www.bookbub.com
Open in
urlscan Pro
65.9.7.54
Public Scan
Effective URL: https://www.bookbub.com/transaction_unsubscribe/confirm
Submission Tags: phishing malicious Search All
Submission: On January 29 via api from US
Summary
TLS certificate: Issued by Amazon on July 19th 2020. Valid for: a year.
This is the only time www.bookbub.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net
messages.bookbub.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-117.fra2.r.cloudfront.net
d2616tuem1neks.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN14618 (AMAZON-AES, US)
rp.liadm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-196-188.compute-1.amazonaws.com
rp4.liadm.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-17.fra2.r.cloudfront.net
client-events.bookbub.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-68.fra2.r.cloudfront.net
api.omappapi.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-237-4.compute-1.amazonaws.com
i.liadm.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
cloudfront.net
d2616tuem1neks.cloudfront.net |
343 KB |
8 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
212 KB |
8 |
bookbub.com
4 redirects
messages.bookbub.com www.bookbub.com t.bookbub.com client-events.bookbub.com |
21 KB |
7 |
googleapis.com
fonts.googleapis.com |
5 KB |
5 |
liadm.com
1 redirects
b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com |
14 KB |
4 |
facebook.net
connect.facebook.net |
154 KB |
3 |
omappapi.com
api.omappapi.com a.omappapi.com |
45 KB |
3 |
google-analytics.com
www.google-analytics.com |
19 KB |
3 |
google.com
www.google.com |
1015 B |
2 |
facebook.com
www.facebook.com |
260 B |
2 |
twitter.com
platform.twitter.com |
29 KB |
2 |
bing.com
bat.bing.com |
9 KB |
2 |
adnxs.com
2 redirects
ib.adnxs.com |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
72 KB |
1 |
optmnstr.com
a.optmnstr.com |
63 KB |
1 |
google.de
www.google.de |
107 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
88 B |
1 |
cloudflare.com
cdnjs.cloudflare.com |
18 KB |
62 | 18 |
Domain | Requested by | |
---|---|---|
14 | d2616tuem1neks.cloudfront.net |
www.bookbub.com
|
7 | fonts.gstatic.com |
fonts.googleapis.com
|
7 | fonts.googleapis.com |
www.bookbub.com
a.omappapi.com |
4 | connect.facebook.net |
www.bookbub.com
connect.facebook.net d2616tuem1neks.cloudfront.net |
3 | www.google-analytics.com |
www.googletagmanager.com
cdnjs.cloudflare.com www.bookbub.com |
3 | www.google.com |
www.bookbub.com
www.gstatic.com |
3 | www.bookbub.com | 2 redirects |
2 | a.omappapi.com |
a.optmnstr.com
www.bookbub.com |
2 | www.facebook.com |
www.bookbub.com
|
2 | client-events.bookbub.com |
cdnjs.cloudflare.com
|
2 | platform.twitter.com |
d2616tuem1neks.cloudfront.net
platform.twitter.com |
2 | b-code.liadm.com |
www.googletagmanager.com
b-code.liadm.com |
2 | bat.bing.com |
www.bookbub.com
|
2 | ib.adnxs.com | 2 redirects |
2 | t.bookbub.com |
1 redirects
www.bookbub.com
|
2 | www.googletagmanager.com |
www.bookbub.com
|
1 | i.liadm.com |
b-code.liadm.com
|
1 | api.omappapi.com |
cdnjs.cloudflare.com
|
1 | rp4.liadm.com |
www.bookbub.com
|
1 | rp.liadm.com | 1 redirects |
1 | www.gstatic.com |
www.google.com
|
1 | a.optmnstr.com |
www.bookbub.com
|
1 | www.google.de |
www.bookbub.com
|
1 | stats.g.doubleclick.net |
cdnjs.cloudflare.com
|
1 | cdnjs.cloudflare.com |
www.bookbub.com
|
1 | messages.bookbub.com | 1 redirects |
62 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
browsehappy.com |
www.whatarecookies.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bookbub.com Amazon |
2020-07-19 - 2021-08-19 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-01-19 - 2021-07-19 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
b-code.liadm.com DigiCert Secure Site ECC CA-1 |
2020-06-23 - 2021-09-22 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-05 - 2021-11-09 |
a year | crt.sh |
*.optmnstr.com Go Daddy Secure Certificate Authority - G2 |
