urlscan.io logo urlscan.io
SecurityTrails logo

happywealthydaily.co Open in urlscan Pro
35.240.1.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://happywealthydaily.co/
Submission: On September 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 18 HTTP transactions. The main IP is 35.240.1.10, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is happywealthydaily.co.
TLS certificate: Issued by R3 on July 7th 2022. Valid for: 3 months.
This is the only time happywealthydaily.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.240.1.10 396982 (GOOGLE-CL...)
1 13.225.78.12 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 85.17.54.17 60781 (LEASEWEB-...)
2 185.59.220.199 60068 (CDN77 ^_^)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
1 44.194.150.11 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:3::720 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 12
1    35.240.1.10 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.1.240.35.bc.googleusercontent.com
happywealthydaily.co
1    13.225.78.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-12.fra2.r.cloudfront.net
cdn.clkmc.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    85.17.54.17 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
pbssl.rdtk.io
2    185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-722.bunnyinfra.net
cdn.convertri.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
1    44.194.150.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-150-11.compute-1.amazonaws.com
snowplow.convertri.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)
convertri.imgix.net
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
4 gstatic.com
fonts.gstatic.com
119 KB
3 convertri.com
cdn.convertri.com — Cisco Umbrella Rank: 178791
snowplow.convertri.com — Cisco Umbrella Rank: 191720
122 KB
3 rdtk.io
pbssl.rdtk.io
5 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6352
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 imgix.net
convertri.imgix.net — Cisco Umbrella Rank: 178234
14 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
61 KB
1 clkmc.com
cdn.clkmc.com — Cisco Umbrella Rank: 154370
12 KB
1 happywealthydaily.co
happywealthydaily.co
22 KB
18 11
Domain Requested by
4 fonts.gstatic.com happywealthydaily.co
3 pbssl.rdtk.io happywealthydaily.co
pbssl.rdtk.io
2 cdn.convertri.com happywealthydaily.co
1 www.google.de happywealthydaily.co
1 www.google.com happywealthydaily.co
1 convertri.imgix.net happywealthydaily.co
1 googleads.g.doubleclick.net www.googleadservices.com
1 snowplow.convertri.com happywealthydaily.co
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com happywealthydaily.co
1 cdn.clkmc.com happywealthydaily.co
1 happywealthydaily.co
18 12

This site contains links to these domains. Also see Links.

Domain
www.ep20trk.com
pbssl.rdtk.io
www.facebook.com
Subject Issuer Validity Valid
happywealthydaily.co
R3		 2022-07-07 -
2022-10-05		 3 months crt.sh
*.clkmc.com
AlphaSSL CA - SHA256 - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.rdtk.io
GoGetSSL RSA DV CA		 2022-08-01 -
2023-08-01		 a year crt.sh
cdn.convertri.com
R3		 2022-09-06 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
snowplow.convertri.com
Amazon		 2022-02-23 -
2023-03-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-01 -
2023-07-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://happywealthydaily.co/
Frame ID: 8D20CA42527E463CC654ACA718388961
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RARE FLOWER DEMOLISHES DIABETES!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

