urlscan.io logo urlscan.io
SecurityTrails logo

www.buyprep.eu Open in urlscan Pro
2606:4700:20::681a:c06  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apis.axxus.es/traffic/buyprep_eu.php
Effective URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Submission: On August 31 via api from LU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2606:4700:20::681a:c06, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.buyprep.eu.
TLS certificate: Issued by R3 on July 18th 2021. Valid for: 3 months.
This is the only time www.buyprep.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
21 4
Domain Requested by
15 www.buyprep.eu www.buyprep.eu
4 www.google-analytics.com www.buyprep.eu
www.google-analytics.com
2 maxcdn.bootstrapcdn.com www.buyprep.eu
maxcdn.bootstrapcdn.com
1 apis.axxus.es 1 redirects
21 4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.buyprep.net
www.buyprep.asia
www.comprarprep.eu
Subject Issuer Validity Valid
*.buyprep.eu
R3		 2021-07-18 -
2021-10-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Frame ID: 75737F289B25B5C6346C36E6232F1EFE
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ricovir EM ➡️ Buy PrEP (Pre Exposure Prophylaxis)

Page URL History Show full URLs

  1. https://apis.axxus.es/traffic/buyprep_eu.php HTTP 301
    https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1069 kB
Transfer

1905 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apis.axxus.es/traffic/buyprep_eu.php HTTP 301
    https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ricovir-em
www.buyprep.eu/
Redirect Chain
  • https://apis.axxus.es/traffic/buyprep_eu.php
  • https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
54 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e280b4768036355692834d9c37804ecb6fe33590afeef42de02fe0d8a72133aa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:method
GET
:authority
www.buyprep.eu
:scheme
https
:path
/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-type
text/html; charset=utf-8
set-cookie
PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200a6d116c28b1841e185c6f57d50e3601364ff590d5027e45465551105af9b1a3042a7548a623bdbde12aa163c56653b910ec033599f1695c89adfca1b3fc7a7885bef5c0af7bf521f7297277582cd4ff2e6ba052ec7e1544dbc793fd8b70abcf218f7cf21f1dc196c57beecca5d10c29790355f9e9857b88e7e6ee4875b16f322050d4da9b7e0cb02f7ac337e6f62a497ded6a3f7b7cc4301f5889728415609194fe8d3d485b7c354db9eb015277ba41e902153413cf3435b7dbd93e7eea859c316a35f2bd611f7c994645cd69354f56325295e; expires=Mon, 20-Sep-2021 15:43:23 GMT; Max-Age=1728000; path=/; domain=www.buyprep.eu; secure; HttpOnly PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; path=/ PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200149fd66e1dc0de84f59e235286ab836c93138adbcb698dc4c062d873bb99a3d35d37d1d3747653830259e0873e1169425d7702a823f2a9b9613b04ebfe948267385cf59dc587f4f1143b8a031ece69c6d8ada8904bb4aaec474eba8ec2688f408364da1df69ac27ed688a07c23df4a23d6d4f13037e839997bc4f6ef386e29f3070c6d1a29ab90ef065b17859713abf5fcb21712ad3ce65277693473a97a5ec81cf13d8d69bdfd1feb303c70d315516474e25ed8d4f6349d17a302e23d3c9fe132f26adf692fb99e68f0ce687841175e06559f53a176233b3dc658e50b8a18280ab4d1462a98; expires=Mon, 20-Sep-2021 15:43:23 GMT; Max-Age=1728000; path=/; domain=www.buyprep.eu; secure; HttpOnly PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc; expires=Mon, 20-Sep-2021 15:43:23 GMT; Max-Age=1728000; path=/; domain=www.buyprep.eu; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozhd%2FY3VmK9%2Becsm6PbC6QiH5tL6OqeI5%2BeQ4FBn7lOVpXBtdXTYQ7ZYTbZpeNZMOEqBcqfyH5plSgznMKdp%2BDkDe79YmLstigN5IV2m4v6wMvszr7Picp07y28bzCSRgOEUppXECMb4o6Wg"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
server
cloudflare
cf-ray
68775fcab8e74a7a-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-type
text/html; charset=UTF-8
location
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtyghVVAfsrhVDGZJ8lQQpvSzw5rnJsdKM2umeLDMECMOjFjEMvlv1eNmkWqz1g1vYWqvoCh4wj9t6q1Q4S2lfILng7f4wVRZUpUdy7GTLJLkczviLrAewY2ys%2BzwqY8Z5CyKnD9pKrS6dsV"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=2592000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
68775fca2f682bca-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
DxGErrmoXa75FkST3G_ajeRRD2w.js
www.buyprep.eu/cdn-cgi/apps/head/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/cdn-cgi/apps/head/DxGErrmoXa75FkST3G_ajeRRD2w.js
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
137579e1696bcd4d1daa398a1f7b0384aff90575cb2969be7d60784428b04c5a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/cdn-cgi/apps/head/DxGErrmoXa75FkST3G_ajeRRD2w.js
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1337682
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
DTDC7XYTBNKMCCW5
x-amz-id-2
Pd6Xu3XeGI/0BhOeiBdP89QSzgKNh5cajXk/3Wy17QXM2FPz4EQVSnuJt1bcBs3CYlDjGdyrDKg=
last-modified
Mon, 16 Aug 2021 03:03:23 GMT
server
cloudflare
etag
W/"698dc68493f2322c659f0ba28fb8e7c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnrE8ULpXzpgHD%2FtfviGnf8x3ADv9ne259vfgAHJKD6pyyJ5fIJw7RcdoxDGHG8lSJ6wHiBSuwaEvRoFnD7WUZhKnfcGU5y19CD9b1i%2FyD2U18tdvqrJZjeIfxr5BH3Hg4ReDq8hFAKiB3sO"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
blQZdSeHM3rOyx6mRzg39ghjAOGsQkUB
cache-control
public, max-age=31536000
cf-ray
68775fcbeb0964cd-FRA
theme-b8dd8488.css
www.buyprep.eu/themes/buyprepeu/assets/cache/ 		356 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ae9a471256549491b27839a3cca9147b28674d5f102fe78f9e36ea0d2c4e48
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/themes/buyprepeu/assets/cache/theme-b8dd8488.css
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128034
cf-polished
origSize=365780
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sat, 14 Aug 2021 14:44:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWnebsltUp2u1t3fPcFHJzhYoO9nafE9hi%2BWOKBOJ%2FbGKG5pm0Ux9tKtjRr%2FoDpTMaxhjtzYdUhrUrtDmvfIqa4gMoow%2BKk9gZJqGonek6EBJqzVuYsoBKN1UlxyVrXfHu3mOowpqc1RuBv0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
max-age=604800
cf-ray
68775fcbdb0864cd-FRA
expires
Mon, 06 Sep 2021 04:09:29 GMT
buyprep-eu-logo-1627924709.jpg
