marketplace.dealspotr.com Open in urlscan Pro
52.9.64.153  Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request @ringex Show response marketplace.dealspotr.com/	323 KB 31 KB	550ms 203ms	Document text/html	52.9.64.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.9.64.153 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-9-64-153.us-west-1.compute.amazonaws.com Software nginx / Resource Hash 814b6442d27a71ff22422b4c89bd3a3464dbd9ef387b36f84193ad9a76e254f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=utf-8 date Mon, 25 Apr 2022 06:29:52 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-cache MISS x-content-type-options nosniff x-frame-options DENY x-ua-compatible IE=edge x-xss-protection 1; mode=block
GET H2	200	Lato-Regular.woff2 cdn.dealspotr.com/fonts/	25 KB 25 KB	54ms 11ms	Font font/woff2	2600:9000:224a:6200:7:7ff8:a1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dealspotr.com/fonts/Lato-Regular.woff2 Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:6200:7:7ff8:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 7c3f62bc75b940288db40b5418a20c053d5e2b3a68882b9c91de3ddc0bb1098f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://marketplace.dealspotr.com/@ringex Origin https://marketplace.dealspotr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Thu, 03 Feb 2022 11:06:50 GMT via 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront) x-content-type-options nosniff age 6981782 x-cache Hit from cloudfront content-length 25356 x-xss-protection 1; mode=block last-modified Thu, 28 Oct 2021 03:43:16 GMT server nginx etag "b3203ab7e93677081bda7ae28b2de5bd" x-frame-options DENY content-type font/woff2 access-control-allow-origin * cache-control max-age=7776000 x-amz-cf-pop DUS51-P1 accept-ranges bytes x-amz-cf-id e1d377zeuMid33PXSNz7GanEonxpPzUCxBiOz22jAQ6vFGIesuVW1A==
GET H2	200	Lato-Bold.woff2 cdn.dealspotr.com/fonts/	25 KB 25 KB	61ms 19ms	Font font/woff2	2600:9000:224a:6200:7:7ff8:a1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dealspotr.com/fonts/Lato-Bold.woff2 Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:6200:7:7ff8:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 236247d6d208767c2a4dd05e17210039874af17c157c1eaf80ec24cba433d0e7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://marketplace.dealspotr.com/@ringex Origin https://marketplace.dealspotr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Thu, 10 Mar 2022 06:33:39 GMT via 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront) x-content-type-options nosniff age 3974173 x-cache Hit from cloudfront content-length 25188 x-xss-protection 1; mode=block last-modified Tue, 28 Dec 2021 19:18:11 GMT server nginx etag "f7f58e6ed4a768b1d2a14a4c62e28964" x-frame-options DENY content-type font/woff2 access-control-allow-origin * cache-control max-age=7776000 x-amz-cf-pop DUS51-P1 accept-ranges bytes x-amz-cf-id eVt5hzXwVJuilHM6td9MqWfb3OSIDGntssGln5Ky21sr8acI6z11EA==
GET H2	200	Lato-Italic.woff2 cdn.dealspotr.com/fonts/	26 KB 26 KB	63ms 21ms	Font font/woff2	2600:9000:224a:6200:7:7ff8:a1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dealspotr.com/fonts/Lato-Italic.woff2 Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:6200:7:7ff8:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 30384555288b6b4709cd2797fb1cb7ec7ebbe1266fb058cf55462849a230bcf7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://marketplace.dealspotr.com/@ringex Origin https://marketplace.dealspotr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 27 Mar 2022 14:06:34 GMT via 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront) x-content-type-options nosniff age 2478198 x-cache Hit from cloudfront content-length 26260 x-xss-protection 1; mode=block last-modified Tue, 28 Dec 2021 19:18:11 GMT server nginx etag "78d931184edb85bb73ffae6547f36e2a" x-frame-options DENY content-type font/woff2 access-control-allow-origin * cache-control max-age=7776000 x-amz-cf-pop DUS51-P1 accept-ranges bytes x-amz-cf-id 4_a2AG0cpzd4x2_SbAiUYrWJGEqnDe5kwp0LA-WMxtGGlE5-yNzz6A==