2020-07-08 - 2022-07-10 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.liadm.com Amazon |
2020-01-17 - 2021-02-17 |
a year | crt.sh |
client-events.bookbub.com Amazon |
2021-01-10 - 2022-02-07 |
a year | crt.sh |
api.opmnstr.com Amazon |
2020-04-09 - 2021-05-09 |
a year | crt.sh |
*.omappapi.com Go Daddy Secure Certificate Authority - G2 |
2020-03-16 - 2022-03-16 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.bookbub.com/transaction_unsubscribe/confirm
Frame ID: 512DBE8A42051AE95FB5EDBAC0947225
Requests: 59 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.bookbub.com
Frame ID: BA33DA986A1ECBB0B0A0668E3C9914B4
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7feQUAAAAAA_tx2ITzvEiFaosbpJ-9tqAafYA&co=aHR0cHM6Ly93d3cuYm9va2J1Yi5jb206NDQz&hl=en&v=-nejAZ5my6jV0Fbx9re8ChMK&size=invisible&cb=28b2c3nwkv4i
Frame ID: C2CEF2D4A0E5AB5D9B738A967A43C96D
Requests: 1 HTTP requests in this frame
Frame:
https://i.liadm.com/s/c/a-00r7?s=&cim=&ps=true&ls=true&duid=6a2fe0e75190--01ex7b82g16e9z4x6xbp4j1g7n&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 01FD576BA84603F74D827BD35B091916
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://messages.bookbub.com/ss/c/9WgHSaBBzwiLXW3Z4NN4xQX8wU_Ktgwa7D6uAzPIxgLssGP-GnK5INEC00Pl2qAvHxvdi9i...
HTTP 302
https://www.bookbub.com/muted_email?email_address=Lauryn-McAdam%40ouhsc.edu&invitations=true&mid=2-i... HTTP 302
https://www.bookbub.com/muted_email?email_address=Lauryn-McAdam%40ouhsc.edu&invitations=true&mute_ht... HTTP 302
https://www.bookbub.com/transaction_unsubscribe/confirm Page URL
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: https://browsehappy.com/
Search URL Search Domain Scan URL
Title: http://www.whatarecookies.com/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://messages.bookbub.com/ss/c/9WgHSaBBzwiLXW3Z4NN4xQX8wU_Ktgwa7D6uAzPIxgLssGP-GnK5INEC00Pl2qAvHxvdi9itKHN2-scbIX99ASrd_FKHPNLwxsmP6H7d-IWx4ZnscUcAFRDjSkdVqBOnqGPMO0z-aRKpTRM-n2goRH3XSpKz8HyU_xUY0MROQhyTpaP2B9j2ZIEeGRWfogCTdq-qg2qmfpZ_iF6oduK7O0hPgLE7HCamdWQKYFmCQ0lGEwj9LvjWbULS6pPbOPtWYX9J_DgKHR1NYMpXz2WnlQ/38x/iodyACnGQVyQYO_-8PpM_w/h2/6CHZh27qD7LCTyLD0Zl--VYiAzbFdKSI3R1VVQXDb5g
HTTP 302
https://www.bookbub.com/muted_email?email_address=Lauryn-McAdam%40ouhsc.edu&invitations=true&mid=2-invitation_descriptive&mute_htoken=ba5f23ad457446e6adac63db18fcf6185ba964dacab4f61fc0343b3cadaca145 HTTP 302
https://www.bookbub.com/muted_email?email_address=Lauryn-McAdam%40ouhsc.edu&invitations=true&mute_htoken=ba5f23ad457446e6adac63db18fcf6185ba964dacab4f61fc0343b3cadaca145 HTTP 302
https://www.bookbub.com/transaction_unsubscribe/confirm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://t.bookbub.com/v1/pixel HTTP 302
- https://ib.adnxs.com/getuid?https://t.bookbub.com/v1/track?app_nexus_id=%24UID&tracking_id=730600205 HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ft.bookbub.com%2Fv1%2Ftrack%3Fapp_nexus_id%3D%2524UID%26tracking_id%3D730600205 HTTP 302
- https://t.bookbub.com/v1/track?app_nexus_id=4860031521739527297&tracking_id=730600205
- https://rp.liadm.com/j?tna=v2.0.1&aid=a-00r7&wpn=lc-bundle&pu=https%3A%2F%2Fwww.bookbub.com%2Ftransaction_unsubscribe%2Fconfirm&duid=6a2fe0e75190--01ex7b82g16e9z4x6xbp4j1g7n&se=e30&dtstmp=1611933158083 HTTP 302
- https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00r7&wpn=lc-bundle&pu=https%3A%2F%2Fwww.bookbub.com%2Ftransaction_unsubscribe%2Fconfirm&duid=6a2fe0e75190--01ex7b82g16e9z4x6xbp4j1g7n&se=e30&dtstmp=1611933158083&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
confirm
www.bookbub.com/transaction_unsubscribe/ Redirect Chain
|
33 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-16-8d70744be01fc0cee1c85801bf575c1bfac20b4752b556119538bd8dae9f29f0.css
d2616tuem1neks.cloudfront.net/assets/bundles/ |
128 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-3-bbad0ea3a36f5ece51182a08861e3deb0afc3328533c54d385fa31f31d6bb717.css
d2616tuem1neks.cloudfront.net/assets/bundles/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-1-71338e5fe03921f81f7d4acd0d294cb9d9f5b56f1d50c4c66dbf99df6841ee6f.css