www.buyprep.eu/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buyprep.eu/img/buyprep-eu-logo-1627924709.jpg
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79b3f2dd2ee4941563f67acdb776c17b800f91b891573d2561f762b1d908f08
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/img/buyprep-eu-logo-1627924709.jpg
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149783
cf-polished
origFmt=png, origSize=7153
content-disposition
inline; filename="buyprep-eu-logo-1627924709.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4186
last-modified
Mon, 02 Aug 2021 17:18:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3y5WcrZwnXTn8wiNc%2BNCAQrdZNY8f7QKe3yu7BUek3SmmB1ApocL6gJqn%2Bv1YOfygzE9C1pfxGwSAS6dSsWVNndY5p6Z0JhDDylF1wMdBWWtSFZCIobFRqEe3k%2FeTwlOjmkzXbjyc8f9%2BOs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Tue, 28 Sep 2021 22:07:00 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68775fcc2b1664cd-FRA
cf-bgj
imgq:100,h2pri
ricovir-em.jpg
www.buyprep.eu/2-large_default/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buyprep.eu/2-large_default/ricovir-em.jpg
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a98912cec090cf0ce8662622301f83846a421ca60d34a4e2931b1874e2092cb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/2-large_default/ricovir-em.jpg
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500458
cf-polished
origFmt=png, origSize=225847
content-disposition
inline; filename="ricovir-em.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
153554
last-modified
Fri, 30 Jul 2021 21:31:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r34DpGvKW%2FF7UVgvc7UOBcZfoLBBRtm3ORMHzDyK%2FLdTixahsyOTOiidmZV4U3EN31MeM8uX3ADinSTzS3uwQltt09kDE3lYJkMVb8yCM6IVLfPt1qGphU%2Fsf4E%2BfkIAtVxyqdwDDwh8aHhn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 24 Sep 2021 20:42:25 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68775fcc3b1964cd-FRA
cf-bgj
imgq:100,h2pri
ricovir-em.jpg
www.buyprep.eu/2-home_default/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buyprep.eu/2-home_default/ricovir-em.jpg
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f569417ef05aaaabb84d5087ae84a1efc970970ac3357bc837a797e1878c1053
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/2-home_default/ricovir-em.jpg
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
419881
cf-polished
origFmt=png, origSize=64647
content-disposition
inline; filename="ricovir-em.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
46338
last-modified
Fri, 30 Jul 2021 21:31:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXAjC6h0yN66dhmqreVE2rbziZ3qIt%2B%2BUQBirLAaUjnUDQgB4FtoOss%2BIPlJblmC7m8VbzhsT4L4KkSYxMds9MUF65wLX5JHINV%2BjzylM59%2FrZ0zt3q3PGEMP6EpTf1Cljs%2B3YRA11wRlqP0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 25 Sep 2021 19:05:22 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68775fcc3b1a64cd-FRA
cf-bgj
imgq:100,h2pri
1.jpg
www.buyprep.eu/img/m/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buyprep.eu/img/m/1.jpg
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd0264ec52abe3a12fdb898457d7f97ede31695740b07435a7b6696c3dc97eb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/img/m/1.jpg
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1336445
cf-polished
origFmt=png, origSize=9918
content-disposition
inline; filename="1.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3682
last-modified
Mon, 02 Aug 2021 20:31:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpwtPOzsvNCX53kvtXM53c5EWzx5yJCSsWwJwfYtzr%2BNIHTbe2XvEj2DXa5nb9QRo3ZMmkX88qpAcMc3C%2FyFiUVXH6gPLuKFPyALV3v1yX3GUarpccE%2B0KEWSyGeTNgfryTiJqc1ZXlz2zlX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Wed, 15 Sep 2021 04:29:18 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68775fcc3b1b64cd-FRA
cf-bgj
imgq:100,h2pri
ricovir-em.jpg
www.buyprep.eu/2-medium_default/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buyprep.eu/2-medium_default/ricovir-em.jpg
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1376c2d8e99fcf067c5599d679081eb259c467229cdf050724fcb080a7dce64
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/2-medium_default/ricovir-em.jpg
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506140
cf-polished
origFmt=png, origSize=212443
content-disposition
inline; filename="ricovir-em.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
154620
last-modified
Fri, 30 Jul 2021 21:31:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5KEvUgA8ZLCTUMz7e8kBZqZ%2B8vIKcKBGiIdRQmoS2NmcpqtzvJtbcSy4gzaIG37Y6DfqsZxE00xdz42L%2FylbOBr3pDNKNYlvT0vJv33ziK3CAgqpAXaVWUQ2z%2B1J9umgJqQUoypMzfkATxY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 24 Sep 2021 19:07:43 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68775fcc3b1d64cd-FRA
cf-bgj
imgq:100,h2pri
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buyprep.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
13977906
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
31c1d03f36e6925686f0025777c3980d
cf-ray
68775fcc08852484-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bottom-8b022e87.js
www.buyprep.eu/themes/buyprepeu/assets/cache/ 		567 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/themes/buyprepeu/assets/cache/bottom-8b022e87.js
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63da621bb64eb16719b5be55e2b9b3534d55ee826c9f0c4e6d856d1cc9628809
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/themes/buyprepeu/assets/cache/bottom-8b022e87.js
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
125906
cf-polished
origSize=599599
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sat, 14 Aug 2021 14:44:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BEQhpZ36vs2%2BmotRUMxWGupBkQmJhprIV3Azega7cT1m5Le6R5oHCvMB%2BvlSjs%2BLkmRVglT4PcdUpt93FgyKjfj7VsW9tJUPx7R6k9POvkg2MghAFa%2Bim2zvAQbbK9alsUt%2BwrhJqyDL3to"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-bgj
minify
cache-control
max-age=604800
cf-ray
68775fcc1b1564cd-FRA
expires
Mon, 06 Sep 2021 04:44:57 GMT
truncated
/ 		359 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe2a4e0e9e5be052631edf226196d3ef257f6cc88944349ebfe5051010bbcb5a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

