6lviOLckOgUtjoBQLPB8Nn4NG7ygajIlu7X3RPocS3YwBiDHU8zQf"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab6e9b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
elo.svg
pay.obotofertas.online/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/elo.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14980ab05ff345ea15f6e3b04519910f24bf18a7ba16ad7ee7108f1b17159afa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-67e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yd3uLIlFkAkDUu0xr%2FvVj%2FkihCAplDU1%2FDZr4ZYvWCuxcI5kgXn9nqVVne89ErtBYkcU7EgaUgSnsL9d5Uv2ctTxExHyePjrd8BTdtrxUP7wvrM2Ku2bMkCfSwTdJB1GYJZ0yKPurdru"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab719b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
hiper.svg
pay.obotofertas.online/assets/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/hiper.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f8399f4be50d294226003cf660b1125eef38cb96b53b528866869f3677829c6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2022 18:31:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"638f8a68-efc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPyYlya3AMQ5PQl6raqNwLCIFPp66OCt3m6J85wdb4BFU7Z35LNHTY9rmo9j7Dh%2BEJ1dYevD3OYqrIe3Q1%2FgjSIMdQmRjm2XIvFJvyZrY%2Fq75kDK5x8jfS1dqMGgKCx%2B5wL131hjrt6M"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab729b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
card-pix.svg
pay.obotofertas.online/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.obotofertas.online/assets/img/card-pix.svg
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fababe12647631052258a91137cc5ecaface3297fd606d16671a5256e1f0a26

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 10 Apr 2023 12:58:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643407fa-883"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mgxq0xi4nR40q0FO1sBZTBI5eW63jS8sgM52MNKACxibqZhDEM6OdcG92w6BIvgPT2mIZvmmvwZOVThOCznsKyq8vdC7Jm%2BKEUVi31uRPxYlczwnJ1EiLJCB2HCqC9v2ro67EEk0eO3N"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
8358ede0ab739b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
pay.obotofertas.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Dec 2023 15:04:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569f5f8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sM0UY5ufie5A1Hk23bUzP9iB9vnIfja2R1PaBvvecql%2BLXPbItgA4V7Spsqgov2xnr2VcdJO4dA%2Bxqu28eIEfFSv0%2FA4Mx3SgOS3xBWEGb6kAflBsfP32Z1X%2FL600bozVgNXhCcbt4z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8358ede04ab89b55-FRA
expires
Sat, 16 Dec 2023 19:42:17 GMT
js
api.gateway.cashtimepay.com.br/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://api.gateway.cashtimepay.com.br/v1/js
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-64.ams58.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers
checkout.min.js
pay.obotofertas.online/assets/js/ 		421 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/assets/js/checkout.min.js?id=e091bf7645e3e31edfa5a2ae716d3c79
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/65XDZB9wQwR3VJw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a08adc5dee6811eac07d94fe7e7ac657be97a98416e2a7c721eb3104502e8d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Dec 2023 19:42:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Dec 2023 12:10:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"657af0bf-694c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCEwymoOnQjyF%2BtsrZ6%2Fwj%2FWpZouDoL5pq20uRDS%2B8oUkczl9LFRymRjSksXbb2vaOGD58kOFgx5zFA28C9PMGvVKZdB1Ju5VQnHy%2FClcAIQRhVEHFcZ%2FAEk8Blta%2F1ym68cDj4FIvDK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8358ede0ab749b55-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afa791e483f8c99a858a40aab849b805e6266ee348983fd2d4e11ea600e3cc6b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pay.obotofertas.online
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 11 Dec 2023 18:20:53 GMT
x-content-type-options
nosniff
age
264084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46552
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 18:20:53 GMT
/
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondfresolver.com/ 		844 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondfresolver.com/
Requested by
Host: cdn.seondf.com
URL: https://cdn.seondf.com/js/v5/agent.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.74.59.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-59-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
17edaa5e7b9e17916c9a0002db931a10562fab1f0db4a2c7209056a967e6f53c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.obotofertas.online/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 19:42:18 GMT
access-control-allow-credentials
true
connection
close
content-length
844
content-type
application/json
check-progressive-discount
pay.obotofertas.online/ 		33 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/check-progressive-discount
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/assets/js/jquery-3.3.1.min.js?id=b4ae30631848f1183f71ddc2fa8e631d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f92f3750744ed5b191dae88719bfbcb8a5bde621f17f3274de34d652c2c2f8e4