GET H2	200	0116.js Show response script.crazyegg.com/pages/scripts/0102/	5 KB 2 KB	58ms 25ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0102/0116.js Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf8d00951ef0d3eb47ba9768d49fe6abc3254f0a883dc98811e4340aa3f813cb Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 06:29:52 GMT content-encoding gzip cf-cache-status HIT age 237824 cf-polished origSize=5359 cf-ray 701506da5b2ecc4a-ZRH ce-version 11.1.403 last-modified Fri, 22 Apr 2022 12:26:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-bgj minify
GET H2	200	logo-black.png cdn.dealspotr.com/images/statics/	3 KB 4 KB	34ms 10ms	Image image/png	2600:9000:224a:6200:7:7ff8:a1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dealspotr.com/images/statics/logo-black.png Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:6200:7:7ff8:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5ef9a7af7d2c08d22cf80e41107a2baea519861411641b29b121f089985429e0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sat, 02 Apr 2022 13:33:26 GMT via 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront) x-content-type-options nosniff age 1961786 x-cache Hit from cloudfront content-length 3153 x-xss-protection 1; mode=block last-modified Tue, 28 Dec 2021 19:18:11 GMT server nginx etag "d2bb32cdf6fc9396121ccf999e1a08c1" x-frame-options DENY content-type image/png access-control-allow-origin * cache-control max-age=7776000 x-amz-cf-pop DUS51-P1 accept-ranges bytes x-amz-cf-id Bh1OqKX-uTak7CpsNQtRC51V1VvNH_lfchFSeI5Hjh29Vem-9gvrNQ==
GET H2	200	resize img.dealspotr.com/	4 KB 4 KB	295ms 92ms	Image image/png	2600:1f18:6699:ef00:117d:6cf:7b:4b0e AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.dealspotr.com/resize?aspect=center&crop=false&url=%2F%2Fcdn.dealspotr.com%2Fimages%2Fapi%2Fdefault-avatar.png&width=230&height=230 Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:6699:ef00:117d:6cf:7b:4b0e Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash c53d6766aaaf0e1a49a3f12d635785018ccb2cc21c830aa2b9164f0a1b76e589 Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 06:29:52 GMT cache-control public, max-age=7776000 last-modified Fri, 07 Jun 2019 23:07:02 GMT server nginx content-length 4315 x-cache HIT content-type image/png
GET H2	200	logo130.png cdn.dealspotr.com/images/statics/	3 KB 3 KB	18ms 10ms	Image image/png	2600:9000:224a:6200:7:7ff8:a1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dealspotr.com/images/statics/logo130.png Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:6200:7:7ff8:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash cf4cc0d4d38b72da0868473ac9f908f07d679df016def2c424eec3eb4a47371a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 27 Mar 2022 16:28:08 GMT via 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront) x-content-type-options nosniff age 2469704 x-cache Hit from cloudfront content-length 2842 x-xss-protection 1; mode=block last-modified Tue, 28 Dec 2021 19:18:11 GMT server nginx etag "2e103cf5606a88de0a7bbaaa582ecdf0" x-frame-options DENY content-type image/png access-control-allow-origin * cache-control max-age=7776000 x-amz-cf-pop DUS51-P1 accept-ranges bytes x-amz-cf-id lBVKe69oRLqTRWi-w64CZvUDzB3gFLGlmBbunTIVPn0rJLMnsHIteQ==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	28ms 6ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 3302 date Mon, 25 Apr 2022 05:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 25 Apr 2022 07:34:50 GMT
GET H2	200	commons-1aa2a665b5b31cf39062.js Show response cdn.dealspotr.com/bundles/	579 KB 179 KB	11ms 11ms	Script application/javascript	2600:9000:224a:6200:7:7ff8:a1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dealspotr.com/bundles/commons-1aa2a665b5b31cf39062.js Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:6200:7:7ff8:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6a9781d6512d6bbc3dc326cf43a54b23f5a90445f146c82962f57d6a7522da08 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://marketplace.dealspotr.com/@ringex Origin https://marketplace.dealspotr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:50:07 GMT content-encoding gzip x-content-type-options nosniff age 2489985 via 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Tue, 28 Dec 2021 18:44:56 GMT server nginx x-frame-options DENY etag W/"14e660b938080dc8c77393c8cca3323b" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=7776000 x-amz-cf-pop DUS51-P1 x-amz-cf-id 5BOxWyZqu8XKs7pMwRy-A2rJhj02P_S5jzXr8LUkYzmDT-llW7xFAw==