Content-Type
text/css;charset=utf-8
ZLKPFkyqR8rz6EvWqaHklIKzWX0.js
www.buyprep.eu/cdn-cgi/apps/body/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/cdn-cgi/apps/body/ZLKPFkyqR8rz6EvWqaHklIKzWX0.js
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/cdn-cgi/apps/head/DxGErrmoXa75FkST3G_ajeRRD2w.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
438ef24cc689524677dac0f379ba5d09a52952cfd3207ba2ec7b31a4510cd4de
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/cdn-cgi/apps/body/ZLKPFkyqR8rz6EvWqaHklIKzWX0.js
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1337676
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
39F51W07E30P6E2V
x-amz-id-2
fV63r8b2fP07xuBJ/OUS/8DWjBD6Z9Px/pFXY+FZlJ7ZlwCBOhiy7YzziWE1S2tJ48I7fxbsmUM=
last-modified
Mon, 16 Aug 2021 03:03:23 GMT
server
cloudflare
etag
W/"7999c45ee11d904aabf43ece40ee0560"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A10SlfAEmdwwKVia3BPr3wfM6d6q9xbPPnCo5zhrpn7YcEwAh7MaeIidn2c1u06vQlHzb%2Bdk94XIGp67u%2BYZZwk%2Brw4v4SHtV8pkYpfJRQp9kHXkhydObO8qEv%2BoLyqwdc1Gi3W4wQ4Fzln3"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
l0yRc0HsQgPh47LipvBFGlB8z1rntVXj
cache-control
public, max-age=31536000
cf-ray
68775fcc3b1e64cd-FRA
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buyprep.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3083
date
Tue, 31 Aug 2021 14:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 31 Aug 2021 16:52:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b190da42f5bfdbee8c6066fa30c9a56aa782fbcc4547ca8bfff1027cc39fce53

