urlscan.io logo urlscan.io
SecurityTrails logo

hotoffer.online Open in urlscan Pro
2606:4700:3036::681c:11c6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jionewoffer.online/
Effective URL: https://hotoffer.online/
Submission: On May 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3036::681c:11c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is hotoffer.online.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 25th 2020. Valid for: 7 months.
This is the only time hotoffer.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3036::681f:4667 (United States)

ASN13335 (CLOUDFLARENET, US)
jionewoffer.online
3    2606:4700:3036::681c:11c6 (United States)

ASN13335 (CLOUDFLARENET, US)
hotoffer.online
1    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:3037::ac43:d2be (United States)

ASN13335 (CLOUDFLARENET, US)
webpush.design
2    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
1    2606:4700:3037::681c:1df5 (United States)

ASN13335 (CLOUDFLARENET, US)
kaise-kare.com
1    2a00:1450:4001:816::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 hotoffer.online hotoffer.online
2 fonts.gstatic.com hotoffer.online
2 www.google-analytics.com www.googletagmanager.com
hotoffer.online
2 1.bp.blogspot.com hotoffer.online
2 maxcdn.bootstrapcdn.com hotoffer.online
2 www.gstatic.com hotoffer.online
2 code.jquery.com hotoffer.online
1 i.ytimg.com hotoffer.online
1 kaise-kare.com hotoffer.online
1 fonts.googleapis.com hotoffer.online
1 ajax.googleapis.com hotoffer.online
1 webpush.design hotoffer.online
1 www.googletagmanager.com hotoffer.online
1 jionewoffer.online 1 redirects
21 14

This site contains links to these domains. Also see Links.

Domain
techhyer.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-25 -
2020-10-09		 7 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hotoffer.online/
Frame ID: C48AAECA426EFDB406D78769F9FB38A4
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://jionewoffer.online/ HTTP 302
    https://hotoffer.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

817 kB
Transfer

1773 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jionewoffer.online/ HTTP 302
    https://hotoffer.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hotoffer.online/
Redirect Chain
  • https://jionewoffer.online/
  • https://hotoffer.online/
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:11c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
986328f394116d63d07951e9f3aa78df03595e8c51545ea0bb69e407b753c3c9

Request headers

:method
GET
:authority
hotoffer.online
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 30 May 2020 01:09:44 GMT
content-type
text/html
set-cookie
__cfduid=d8324f3c43294f1d393227d299db87a1a1590800983; expires=Mon, 29-Jun-20 01:09:43 GMT; path=/; domain=.hotoffer.online; HttpOnly; SameSite=Lax; Secure __cf_bm=ae023c46360b8a2d0982fb50b4e6da7e49388e32-1590800984-1800-AbeiCp7M3maV5YzqECmpOegcBwVQ6cv77YwZOoI85xex6e6DLpuN1776KS50aAUVl0tnM/tgeFBcqld9y766Mvo=; path=/; expires=Sat, 30-May-20 01:39:44 GMT; domain=.hotoffer.online; HttpOnly; Secure; SameSite=None
last-modified
Sun, 19 Apr 2020 12:36:50 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0304b9bf32000063831d35a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59b4924519146383-FRA
content-encoding
br

Redirect headers

status
302
date
Sat, 30 May 2020 01:09:43 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://hotoffer.online/
cf-request-id
0304b9bef7000063a1858b3200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
59b49244bbe763a1-FRA
js
www.googletagmanager.com/gtag/ 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-161822471-3
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cd7e2a66e682e50a33cf65fb95a6346c0f30f7f705f14a845a4f8adcdec6d21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33189
x-xss-protection
0
last-modified
Sat, 30 May 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 May 2020 01:09:44 GMT
jquery-1.12.4.js
code.jquery.com/ 		287 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.js
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 May 2020 01:09:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:18:54 GMT
Server
nginx
ETag
W/"573f46fe-47a36"
Vary
Accept-Encoding
X-HW
1590800984.dop163.fr8.t,1590800984.cds107.fr8.shn,1590800984.cds107.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
87176
jquery-ui.js
code.jquery.com/ui/1.12.1/ 		509 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 May 2020 01:09:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2016 16:34:16 GMT
Server
nginx
ETag
W/"57d97c08-7f20a"
Vary
Accept-Encoding
X-HW
1590800984.dop163.fr8.t,1590800984.cds107.fr8.shn,1590800984.cds107.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
124434
firebase-app.js
www.gstatic.com/firebasejs/7.13.2/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.13.2/firebase-app.js
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ab528380f96ff6386bf1e9ea0ec3d0db7a597e73d664c96651bdedf0c7a8c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 May 2020 17:49:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Apr 2020 21:45:15 GMT
server
sffe
age
803986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6595
x-xss-protection
0
expires
Thu, 20 May 2021 17:49:58 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/7.13.2/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.13.2/firebase-messaging.js
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d494582448240d1dcb7190517916cb94d332dab0b62e75a63cfc63ac1601319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 May 2020 23:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Apr 2020 21:45:16 GMT
server
sffe
age
956906
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10522
x-xss-protection
0
expires
Tue, 18 May 2021 23:21:18 GMT
push.js
webpush.design/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpush.design/push.js
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99411ae12735feba2760e6622c90ddd3f40d191bf3380528f089b1e1283b797f