Request headers

Accept
*/*
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
5hXz0rnoH9SRGWBehmUYOsf17wPoLK2QYzCAN8qB
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 14 Dec 2023 19:42:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4cX0Npx2i5hziopiQNFg38M20SN55S0IXtwSKKeF2qkJeTnQaE%2FwKJWp1%2FGUbP5%2BApOsKUWeI0zwJe%2Brf3AmwqkQU%2BpLFKrmKPGzDa4rgUkx2hDD0cvihk%2Fi3eLVx9VQ4XlprNkNHRB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
8358ede62b0c9b55-FRA
alt-svc
h3=":443"; ma=86400
savelog
pay.obotofertas.online/logs/ 		20 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/logs/savelog
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/assets/js/jquery-3.3.1.min.js?id=b4ae30631848f1183f71ddc2fa8e631d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
5hXz0rnoH9SRGWBehmUYOsf17wPoLK2QYzCAN8qB
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 14 Dec 2023 19:42:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlB55pvwYQx5vz%2BY3hqS%2FGoHU2nyghaCtivgO8KmkFFMZ8iEKWT%2BMbrvAV%2FXiHUp5NwrrE0vAt3TL4tlYFMqiONk15One17Wh%2FRCTw4eO9GdEWQYD8ZITP064On48FpPV89btTLugfSe"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
8358ede7dd3c9b55-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		83 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1efc9e950aa335d07dd313814de7c2a070448be3fa347d5effd0f1a5df286491

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
check-progressive-discount
pay.obotofertas.online/ 		33 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.obotofertas.online/check-progressive-discount
Requested by
Host: pay.obotofertas.online
URL: https://pay.obotofertas.online/assets/js/jquery-3.3.1.min.js?id=b4ae30631848f1183f71ddc2fa8e631d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f92f3750744ed5b191dae88719bfbcb8a5bde621f17f3274de34d652c2c2f8e4

Request headers

Accept
*/*
Referer
https://pay.obotofertas.online/65XDZB9wQwR3VJw
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
5hXz0rnoH9SRGWBehmUYOsf17wPoLK2QYzCAN8qB
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 14 Dec 2023 19:42:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek%2BVcJDEh%2FHh6e5Egl9jO2AHXgq%2FKxLzbP4iNEZckKP4MZJJoXdCZGS5z3s4Mq10CJoeMYyr%2B7BiEm%2Fqi5weIOFd2ARfJEADNDRK9l9F2QEqpD52BdLJQI%2B9Fu9rwFsx75Fr1SBrgr1L"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
8358ede99f5d9b55-FRA
alt-svc
h3=":443"; ma=86400
/
207ea8be-6675-4183-baaf-fbc064999cf1.seondfresolver.com/ 		869 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://207ea8be-6675-4183-baaf-fbc064999cf1.seondfresolver.com/
Requested by
Host: cdn.seondf.com
URL: https://cdn.seondf.com/js/v5/agent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-50.lhr61.r.cloudfront.net
Software
/
Resource Hash
90bbf9626e167f046e4ddedc79621b4022bbc26e76337ae831c7ecc8a3e4cebc