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

Content-Type
image/svg+xml
truncated
/ 		848 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eac6090b1b43f3705512e9d5accdd18be6cac3c4b09d7bb851c4745dc1558e56

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

Content-Type
image/svg+xml
e049aeb07a2ae1627933e8e58d3886d2.svg
www.buyprep.eu/themes/classic/assets/css/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buyprep.eu/themes/classic/assets/css/e049aeb07a2ae1627933e8e58d3886d2.svg
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190ad4fb49484fc295ea10ecbeebf92fd0841b6957fd6d3a7b4cf51dafdfcf1a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:path
/themes/classic/assets/css/e049aeb07a2ae1627933e8e58d3886d2.svg
pragma
no-cache
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1336444
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 16 Jul 2021 01:48:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGVBqqvyzuSJJN86XgkDiH7vcqCTb58AOkHhKQKnRzhdxlWYzIeu8ZSuQ4GQTS1JO0cBviIjmzWoDPXQx%2BN%2BXxC61wmrIbXCaZC9gei3vcdu%2B8BoaR%2BAH2zPofpsJ1Jpbs05iOf0%2FAMsl9AE"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
68775fcc4b2164cd-FRA
expires
Tue, 16 Aug 2022 04:29:19 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8542e90db3cb53609d7156e57fc3e36de4fe1a20789bb0093d40d39faf236d0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f1cc3997b489830199481bd30fc7e0b387062c94b0ec2c7e5696cca20bf792e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

Content-Type
image/svg+xml
truncated
/ 		891 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ad160ce6133161c316d427aec79083d0fd9c4b05b6f15d5cffd98578add7b9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