GET H2	200	app-66c26f07e34d5a2cdcdd.js Show response cdn.dealspotr.com/bundles/	2 MB 442 KB	24ms 23ms	Script application/javascript	2600:9000:224a:6200:7:7ff8:a1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dealspotr.com/bundles/app-66c26f07e34d5a2cdcdd.js Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:6200:7:7ff8:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b38c27ebba05d1478ff4177e74de0027385021a601a52483b5dcaa7286c81261 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://marketplace.dealspotr.com/@ringex Origin https://marketplace.dealspotr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Sat, 26 Mar 2022 23:01:30 GMT content-encoding gzip x-content-type-options nosniff age 2532502 via 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Tue, 28 Dec 2021 17:54:24 GMT server nginx x-frame-options DENY etag W/"5b423d19c4558c466299a0f5022d11b1" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=7776000 x-amz-cf-pop DUS51-P1 x-amz-cf-id YglVYVwOIalstnmVN_VFLHZo5S4Zuj-L5m2rZ4XGeOr5lOwgCl8vTQ==
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 448 B	58ms 19ms	XHR text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-49492930-1&cid=125715001.1650868192&jid=1077741344&gjid=2120356086&_gid=368661946.1650868192&_u=IGBAgEABAAAAAE~&z=1961231765 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://marketplace.dealspotr.com/@ringex accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 25 Apr 2022 06:29:52 GMT content-type text/plain access-control-allow-origin https://marketplace.dealspotr.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	6ms 5ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1158261167&t=pageview&_s=1&dl=https%3A%2F%2Fmarketplace.dealspotr.com%2F%40ringex&ul=en-us&de=UTF-8&dt=Ringex%20(%40ringex)%20%7C%20Dealspotr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1077741344&gjid=2120356086&cid=125715001.1650868192&tid=UA-49492930-1&_gid=368661946.1650868192&z=517385543 Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers pragma no-cache date Sun, 24 Apr 2022 22:19:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 29447 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	0116.json Show response script.crazyegg.com/pages/data-scripts/0102/	8 KB 2 KB	80ms 35ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0102/0116.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0102/0116.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e39a4ebf0541ae4ed886f1ca54caa7cb58ff542a3c15a4ef6d10c497c66dea60 Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 06:29:52 GMT content-encoding gzip cf-cache-status HIT age 237820 ce-version 11.1.403 content-length 1563 timing-allow-origin * last-modified Fri, 22 Apr 2022 12:26:12 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes cf-ray 701506daf90e23df-ZRH
POST H2	200	/ Show response o1095749.ingest.sentry.io/api/6115612/envelope/	2 B 283 B	64ms 9ms	Fetch application/json	34.120.195.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o1095749.ingest.sentry.io/api/6115612/envelope/?sentry_key=c748e4af2795417f85fa7dc464568401&sentry_version=7 Requested by Host: cdn.dealspotr.com URL: https://cdn.dealspotr.com/bundles/commons-1aa2a665b5b31cf39062.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://marketplace.dealspotr.