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Apr 2020 09:18:39 GMT
server
cloudflare
etag
W/"1078-5e957fef-7e149;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=604800
cf-ray
59b492474a8397fc-FRA
cf-request-id
0304b9c08b000097fcdd99a200000001
expires
Sat, 06 Jun 2020 01:09:44 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/ 		119 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 14 Dec 2018 05:14:43 GMT
status
200
etag
"1544764483"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19736
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 May 2020 03:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337806
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 May 2021 03:19:38 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 14 Dec 2018 05:14:43 GMT
status
200
etag
"1544764483"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
10035
css
fonts.googleapis.com/ 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b54421a43bbae7736df2271ad1cce418249680cb104858cb0b3481212213eb25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 May 2020 01:09:44 GMT
server
ESF
date
Sat, 30 May 2020 01:09:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 May 2020 01:09:44 GMT
api.js
hotoffer.online/cdn-cgi/bm/cv/1284585713/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hotoffer.online/cdn-cgi/bm/cv/1284585713/api.js
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:11c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861882d17437983f578d2f8a3ee2b2909e44b7ff1fe75e085e73bc0f9dc56779
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=604800, public
cf-ray
59b49246e96a6383-FRA
cf-request-id
0304b9c051000063831d360200000001
1.PNG
1.bp.blogspot.com/-VWZN0RaaDyM/XnXHG7R4GSI/AAAAAAAAABM/UcBaIiZtDJIuozvjUZ7EBCTOAvf01knHwCNcBGAsYHQ/s620/ 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-VWZN0RaaDyM/XnXHG7R4GSI/AAAAAAAAABM/UcBaIiZtDJIuozvjUZ7EBCTOAvf01knHwCNcBGAsYHQ/s620/1.PNG
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
182a50d2acf6ad76aa95ce17b96ac19d2b4922e89e172ac3d2a3673d56515f2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="1.PNG"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
181508
x-xss-protection
0
server
fife
etag
"v14"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 30 May 2020 07:38:55 GMT
%E0%A4%B2%E0%A4%BF%E0%A4%82%E0%A4%97-%E0%A4%AC%E0%A5%9C%E0%A4%BE-%E0%A4%95%E0%A4%B0%E0%A4%A8%E0%A5%87-%E0%A4%95%E0%A5%87-%E0%A4%89%E0%A4%AA%E0%A4%BE%E0%A4%AF.jpg
kaise-kare.com/wp-content/uploads/2017/10/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaise-kare.com/wp-content/uploads/2017/10/%E0%A4%B2%E0%A4%BF%E0%A4%82%E0%A4%97-%E0%A4%AC%E0%A5%9C%E0%A4%BE-%E0%A4%95%E0%A4%B0%E0%A4%A8%E0%A5%87-%E0%A4%95%E0%A5%87-%E0%A4%89%E0%A4%AA%E0%A4%BE%E0%A4%AF.jpg
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681c:1df5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfeb41399b8601865d01797f64150a8906c67574a9a599cc7cf534aeaad0ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
327680
status
200
vary
Accept-Encoding
content-length
86903
cf-request-id
0304b9c0c5000064319dac2200000001
last-modified
Wed, 26 Feb 2020 17:53:11 GMT
server
cloudflare
etag
"5e56b087-15377"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
59b49247ac3a6431-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
maxresdefault.jpg
i.ytimg.com/vi/vahZPn52rIw/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/vahZPn52rIw/maxresdefault.jpg
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af20056eb23bac6d9cf7b3458a70f95bbc081931a25e6fe14e6e18377c0a432c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1580241229"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79190
x-xss-protection
0
expires
Sat, 30 May 2020 03:09:44 GMT
WhatsApp-Image-2019-11-04-at-4.39.53-PM-1.jpeg
1.bp.blogspot.com/-1zRMVqZHzNg/XnXH9ysD3bI/AAAAAAAAABU/LFKc7s0t_bwXpZiSv2aBpVfx-Zjl2tM2ACNcBGAsYHQ/s620/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-1zRMVqZHzNg/XnXH9ysD3bI/AAAAAAAAABU/LFKc7s0t_bwXpZiSv2aBpVfx-Zjl2tM2ACNcBGAsYHQ/s620/WhatsApp-Image-2019-11-04-at-4.39.53-PM-1.jpeg
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0f4df22beb75bcfb5d7f12fb6346e2dd67b6c787902fdc4c1c9194a61b5b4ec6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:09:44 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="WhatsApp-Image-2019-11-04-at-4.39.53-PM-1.jpeg"
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72939
x-xss-protection
0
server
fife
etag
"v16"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 30 May 2020 07:38:56 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161822471-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
1869
date
Sat, 30 May 2020 00:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sat, 30 May 2020 02:38:35 GMT
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=843801753&t=pageview&_s=1&dl=https%3A%2F%2Fhotoffer.online%2F&ul=en-us&de=UTF-8&dt=Thanks!!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1629404947&gjid=444633491&cid=702027770.1590800984&tid=UA-161822471-3&_gid=1460208594.1590800984&_r=1&gtm=2ou5k1&z=287064619
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 May 2020 01:09:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hotoffer.online/
Origin
https://hotoffer.online