Content-Type
image/svg+xml
19c1b868764c0e4d15a45d3f61250488.woff2
www.buyprep.eu/themes/classic/assets/css/ 		158 KB
158 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/themes/classic/assets/css/19c1b868764c0e4d15a45d3f61250488.woff2
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6979c41c7cc7a6d6b4bc9b96d5556472078784e287b980c25fdda259fedfc6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.buyprep.eu
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
:path
/themes/classic/assets/css/19c1b868764c0e4d15a45d3f61250488.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
accept
*/*
cache-control
no-cache
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.buyprep.eu
Referer
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1337674
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
161480
last-modified
Fri, 16 Jul 2021 01:48:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fob%2BRKig1xEDwhtEsEKqQ8yDyEu4yahcmsIZHGXQTcQuJuoYx1rPs5ePiZ%2F4ATPbyKYzEBakkK8WZ5RUYA8WBeJJ%2FCmfE0f7HnRmX7D4ECXfgEJIBXYcvUYoDyMdddByfDnQ5G%2BD1O9HiFi4"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68775fcc4b2264cd-FRA
expires
Tue, 16 Aug 2022 04:08:49 GMT
570eb83859dc23dd0eec423a49e147fe.woff2
www.buyprep.eu/themes/classic/assets/css/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/themes/classic/assets/css/570eb83859dc23dd0eec423a49e147fe.woff2
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.buyprep.eu
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
:path
/themes/classic/assets/css/570eb83859dc23dd0eec423a49e147fe.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
accept
*/*
cache-control
no-cache
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.buyprep.eu
Referer
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1337674
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
44300
last-modified
Fri, 16 Jul 2021 01:48:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u94yslhAHFyTDgDxzFcyXu1LzHLkHce1unjlBDDAERocoSaHXUKAPG1mZrVGmz80oJvPRqPfN%2BT515ZN9LzyRVLOf9UckKLrGycAq%2FRBsmGRX%2Bcon0fJLdyMtafMcWcszh%2FJ0ji2Eb8brWt5"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68775fcc4b2364cd-FRA
expires
Tue, 16 Aug 2022 04:08:49 GMT
199038f07312bfc6f0aabd3ed6a2b64d.woff2
www.buyprep.eu/themes/classic/assets/css/ 		156 KB
157 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/themes/classic/assets/css/199038f07312bfc6f0aabd3ed6a2b64d.woff2
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72545562dc0383aef0b0288ab2e0f1bce4bf7df59530939875ff90983bd8465
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.buyprep.eu
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
:path
/themes/classic/assets/css/199038f07312bfc6f0aabd3ed6a2b64d.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
accept
*/*
cache-control
no-cache
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.buyprep.eu
Referer
https://www.buyprep.eu/themes/buyprepeu/assets/cache/theme-b8dd8488.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
653711
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
160208
last-modified
Fri, 16 Jul 2021 01:48:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1J39LbFO5ZBiX3o4PvhvT0gENc7OfG474fjkTTDamTIvWYX1s%2BPLqGG8ZJj831Lin27pxLNgB9cuHww5tjEYhOjlFjLrAHnuP1zj9SiyjgrS%2FCnRhRv7VvIefdGbExxL6h7d2sVSbBr4JDQ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68775fcc4b2464cd-FRA
expires
Wed, 24 Aug 2022 02:08:12 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buyprep.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1078
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Tue, 31 Aug 2021 16:25:25 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1916985609&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buyprep.eu%2Fricovir-em%3Futm_source%3Dpopads%26utm_medium%3Dcpm%26utm_campaign%3Dfakereferals&ul=en-us&de=UTF-8&dt=Ricovir%20EM%20%E2%9E%A1%EF%B8%8F%20Buy%20PrEP%20(Pre%20Exposure%20Prophylaxis)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEIJAAAAAC~&jid=451011192&gjid=551080081&cid=697828879.1630424604&tid=UA-203283543-1&_gid=1592843804.1630424604&_r=1&_slc=1&did=d6YPbH&z=1155496024
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buyprep.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 15:43:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.buyprep.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0be5ab7a9de5e2340f137739809e35971b7825bc769ab138e6045544a5b37259