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 25 Apr 2022 06:29:52 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://marketplace.dealspotr.com access-control-expose-headers retry-after, x-sentry-error, x-sentry-rate-limits x-envoy-upstream-service-time 0 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	40ms 19ms	Image image/gif	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-49492930-1&cid=125715001.1650868192&jid=1077741344&_u=IGBAgEABAAAAAE~&z=275689014 Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers pragma no-cache date Mon, 25 Apr 2022 06:29:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	39ms 18ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-49492930-1&cid=125715001.1650868192&jid=1077741344&_u=IGBAgEABAAAAAE~&z=275689014 Requested by Host: marketplace.dealspotr.com URL: https://marketplace.dealspotr.com/@ringex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers pragma no-cache date Mon, 25 Apr 2022 06:29:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	11.1.403.js Show response script.crazyegg.com/pages/versioned/common-scripts/	80 KB 26 KB	24ms 24ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0102/0116.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1684874c8bae229c40a136c7ebe1df660961e0722f79076a17ce49294b6e6db Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers timing-allow-origin * date Mon, 25 Apr 2022 06:29:52 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 17 Mar 2022 15:34:49 GMT server cloudflare age 237836 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes cf-ray 701506dc6d43cc4a-ZRH content-length 26410
GET H2	200	0116.json Show response script.crazyegg.com/pages/sampling-data-scripts/0102/ Frame 333B	534 B 333 B	28ms 28ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/sampling-data-scripts/0102/0116.json?t=458574 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d8fcb114bb2f7bbc37edd5265e8ea01ef01c1a41d03701db081e3d6e9cce220 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 06:29:52 GMT content-encoding gzip cf-cache-status HIT age 314 ce-version 11.1.403 content-length 241 timing-allow-origin * last-modified Mon, 25 Apr 2022 06:24:38 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes cf-ray 701506dcbb8123df-ZRH
GET H2	200	healthcheck Show response pagestates-tracking.crazyegg.com/ Frame 333B	19 B 420 B	30ms 9ms	XHR binary/octet-stream	18.66.248.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pagestates-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.26 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-26.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Tue, 21 Dec 2021 13:52:43 GMT via 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront) last-modified Tue, 05 Oct 2021 13:53:30 GMT server AmazonS3 age 10773430 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-pop DUS51-P1 accept-ranges bytes content-length 19 x-amz-cf-id -lo_rH1STxLyysW_x81FGlJg1scHQLEHjNKkDIcboCSHO20Ym4dHXA==
GET H2	200	healthcheck Show response assets-tracking.crazyegg.com/ Frame 333B	19 B 420 B	30ms 9ms	XHR binary/octet-stream	18.66.248.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-91.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Tue, 21 Dec 2021 13:24:28 GMT via 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront) last-modified Tue, 05 Oct 2021 13:53:30 GMT server AmazonS3 age 10775125 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-pop DUS51-P1 accept-ranges bytes content-length 19 x-amz-cf-id UFIc9hHKBoqsGT3OpXbl8L_KYJL32r_7wIYKndWNfQoE7yl678I2VA==
GET BLOB	200 OK	ab0a9d86-ca9d-40c7-9761-a3a3a7626fca https://marketplace.dealspotr.com/	53 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://marketplace.dealspotr.com/ab0a9d86-ca9d-40c7-9761-a3a3a7626fca Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049 Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Length 53 Content-Type text/javascript
GET H2	200	clock Show response tracking.crazyegg.com/ Frame 333B	27 B 134 B	109ms 49ms	XHR text/plain	54.77.91.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tracking.crazyegg.com/clock?t=1650868192834 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.77.91.70 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-77-91-70.eu-west-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash c34f1a447c6552ce0bb1e34f3c8c5e8913b7d5496675384442a2c6d00245838f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers access-control-allow-origin * date Mon, 25 Apr 2022 06:29:52 GMT cache-control no-store server awselb/2.0 content-length 27 content-type text/plain