d2616tuem1neks.cloudfront.net/assets/bundles/ |
60 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-4-6584e441a5afac1176c296e3b7a333e2fbe108880999d86a52bbd40203d07404.css
d2616tuem1neks.cloudfront.net/assets/bundles/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 874 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 614 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 613 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 643 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 658 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 574 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-casino-6da727023d00ca34a134249ad22aecf97e96f7b5193159f64b3c47e543d02673.png
d2616tuem1neks.cloudfront.net/assets/pages/casino/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-23-88c51c7a5f9035537b149fb62222daf41a577f4591747cb2672ce65e4f579b49.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
377 KB 125 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-26-f1d34ff67fa83b2a6ab8bad379aaec33f27dd92361d3868ebc8636224efb2fd5.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-25-de708c818fe336ae3db59f9835763f9fe36fd406aa9ecba838d35b81f9a4248c.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-24-a9264824d68584fe1cd056ec1c7b4ab897c0c937c0369bf9dad25167d5756574.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
314 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-16-140a8939aaa6b6cc9ec97e6fa50281e757400a0ee74c6312ad22684358e1cab2.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-3-279fe236795a3763dda72c28572e6879a2352fda09074bf040f7c588b3f99b91.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-1-e8e4fcd18c08b3234b5bf15d582ec536983d4e6bda23146b9010fb66df7136f8.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
254 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc-4-8b3cd599e63ad087f33ccf14e7fd74e6f2fa250d688fcc1d3390ddf96a11ef9b.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprites-0-ee121d82a7a48568ee3f7eadddab9bfd6207bbd45c5bf67e5f64da8f9c0c016d.js
d2616tuem1neks.cloudfront.net/assets/bundles/ |
106 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
track
t.bookbub.com/v1/ Redirect Chain
|
43 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
884 B 675 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.12.3/ |
66 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
91 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
91 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a-00r7.min.js
b-code.liadm.com/ |
25 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 66 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 122 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 88 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
821480571226892
connect.facebook.net/signals/config/ |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync-container.js
b-code.liadm.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ga-audiences
www.google.com/ads/ |
42 B 340 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
95 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.min.js
a.optmnstr.com/app/js/ |
214 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-nejAZ5my6jV0Fbx9re8ChMK/ |
331 KB 129 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 93 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j
rp4.liadm.com/ Redirect Chain
|
13 B 569 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
events
client-events.bookbub.com/ Frame |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
client-events.bookbub.com/ |
9 B 372 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
196 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame BA33 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
48738
api.omappapi.com/v2/embed/ |
13 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
anchor
www.google.com/recaptcha/api2/ Frame C2CE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