12
IPs

4
Countries

374 kB
Transfer

976 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
happywealthydaily.co/ 		136 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.240.1.10 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.1.240.35.bc.googleusercontent.com
Software
/
Resource Hash
51a7dd2c5d608e64babeca99833ee2f954519f3f60f5c51d7c60a437d3cd8400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 20:27:11 GMT
vary
Accept-Encoding
cmc.js
cdn.clkmc.com/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clkmc.com/cmc.js
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-12.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
1adf1fd31f6cfa9e40b20edd301bb91570577e870f384250c9d65e164a28a83e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 17:43:23 GMT
Via
1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies
none
Age
355428
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
12013
Last-Modified
Thu, 15 Sep 2022 17:42:46 GMT
Server
nginx
ETag
"63236416-2eed"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public, no-transform
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
D8LV3gBbyP2fV7BCRk0pyK2s5_XWXyi0vCqRnVlKNfT0HolyxWtPug==
Expires
Sat, 15 Oct 2022 17:43:23 GMT
js
www.googletagmanager.com/gtag/ 		163 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-469707474
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e4a11657157624d0b005d409540d20a4ba462618bf37a6c82ebd0200fb10287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 20:27:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61751
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 20:27:11 GMT
track.js
pbssl.rdtk.io/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pbssl.rdtk.io/track.js?rtkcmpid=6095accf76ff1b0001edc450
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
8d25dca6b14a6d3f89b81853da2af33cc8552907931f2a15eee7e4710a44e832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 20:27:11 GMT
Server
nginx/1.21.3
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
jquery-1.12.2.min.js
cdn.convertri.com/ 		382 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2022-07-19-07-24-05
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-722.bunnyinfra.net
Software
BunnyCDN-DE-722 /
Resource Hash
cde57c1d6945d398ec23b1bd1235d8aacd75eeca3ecccab2cca38bd8d07ee973