GET BLOB	200 OK	c9ba8623-794d-426f-9b94-2c2b5bba1329 https://marketplace.dealspotr.com/	218 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://marketplace.dealspotr.com/c9ba8623-794d-426f-9b94-2c2b5bba1329 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 35aac3025bd69e3f6aef5678bfa52c4880e61dc2f6e70fe32e0d54137aa7c21b Request headers accept-language de-DE,de;q=0.9 Referer https://marketplace.dealspotr.com/@ringex User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Content-Length 218 Content-Type text/javascript
POST H3	200	/ Show response o1095749.ingest.sentry.io/api/6115612/envelope/	41 B 59 B	23ms 9ms	Fetch application/json	34.120.195.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o1095749.ingest.sentry.io/api/6115612/envelope/?sentry_key=c748e4af2795417f85fa7dc464568401&sentry_version=7 Requested by Host: cdn.dealspotr.com URL: https://cdn.dealspotr.com/bundles/commons-1aa2a665b5b31cf39062.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash f74c07bb077eb66b492c7b9ddd1edcdca9cfd418784a890532cc74739360bab2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://marketplace.dealspotr.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 25 Apr 2022 06:29:53 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://marketplace.dealspotr.com access-control-expose-headers x-sentry-error, x-sentry-rate-limits, retry-after x-envoy-upstream-service-time 0 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| App string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackChunk boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL object| SENTRY_RELEASE object| SENTRY_RELEASES object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| CE2BH function| CE_URL_FINGERPRINT

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dealspotr.com/	1969-12-31 23:59:59	Name: _csrf Value: c7FFrV4v1jTLHq94j3w3nY3x
			.dealspotr.com/	1970-01-20 11:20:04	Name: x_tracking_id Value: e2d8a9b1-1913-45a2-9ed7-b727a34f3cc8
			.dealspotr.com/	1970-01-20 20:05:40	Name: _ga Value: GA1.2.125715001.1650868192
			.dealspotr.com/	1970-01-20 02:35:54	Name: _gid Value: GA1.2.368661946.1650868192
			.dealspotr.com/	1970-01-20 02:34:28	Name: _gat Value: 1
			.dealspotr.com/	1969-12-31 23:59:59	Name: cebs Value: 1
			.dealspotr.com/	1970-01-20 11:20:04	Name: _ce.s Value: v~9ffccc5281cdb0bdee9041f0756a40ac2742f0ba~vpv~0~v11.rlc~1650868192947

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
cdn.dealspotr.com
img.dealspotr.com
marketplace.dealspotr.com
o1095749.ingest.sentry.io
pagestates-tracking.crazyegg.com
script.crazyegg.com
stats.g.doubleclick.net
tracking.crazyegg.com
www.google-analytics.com
www.google.com
www.google.de
18.66.248.26
18.66.248.91
2600:1f18:6699:ef00:117d:6cf:7b:4b0e
2600:9000:224a:6200:7:7ff8:a1c0:93a1
2606:4700::6813:9408
2a00:1450:4001:800::200e
2a00:1450:4001:810::2003
2a00:1450:4001:828::2004
2a00:1450:400c:c06::9c
34.120.195.249
52.9.64.153
54.77.91.70
0d8fcb114bb2f7bbc37edd5265e8ea01ef01c1a41d03701db081e3d6e9cce220
236247d6d208767c2a4dd05e17210039874af17c157c1eaf80ec24cba433d0e7
30384555288b6b4709cd2797fb1cb7ec7ebbe1266fb058cf55462849a230bcf7
35aac3025bd69e3f6aef5678bfa52c4880e61dc2f6e70fe32e0d54137aa7c21b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5ef9a7af7d2c08d22cf80e41107a2baea519861411641b29b121f089985429e0
6a9781d6512d6bbc3dc326cf43a54b23f5a90445f146c82962f57d6a7522da08
7c3f62bc75b940288db40b5418a20c053d5e2b3a68882b9c91de3ddc0bb1098f
814b6442d27a71ff22422b4c89bd3a3464dbd9ef387b36f84193ad9a76e254f7
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
a1684874c8bae229c40a136c7ebe1df660961e0722f79076a17ce49294b6e6db
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b38c27ebba05d1478ff4177e74de0027385021a601a52483b5dcaa7286c81261
c34f1a447c6552ce0bb1e34f3c8c5e8913b7d5496675384442a2c6d00245838f
c53d6766aaaf0e1a49a3f12d635785018ccb2cc21c830aa2b9164f0a1b76e589
cf4cc0d4d38b72da0868473ac9f908f07d679df016def2c424eec3eb4a47371a
cf8d00951ef0d3eb47ba9768d49fe6abc3254f0a883dc98811e4340aa3f813cb
e39a4ebf0541ae4ed886f1ca54caa7cb58ff542a3c15a4ef6d10c497c66dea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f74c07bb077eb66b492c7b9ddd1edcdca9cfd418784a890532cc74739360bab2