Response headers

date
Mon, 18 May 2020 00:55:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jan 2015 22:48:53 GMT
server
sffe
age
1037640
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19684
x-xss-protection
0
expires
Tue, 18 May 2021 00:55:44 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900
Origin
https://hotoffer.online

Response headers

date
Tue, 19 May 2020 09:27:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
920560
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Wed, 19 May 2021 09:27:04 GMT
result
hotoffer.online/cdn-cgi/bm/cv/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hotoffer.online/cdn-cgi/bm/cv/result?req_id=59b4924519146383
Requested by
Host: hotoffer.online
URL: https://hotoffer.online/cdn-cgi/bm/cv/1284585713/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:11c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hotoffer.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
204
date
Sat, 30 May 2020 01:09:44 GMT
server
cloudflare
cf-request-id
0304b9c206000063831d366200000001
cf-ray
59b49249aa416383-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| firebase object| gaplugins object| gaGlobal object| gaData object| _0xf720 object| firebaseConfig function| getRegisterToken function| setTokenSentToServer function| sendTokenToServer function| isTokenSentToServer function| saveToken object| $jscomp function| $jscomp$lookupPolyfilledValue object| __CF$cv$params

5 Cookies

Domain/Path Name / Value
.hotoffer.online/ Name: _gid
Value: GA1.2.1460208594.1590800984
.hotoffer.online/ Name: _gat_gtag_UA_161822471_3
Value: 1
.hotoffer.online/ Name: _ga
Value: GA1.2.702027770.1590800984
.hotoffer.online/ Name: __cf_bm
Value: ae023c46360b8a2d0982fb50b4e6da7e49388e32-1590800984-1800-AbeiCp7M3maV5YzqECmpOegcBwVQ6cv77YwZOoI85xex6e6DLpuN1776KS50aAUVl0tnM/tgeFBcqld9y766Mvo=
.hotoffer.online/ Name: __cfduid
Value: d8324f3c43294f1d393227d299db87a1a1590800983

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
hotoffer.online
i.ytimg.com
jionewoffer.online
kaise-kare.com
maxcdn.bootstrapcdn.com
webpush.design
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
2606:4700:3036::681c:11c6
2606:4700:3036::681f:4667
2606:4700:3037::681c:1df5
2606:4700:3037::ac43:d2be
2a00:1450:4001:800::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:815::200a
2a00:1450:4001:816::2016
2a00:1450:4001:81b::2003
2a00:1450:4001:820::2003
2a00:1450:4001:825::2001
2a00:1450:4001:825::2008
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f4df22beb75bcfb5d7f12fb6346e2dd67b6c787902fdc4c1c9194a61b5b4ec6
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
182a50d2acf6ad76aa95ce17b96ac19d2b4922e89e172ac3d2a3673d56515f2f
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3ab528380f96ff6386bf1e9ea0ec3d0db7a597e73d664c96651bdedf0c7a8c24
3d494582448240d1dcb7190517916cb94d332dab0b62e75a63cfc63ac1601319
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
5cd7e2a66e682e50a33cf65fb95a6346c0f30f7f705f14a845a4f8adcdec6d21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861882d17437983f578d2f8a3ee2b2909e44b7ff1fe75e085e73bc0f9dc56779
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
986328f394116d63d07951e9f3aa78df03595e8c51545ea0bb69e407b753c3c9
99411ae12735feba2760e6622c90ddd3f40d191bf3380528f089b1e1283b797f
af20056eb23bac6d9cf7b3458a70f95bbc081931a25e6fe14e6e18377c0a432c
b54421a43bbae7736df2271ad1cce418249680cb104858cb0b3481212213eb25
bdfeb41399b8601865d01797f64150a8906c67574a9a599cc7cf534aeaad0ad0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855