Request headers

Referer
https://pay.obotofertas.online/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Thu, 14 Dec 2023 19:42:19 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C2
x-amzn-trace-id
Root=1-657b5a9b-15674aea01610c5e471e5c8d;Sampled=0;lineage=f9daf2f9:0
x-amzn-requestid
1db0c01f-05e4-4a1d-8588-3a203fc0d4f8
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-apigw-id
P8sYVE9njoEEpTw=
content-length
869
x-amz-cf-id
gXtyS-6mayVMVtqjr-zZmAp3CyRicu1zYhOUKEc60M3PEy-PFwWIZQ==

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| JS_store string| JS_checkout_id boolean| JS_mobile object| JS_payment_done_boleto_url object| JS_payment_done_card_url object| JS_payment_done_pix_url object| JS_payment_done_analysing_url string| JS_total_value string| JS_discount_coupon number| JS_payment_boleto number| JS_payment_pix number| JS_payment_credit_card number| JS_automatic_discount_bank_slip number| JS_automatic_discount_credit_card number| JS_automatic_discount_pix object| JS_content_pixels number| JS_checkout_type number| JS_checkout_template number| JS_pre_selected_installment object| JS_pixels_data number| JS_email_required string| JS_log boolean| JS_has_physical_product number| JS_document_type number| JS_original_subtotal boolean| JS_can_change_product_amount boolean| JS_require_dependencies number| JS_default_credit_card_gateway_id function| a0_0x57fb function| a0_0x1ac9 object| webpackChunkseon_javascript_sdk function| Minhash function| LshIndex object| seon function| $ function| jQuery function| Popper object| FingerprintJS function| setFingerprintSession function| initFingerprintJS function| _regeneratorRuntime function| _createForOfIteratorHelper function| asyncGeneratorStep function| _asyncToGenerator function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _classCallCheck function| _inherits function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _wrapNativeSuper function| _construct function| _isNativeReflectConstruct function| _isNativeFunction function| _setPrototypeOf function| _getPrototypeOf function| _typeof object| form object| emailIsRequired object| emailInput object| telephoneNumber object| fullname object| CpfOrCnpjDocument object| zip_code object| street object| numberAdress object| complement object| neighborhood object| city object| state object| creditCardNumber object| creditCardName object| cvvCreditCard object| dateValidateCard object| installments object| documentFooter function| manipulatingInputs function| validateEmail function| validadeTelephone function| validateName function| validateDocument function| validateContactData function| validateZipCode function| validateAdress function| validateNumberAdress function| validateNeighborhood function| validateCity function| validateState function| validateDeliveryData function| validateCreditCardNumber function| validateCardName function| validateCvvCreditCard function| validateDateExpiration function| validateInstallments function| validateCreditCard function| validateDebit function| verifyCPF function| verifyCNPJ function| invalidData function| customAlert function| clearValue function| maskCNPJ function| getNumberTransactionsLastHour function| setNotificationSaleMessage function| getProductCheckoutMessages function| validateFilds function| validateinputs function| getParams function| tokenCreditCard function| _tokenCreditCard string| shippingEmpty function| togglePurchaseSummary number| ENABLED_STATUS number| API_ENABLED function| getCustumer boolean| trackDeliveryCompleteLoadedFacebook boolean| trackDeliveryCompleteLoadedGoogle boolean| trackDeliveryCompleteLoadedGoogleAds boolean| trackDeliveryCompleteLoadedGoogleAnalyticsFour boolean| trackDeliveryLoadedTaboola function| pixelTrackingDeliveryDataComplete function| executePixelGoogleAnalyticsDeliveryComplete boolean| trackCouponDiscountGoogle boolean| trackCouponDiscountGoogleAds boolean| trackCouponDiscountGoogleAnalyticsFour boolean| trackCouponDiscountFacebook function| pixelTrackingAddCouponDiscount function| executePixelGoogleAnalyticsCouponDiscount boolean| trackInitiateUpsellGoogle boolean| trackInitiateUpsellGoogleAds boolean| trackInitiateUpsellGoogleAnalyticsFour boolean| trackInitiateUpsellFacebook boolean| trackInitiateUpsellTaboola function| pixelTrackingInitiateUpsell function| executePixelGoogleAnalyticsInitiateUpsell boolean| trackPurchaseUpsellGoogle boolean| trackPurchaseUpsellGoogleAds boolean| trackPurchaseUpsellGoogleAnalyticsFour boolean| trackPurchaseUpsellFacebook boolean| trackPurchaseUpsellTaboola function| pixelTrackingPurchaseUpsell function| executePixelGoogleAnalyticsPurchaseUpsell function| executeConvertGoogleAds boolean| isMakingPayment function| getLogParameters function| firstAccess function| basicDataComplete function| deliveryComplete function| submitCoupon function| leavingCheckout function| makingPayment function| clickTerms function| security function| paymentError function| zipcodeNotFound function| returnCheckout function| orderBumpLoadLog function| orderBumpAddLog function| orderBumpRemoveLog function| saveLog function| mercadoPagoInitCardForm object| swiffyslider object| bootstrap function| Sweetalert2 function| swal function| sweetAlert function| Swiper object| moip function| uuid function| isMobile function| getShippings number| shippingDelay function| getShippingsValues function| autoSelectMethod function| numberFormat function| canCheckout function| updateTotalValue function| addDiscountCoupon function| checkProgressiveDiscount function| resetSpinning function| contactData function| deliveryData function| paymentData function| sendPaymentCardData function| updateSubtotal function| updateQtdeIndicator function| getOrderBumpPlans function| adjustOrderBumpOffers