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 20:27:11 GMT
content-encoding
br
cdn-edgestorageid
723
x-amz-request-id
23D6YKS5MDWADFX9
cdn-cachedat
09/13/2022 08:34:45
cdn-pullzone
408079
x-amz-id-2
itUMjX9ARFESDynljjB+dujYgqV3ulHugLuIE8XjgbgHrqD1kYTQlpRvfqbphWatJt6UoGYv0SU=
server
BunnyCDN-DE-722
last-modified
Tue, 13 Sep 2022 08:33:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"4955818171188e82d5ad0ec91618cb21"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=604800
cdn-requestid
1fbbeb0afe2db329d5cd28e6f306d132
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v23/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://happywealthydaily.co/
Origin
https://happywealthydaily.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 19:14:32 GMT
x-content-type-options
nosniff
age
4359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60540
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 19:14:32 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 		35 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://happywealthydaily.co/
Origin
https://happywealthydaily.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20776
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 16:54:50 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf_.ttf
fonts.gstatic.com/s/merriweather/v30/ 		40 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf_.ttf
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d7741f04f6aadf9277c61244f0b8b72fff88b0268441e44b9ac7d0785f8efe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://happywealthydaily.co/
Origin
https://happywealthydaily.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 08:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24690
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 08:03:08 GMT
4UaZrEtFpBI4f1ZSIK9d4LjJ4lM3OwRmPg.ttf
fonts.gstatic.com/s/exo/v20/ 		24 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4lM3OwRmPg.ttf
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4beef307cd12734e023b734426b7a30f85621803d1254e7be1407b02fbaf69f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://happywealthydaily.co/
Origin
https://happywealthydaily.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 07:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
393957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14421
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:28:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 07:01:14 GMT
cdn.min.css
cdn.convertri.com/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/cdn.min.css?v=2022-07-19-07-24-05
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-722.bunnyinfra.net
Software
BunnyCDN-DE-722 /
Resource Hash
59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 20:27:11 GMT
content-encoding
br
cdn-edgestorageid
863
x-amz-request-id
7WWV81PHVXSVNJW6
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
09/13/2022 08:34:17
cdn-pullzone
408079
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
h51S7k8k2uCnYf7LmFOBFbKIGKTT4iZo+a/FQKwNnk/rBsluiq1itIM3nbhQXqXTFcj6kMf/V5c=
server
BunnyCDN-DE-722
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 08:33:10 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"b0d55c9bb284b269b2781a94102dffbf"
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=604800
cdn-requestid
9bc248f5219bba7c752febd2a89b030b
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-469707474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 20:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
server
cafe
etag
1764007376392519731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 20:27:11 GMT
6095accf76ff1b0001edc450
pbssl.rdtk.io/ 		146 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbssl.rdtk.io/6095accf76ff1b0001edc450?format=json&
Requested by
Host: pbssl.rdtk.io
URL: https://pbssl.rdtk.io/track.js?rtkcmpid=6095accf76ff1b0001edc450
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
ad833049c61ee4cb8424fc101c7dbd8df797e4557cd9f6ff7116a79726c073d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 20:27:11 GMT
Server
nginx/1.21.3
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
146
i
snowplow.convertri.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow.convertri.com/i?stm=1663619231634&e=pv&url=https%3A%2F%2Fhappywealthydaily.co%2F&page=RARE%20FLOWER%20DEMOLISHES%20DIABETES!&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=f7c86b34-592b-4769-a9e2-710cc7b505b4&dtm=1663619231632&vp=1600x1200&ds=1600x1649&vid=1&sid=fb0356d4-6ed4-432a-9384-e843fc9f60d2&duid=c060a072-98f3-4e78-808d-4298c834a372&fp=577415770
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.150.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-150-11.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 20:27:11 GMT
access-control-allow-credentials
true
server
spray-can/1.3.3
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
view
pbssl.rdtk.io/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbssl.rdtk.io/view?clickid=6328d09fe34fe00001d15c22
Requested by
Host: pbssl.rdtk.io
URL: https://pbssl.rdtk.io/track.js?rtkcmpid=6095accf76ff1b0001edc450
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 20:27:11 GMT
Server
nginx/1.21.3
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/469707474/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/469707474/?random=1663619231670&cv=9&fst=1663619231670&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhappywealthydaily.co%2F&tiba=RARE%20FLOWER%20DEMOLISHES%20DIABETES!&auid=342956330.1663619232&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7320cf87166acdeea27802d950bee635082d37e58c60d3b033f7832aff139758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 20:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
flower.jpg
convertri.imgix.net/cea64393-a84d-11e9-99fe-0697e5ca793e/572dbd391deba6128fd911b0e6e75352937fb7e2/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/cea64393-a84d-11e9-99fe-0697e5ca793e/572dbd391deba6128fd911b0e6e75352937fb7e2/flower.jpg?auto=compress,format&fit=scale&w=592&h=592