a.omappapi.com/app/js/webfont/1.5.18/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63453978aafb1584545225-chirp-by-bookbub-logo.png
a.omappapi.com/users/e54a333dad09/images/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
a-00r7
i.liadm.com/s/c/ Frame 01FD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v12/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v12/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
94 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar object| dataLayer boolean| bb_use_external_scripts object| uetq boolean| randomAjaxDelays string| facebookAppId object| bubTools string| bubEnv string| nileEnv string| bubEventsProcessingUrl function| gtag number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| UET object| gaplugins object| gaGlobal object| gaData object| LI object| __li__evt_bus object| liQ object| webpackJsonp function| _typeof2 function| __liSync function| _ function| setImmediate function| clearImmediate boolean| rsvpErrorHandlerRegistered function| jQuery function| $ object| React object| ReactDOM object| PropTypes function| hot object| jstz function| Cookies object| BrowserAbilities object| BrowserDetect object| bubEvents function| memoize function| SearchIndex object| ajaxCallStack function| printAjaxCallStack object| ajaxRequests object| __core-js_shared__ function| loadRecaptchaV2 function| loadRecaptchaV3 object| twttr function| fbAsyncInit object| ModalScrollFix object| __SVG_SPRITE__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| FB object| __twttrll object| __twttr function| OptinMonsterApp boolean| om_loaded object| om54925_48738 boolean| _omvisitsadded object| recaptcha object| closure_lm_467362 object| _omapp object| omc29t6bsd3pqqh2yiybz6 object| oms2p4ewz9dni9tdzouppp object| omiiqvo39wkxcxpfcf37c4 object| WebFont18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bookbub.com/ | Name: _lello2_session Value: IGntSFulIO1WF73wdp%2FJOmFauQMSX0RKhEuXW1KmV7MW2Z%2FAOMdgNoV4jixhrd0GbeUsIvdzXL%2B9ljAAmTOXDgSq5VSdv84L2wLTjtUNPq4%2B6UOcYBrPnQxZCTeXcwZfkHhiavYvpk95GpgyrjkyR%2Ff6HVtTXG1vB7OnwjBCjiDg7EyGoYGGZ93uBOm%2B2b%2BBIx7tF1kYNicohMCrJm7fWovf7qSuRfW%2FA2tEGSWU2BAVJoLOptuP%2FV2q8FaD1c6Ou13EhR5uSgJJc0e0YqgsdQ4%2FU7qMFZqZeYm6xqFjHg79r6xuZUcM9TluSGm0dHFIM9rB3wMl3ebWLhQSjkdM8lrpXEVPPCXih3rfm7dOP07DdI%2B%2FtV5oFOkorNJ6t9SZewT97jV5tXiLw%2BNPduthQ60SqbLuct3KFk%2BzqV1wpS1dz3hQNs6nPW67d9vxdtNaLtlr7RYOIGGoqxYjdKXd7UVc%2F9TSekD3RyNG9HAqYkvZ0M%2Fd3p2u56rKEZy2hR6a%2Fd3BPBaIMC63%2FYjMYwq0P65%2F8NYgK7mBlPg8NkQqYXTewoEWay8lY1JeSuX8uJRcTgaFPf2ky%2BEaXVSji7BIhKovN2eC%2BUu%2BlZKHxw1FFuDNC6lZWA%3D%3D--lkpGZl9AzBiUCzhp--fub9L%2FwEyliQ4KjXNxalGQ%3D%3D |
|
www.bookbub.com/ | Name: _omappvs Value: 1611933158182 |
|
.bookbub.com/ | Name: _fbp Value: fb.1.1611933158117.1450106822 |
|
www.bookbub.com/ | Name: bub_events_session_id Value: b957777f-f284-4a00-bbe1-1288623e5f89 |
|
www.bookbub.com/ | Name: bub_events_session_timestamp Value: 1611933158102 |
|
.bookbub.com/ | Name: _lc2_fpi Value: 6a2fe0e75190--01ex7b82g16e9z4x6xbp4j1g7n |
|
.bookbub.com/ | Name: _li_dcdm_c Value: .bookbub.com |
|
.bookbub.com/ | Name: _gat_gtag_UA_27140214_5 Value: 1 |
|
.bookbub.com/ | Name: bb_trck Value: eyJ0aWQiOjczMDYwMDIwNSwidWlkIjowLCJoYXBpZCI6ZmFsc2UsImFucGRh%0AIjoxNjExOTMzMTU4LCJjcnQiOjE2MTE5MzMxNTZ9%0A--b42df40103a2b13f36ba057e47756394d3455d10 |
|
.bookbub.com/ | Name: _ga Value: GA1.2.1401060797.1611933158 |
|
www.bookbub.com/ | Name: time_zone Value: Europe/Berlin |
|
.bookbub.com/ | Name: _uetsid Value: 6c654260624411ebb1f66381c7d6624b |
|
.bookbub.com/ | Name: _gcl_au Value: 1.1.146303510.1611933158 |
|
www.bookbub.com/ | Name: region Value: us |
|
.bookbub.com/ | Name: _gid Value: GA1.2.1394706917.1611933158 |
|
.bookbub.com/ | Name: _uetvid Value: 6c657240624411eba38b91092320a9d0 |
|
www.bookbub.com/ | Name: _omappvp Value: 9DZDW7n1Yf6v52HRsym21QUbsJN88W3YGTzFV6KEhEBpGwEQRvuVpxfjOdwkqiBUJM7QLkiCCn7DpwPSTr0LCoMXB7YtNMpZ |