3 Cookies

Domain/Path Name / Value
pay.obotofertas.online/ Name: XSRF-TOKEN
Value: eyJpdiI6IkdPWVA3YkI2RzRMamlmeXpPYTlrSnc9PSIsInZhbHVlIjoiZGV5NlZsczBIdVd5aldPdEVudDI0YXVMbk5WQXZGL1VhTmZYRHlhdzkzalV0Q2pYV0UzZ09DZ1U2ZlRmWTJFNjhBaEd3cXlrMVdsY29pZk9hcDdIY1lubTE5SlE0REdLb1dUU051SEoySEpFd3ErWUd2NGZ0S1N4V1BVd3lIbnciLCJtYWMiOiI1ZDk4YWNlNTYwMDRiZjdlNzAzMjNiOWUyYTVlYWZhZDI1NGYzOWJiNDcyYmEzZjljZjA1MzRhN2NhYzQzYzU3IiwidGFnIjoiIn0%3D
pay.obotofertas.online/ Name: vega_checkout_session
Value: eyJpdiI6IjZQc2xDb2w1MUdpWUxIYXJkbUpIVWc9PSIsInZhbHVlIjoiS3NKanlKSU5FdTlCSTNFNzBGZGZTQmlxS05XUUhxSzlEcEYrZG9JRkxrOHl2TEpFcW9qZ3pZd0IwazdMYVk4Z0N4SUxKSkJnc01zQmxPbmhqekhMUE1iU3grbVBoWVVrcnVkNkpRQWJCTWMzYTRIV01HelN5Uk9DTmhaR2p1YnYiLCJtYWMiOiJjMDhmOTE1NjI1NmI2ZDI5NmFlOTJiY2U3NmQ1NTIzNjc2YTgwZjUzYjhmMmFhOTRlYzcxMDczNTQ2YjNjOTRiIiwidGFnIjoiIn0%3D
pay.obotofertas.online/ Name: data
Value: a26088f6a50b556d8552c36f70ba064f

1 Console Messages

Source Level URL
Text
network error URL: https://api.gateway.cashtimepay.com.br/v1/js
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