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
0a820d429d28fd0b7bb88866d630297fcb7642f259b44351e9f7ef9851b53b81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 20:27:11 GMT
x-content-type-options
nosniff
age
1974734
x-cache
HIT, MISS
x-imgix-id
000b5e94f7f01a0bfd824f13720348e70fa8037a
content-length
14244
x-imgix-render-farm
01.1
last-modified
Sat, 27 Aug 2022 23:54:57 GMT
server
imgix
x-served-by
cache-sjc10042-SJC, cache-fra19174-FRA
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
/
www.google.com/pagead/1p-user-list/469707474/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/469707474/?random=1663619231670&cv=9&fst=1663617600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhappywealthydaily.co%2F&tiba=RARE%20FLOWER%20DEMOLISHES%20DIABETES!&async=1&fmt=3&is_vtc=1&random=2121975216&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 20:27:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/469707474/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/469707474/?random=1663619231670&cv=9&fst=1663617600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhappywealthydaily.co%2F&tiba=RARE%20FLOWER%20DEMOLISHES%20DIABETES!&async=1&fmt=3&is_vtc=1&random=2121975216&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: happywealthydaily.co
URL: https://happywealthydaily.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://happywealthydaily.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 20:27:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| documentClassList object| CONVERTRI_CONSTANTS object| convertriParameters object| warningMessages object| dataLayer object| ConvertriScriptConsent object| clickmagick_cmc object| bots function| gtag string| campaignID number| cachebuster string| rtkClickID function| removeParam object| urlParams string| pixelParams string| initialSrc function| stripTrailingSlash object| rawData function| setCookie string| _cvt_gsi function| needsJQuery function| convertriLoadDeferredStyles function| raf function| managePopovers function| Popover object| FormValidator object| UrlUtils object| google_tag_manager object| google_tag_data object| xhr function| CheckoutValidationErrorRenderer function| AnalyticsUtils function| ClickAnalyticsEventBuilder function| OpenCheckoutAnalyticsEventBuilder function| PurchaseAnalyticsEventBuilder function| PurchaseAnalyticsLegacyEventBuilder function| SubmitFormAnalyticsEventBuilder function| GmtDataLayerTracker function| AnalyticsEvent function| ClickAnalyticsEvent function| OpenCheckoutAnalyticsEvent function| PurchaseAnalyticsLegacyEvent function| PurchaseAnalyticsEvent function| SubmitFormAnalyticsEvent function| convertriCheckoutApiFactory function| convertriFormApiFactory function| convertriCheckoutFormApiFactory function| convertriCheckoutFormValidatorFactory function| jQueryToPromise function| orderDataFactory function| PaypalBasePaymentButton function| PaypalException function| PaypalOneTimePaymentButtonConfigFactory function| PaypalOneTimePaymentButton function| convertToPaypalOrder function| PaypalButtonConfigFactory function| PaypalSubscriptionButtonConfigFactory function| PaypalSubscriptionButton function| ShippingZonesHelper function| StripeElements function| CheckoutModalCustomValidatorFactory function| uniqueSelector function| visibilityChanged function| yall object| ConvertriCheckoutCurrencies object| ConvertriCheckoutEvents object| ConvertriCheckoutModalEvents object| ConvertriProductSelectionModalEvents function| ConvertriAnalytics object| CheckoutCoupons object| ConvertriAbandonedCartHandler object| ConvertriCheckoutController object| formWidgetCartInfo object| BlankFormValidator object| CheckoutHelpers object| PromiseHelpers object| ConvertriCheckoutPaymentDetailsForm object| ConvertriCheckoutModal object| ConvertriPreCheckoutProductSelection object| ConvertriCheckoutModalRenderer object| MobileDetector object| QueryArgBag function| ViewportResizer object| GlobalSnowplowNamespace function| ConvertriAnalyticsSnowplow function| Cookies object| doT function| ES6Promise function| $ function| jQuery object| Snowplow function| UAParser object| fbEventInfo object| fbPixelProxy function| getPresentCoupon function| handleCheckoutResponse string| newVal object| match object| jQuery112207729279136693263 object| xhrr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
.happywealthydaily.co/ Name: _gcl_au
Value: 1.1.342956330.1663619232
happywealthydaily.co/ Name: _sp_ses.f800
Value: *
happywealthydaily.co/ Name: _sp_id.f800
Value: c060a072-98f3-4e78-808d-4298c834a372.1663619232.1.1663619232.1663619232.fb0356d4-6ed4-432a-9384-e843fc9f60d2
happywealthydaily.co/ Name: rtkclickid-store
Value: 6328d09fe34fe00001d15c22
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.clkmc.com
cdn.convertri.com
convertri.imgix.net
fonts.gstatic.com
googleads.g.doubleclick.net
happywealthydaily.co
pbssl.rdtk.io
snowplow.convertri.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.225.78.12
142.250.74.194
185.59.220.199
2a00:1450:4001:800::2003
2a00:1450:4001:806::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a04:4e42:3::720
35.240.1.10
44.194.150.11
85.17.54.17
0a820d429d28fd0b7bb88866d630297fcb7642f259b44351e9f7ef9851b53b81
1adf1fd31f6cfa9e40b20edd301bb91570577e870f384250c9d65e164a28a83e
4beef307cd12734e023b734426b7a30f85621803d1254e7be1407b02fbaf69f7
51a7dd2c5d608e64babeca99833ee2f954519f3f60f5c51d7c60a437d3cd8400
59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32
7320cf87166acdeea27802d950bee635082d37e58c60d3b033f7832aff139758
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7d7741f04f6aadf9277c61244f0b8b72fff88b0268441e44b9ac7d0785f8efe9
7e4a11657157624d0b005d409540d20a4ba462618bf37a6c82ebd0200fb10287
8d25dca6b14a6d3f89b81853da2af33cc8552907931f2a15eee7e4710a44e832
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
ad833049c61ee4cb8424fc101c7dbd8df797e4557cd9f6ff7116a79726c073d3
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cde57c1d6945d398ec23b1bd1235d8aacd75eeca3ecccab2cca38bd8d07ee973
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629