|
www.bookbub.com/ | Name: country_code Value: nl |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.omappapi.com
a.optmnstr.com
api.omappapi.com
b-code.liadm.com
bat.bing.com
cdnjs.cloudflare.com
client-events.bookbub.com
connect.facebook.net
d2616tuem1neks.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.liadm.com
ib.adnxs.com
messages.bookbub.com
platform.twitter.com
rp.liadm.com
rp4.liadm.com
stats.g.doubleclick.net
t.bookbub.com
www.bookbub.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
13.224.194.17
13.224.195.117
13.225.80.68
167.89.118.52
185.33.220.243
23.111.11.71
23.111.9.217
2600:1f18:730:b150:e012:d004:2b3d:e4f0
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:125e
2620:1ec:c11::200
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:811::200e
2a00:1450:4001:816::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9a
2a02:26f0:6c00::210:ba92
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.86.196.188
54.210.237.4
65.9.7.11
65.9.7.54
00c73164abbada7946bfef6df7e63d4308c68ca0610d7c77abd57c126f38b3ba
0b9160abaca2a84bc9aeae5938109877d4cd53b858e0e898d6a0c169c1657f44
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
140a8939aaa6b6cc9ec97e6fa50281e757400a0ee74c6312ad22684358e1cab2
19394721cb6c865e8aa8f9e7bb8b7e3e638dcdc29480f9887d00e768ec1e8437
279fe236795a3763dda72c28572e6879a2352fda09074bf040f7c588b3f99b91
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2c9c1b391fa058fe2e319c8bdfc9800b31f7e23039337be1d51989d000defe58
358431483b97baf5a12d2f99680a0e5f2275c10e445b5287fc47fff658343082
374e2cbda4d0686f0e38a1cdb42ff3a273e5cc65f2c20188c0c3ac56c474a28b
44bb9a5ffcf0c59e32deb7d833937b2b196fefe2769df90c4caf1bcf9b4b3dda
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
542fdbbf15a76e241b0405ea253253f2f3b0da063cd8d49e9ef3e71126163a2a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5b7b8dcbd55cb3eee931190f7ed87560b08d9157e4a47ba0ea0c20d188ddf908
61f1abd44db610d6e3fa2ba6ec1b826a1f2662ab40327df75f22049db85b0226
625cd1e41d9f73639ad6f5ecc089b3bee80af4d906dd781e1e942007b2dca0d4
6584e441a5afac1176c296e3b7a333e2fbe108880999d86a52bbd40203d07404
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6da727023d00ca34a134249ad22aecf97e96f7b5193159f64b3c47e543d02673
703910a21a5c39dfdf1abd8cf136d55719f8eeda25680d411973d7d72a354c4e
71338e5fe03921f81f7d4acd0d294cb9d9f5b56f1d50c4c66dbf99df6841ee6f
74a851f39fffb67d3512354580e4ad365ff4f397423c12a92f6685a1f5fbfaf2
7cc58f0a4985945fa2d7e1865aea699f0ee3e3f7efcb2af365dd196f4cd30122
7d1b4b7861bfb2e0c18af04cdbeed94853f005ba81d470b9e5ebf7b91cc81e99
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88c51c7a5f9035537b149fb62222daf41a577f4591747cb2672ce65e4f579b49
8b3cd599e63ad087f33ccf14e7fd74e6f2fa250d688fcc1d3390ddf96a11ef9b
8d70744be01fc0cee1c85801bf575c1bfac20b4752b556119538bd8dae9f29f0
9784a7bb2e8288dd0edba99a169b12d0af13be4a3b6ca926627762298c56120e
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a9264824d68584fe1cd056ec1c7b4ab897c0c937c0369bf9dad25167d5756574
b198b05f54416a160517c23d619b3dea9ba5c185a60df9771794b87b0de44410
bbad0ea3a36f5ece51182a08861e3deb0afc3328533c54d385fa31f31d6bb717
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
c824416df3390e962f06b035ccfd8f41903cf24d946941f5050b9a88b4205526
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de708c818fe336ae3db59f9835763f9fe36fd406aa9ecba838d35b81f9a4248c
ded038181a2e72755fc4c0d57ec9e45725629888a038328e238ab07cdb8e8e11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8e4fcd18c08b3234b5bf15d582ec536983d4e6bda23146b9010fb66df7136f8
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ee121d82a7a48568ee3f7eadddab9bfd6207bbd45c5bf67e5f64da8f9c0c016d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1d34ff67fa83b2a6ab8bad379aaec33f27dd92361d3868ebc8636224efb2fd5
f3604bb5f4e77d9ef80a0a40ede2a5b3ee62361873ecb51351849a5f27fc15ec
f70db2443a180da92be48e4db76def2eef6d900dd1a8057bcfe9a3d53c2eba77
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8