207ea8be-6675-4183-baaf-fbc064999cf1.seondfresolver.com
api.gateway.cashtimepay.com.br
cdn.jsdelivr.net
cdn.seondf.com
cdnjs.cloudflare.com
cloudfox-digital-products.s3.amazonaws.com
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondfresolver.com
fonts.googleapis.com
fonts.gstatic.com
pay.obotofertas.online
unpkg.com
104.16.125.175
104.16.89.20
104.17.24.14
13.224.222.50
172.217.18.10
172.217.23.99
172.67.202.27
18.239.36.64
188.114.96.3
52.216.248.164
54.74.59.74
14980ab05ff345ea15f6e3b04519910f24bf18a7ba16ad7ee7108f1b17159afa
17edaa5e7b9e17916c9a0002db931a10562fab1f0db4a2c7209056a967e6f53c
1efc9e950aa335d07dd313814de7c2a070448be3fa347d5effd0f1a5df286491
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
373f2261dbf8d91b85042f2003b40bfd9a01fe881a3b8a745ac8527a0fda9729
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3fababe12647631052258a91137cc5ecaface3297fd606d16671a5256e1f0a26
41a51116d42ac12de97ad20bf747405d397c4a86a977b0da3406b4a3f270f4dd
4544f00cd5f661622ed335dde404b4b24851ef95ec6d08e1b34c4e8d538b8994
49ab7df67358d9860a6ebda8b74470fb419cb43ac825ce6a27df78212d0c76d5
5f8399f4be50d294226003cf660b1125eef38cb96b53b528866869f3677829c6
6527e807e636deed78a78349706962a9a907051bf378fed8042817bf2ebde193
67ca34577fcb9f9c67c65fa2e9fe699adb403d56cf330961c113b94a268aaaa3
6c5ff80fcd20bd0215a3759dd512682e59ebb3aca8629475e2e54285a6bc4c29
6c9e86109ac46a54c1fe11afe973ed6bb1991dde5a75b3bc398be46db2acf49f
6cb546b51bc8f8c5d1ddbc278f48bd76827bda323c1fb5ef695a74a26aa55b75
709227fc385314e7db25548c5949212f3383d0e3c43f4c7506e77bab290b8c82
7466ec09c936a7445fb3abe05cfc2a639376188071f80ef41823adc953ea7fcf
8295874de0e0b4cf744715f44f736f6d8646bf86c0148aa3a57d7a5393ccb460
90bbf9626e167f046e4ddedc79621b4022bbc26e76337ae831c7ecc8a3e4cebc
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
a0b3bfee2b60ca042992e900df5b1d3058af3c8bd767e8e979b5b149da9a415e
afa791e483f8c99a858a40aab849b805e6266ee348983fd2d4e11ea600e3cc6b
b6904d88d3dc2adf741c1cb0202a04443551a7437f0b0d387c76c7ca2bcdcfd7
b9d986934e6c366d9738e16f6c1a6030561457e93be118f43dd3e04463436661
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
c415e96fee56febe0b29bf679939c2f8269214531902a3361156565766839f40
d3a08adc5dee6811eac07d94fe7e7ac657be97a98416e2a7c721eb3104502e8d
dc419562d45f96d96b084be4ddd337cd7d84f953e505f33d6a3656b74adc0fd4
e4a9dd37c2dba34558556a9a1c8b5a09196c675f44cd9512eaf84667bd445810
eaf1a3ac6183548afa35c0088364ae8ff11d14559c262702a3c04615869fe07b
ee7c8a64545ee88b6820c39ac79488d03b79f630162ffbdcc08600146715381f
ef1bbcdb46ed57a2bb052568dc68e96c61135ea65d51db9f904942085141746c
f929a8ccab785fda6f0c9b773113243a44c0a49d08b5ec18d3a817238201811e
f92f3750744ed5b191dae88719bfbcb8a5bde621f17f3274de34d652c2c2f8e4
fbab5cbf7b28ff8bda40e28131fc491b7945e8cd90e510d535b76b8792475d0e
fcf3c7c4d1934f1a517bfc597f28d7d0baf514e444d76b2ce69cf2e69163dfcd