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

Content-Type
text/css;charset=utf-8
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.buyprep.eu
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752, 617, 617, 617
age
2763458
cdn-cachedat
2021-07-24 16:36:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
71896
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f5f4937ebd2a7415bc50efd7cf9cce6f
accept-ranges
bytes
cf-ray
68775fcd68c44e4f-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
ListComments
www.buyprep.eu/module/productcomments/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.buyprep.eu/module/productcomments/ListComments?id_product=1&page=1
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/themes/buyprepeu/assets/cache/bottom-8b022e87.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d79ef2a5456327a733804d38e65d10379b8a51b79014fbf79d8ec9582c48c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
PHPSESSID=ligekqh51hi5ndp06ujhqmhhnp; PrestaShop-09c503570a1267227d12d4cd1c8bd178=def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc; _ga=GA1.2.697828879.1630424604; _gid=GA1.2.1592843804.1630424604; _gat=1
:path
/module/productcomments/ListComments?id_product=1&page=1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147
accept
*/*
cache-control
no-cache
:authority
www.buyprep.eu
referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

date
Tue, 31 Aug 2021 15:43:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qx3jq0TPtXH4CkK0VqOTqRUImfHDFH%2F%2FcBbjEewIHngU0OC09UuDOCJEIdXj7h9G9pmphcKw9F7BYwPHdyTkQ8%2F1gVPPUOQc%2FgMsOQsOSO%2BUV1glXrKb4AcUwXqw6F1qTMYqsSgXyvtgjc6f"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
68775fcdbb8364cd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f35599d67db8ec0033ec7f57eff6ec5f6e5824920d51012a11e1754f78d263c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1916985609&t=event&ni=1&cu=EUR&_s=2&dl=https%3A%2F%2Fwww.buyprep.eu%2Fricovir-em%3Futm_source%3Dpopads%26utm_medium%3Dcpm%26utm_campaign%3Dfakereferals&ul=en-us&de=UTF-8&dt=Ricovir%20EM%20%E2%9E%A1%EF%B8%8F%20Buy%20PrEP%20(Pre%20Exposure%20Prophylaxis)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=UX&ea=detail&el=Product%20Detail%20View&_u=aGBAAEIJAAAAAC~&jid=&gjid=&cid=697828879.1630424604&tid=UA-203283543-1&_gid=1592843804.1630424604&did=d6YPbH&pa=detail&pr1id=1&pr1nm=ricovir-em&pr1ca=prep&pr1br=&pr1va=0&pr1ps=0&pr1qt=1&pr1pr=%E2%82%AC84.90&z=648436215
Requested by
Host: www.buyprep.eu
URL: https://www.buyprep.eu/ricovir-em?utm_source=popads&utm_medium=cpm&utm_campaign=fakereferals
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buyprep.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 OPR/78.0.4093.147

Response headers

pragma
no-cache
date
Mon, 30 Aug 2021 19:08:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74090
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| CloudflareApps object| Pace object| prestashop string| prestashopFacebookAjaxController string| psemailsubscription_subscription object| gaDevIds string| GoogleAnalyticsObject function| ga string| productCommentUpdatePostErrorMessage string| productCommentAbuseReportErrorMessage string| productCommentPostErrorMessage object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setcook function| closeUeNotify object| GoogleAnalyticEnhancedECommerce function| addNotification object| productListingComments object| jQBrowser function| $ function| jQuery function| Tether function| Waypoint

5 Cookies

Domain/Path Name / Value
.buyprep.eu/ Name: _gat
Value: 1
.buyprep.eu/ Name: _gid
Value: GA1.2.1592843804.1630424604
.buyprep.eu/ Name: _ga
Value: GA1.2.697828879.1630424604
.www.buyprep.eu/ Name: PrestaShop-09c503570a1267227d12d4cd1c8bd178
Value: def50200bddf7c8c2d7483c0fd920d881d2c1c2d38e7475b08249200fde0093931fdb6597a9885318d64a070c0c354960c1b067610785c4d9e3d0d4927d444ab021908f258de122ec5aa50afe952c9de17600667ca39eefa68009aa1508125d3c156a2fade6d02c446aaddbe567a14f5984ad771b68119e520a6904b0ddaa9a22dab88fc7e529a6547ff259a206a5b3ba423d3832e40ebd82eff6beaa226393fc7d99b5bae8da9c667f5b8b734d621beae9f604cf54f5a744e13405e357045554660ed029caa4b353349d98a0fb0bee16a16e8f49c09b79ffe0dbfbad0a490a2cf1c7968cb43886c37d8f825a4892698bc21592411683004a9fcac239583bb552ad4254926f959aed2da2d64ca63552f33dc
www.buyprep.eu/ Name: PHPSESSID
Value: ligekqh51hi5ndp06ujhqmhhnp

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.buyprep.eu/themes/buyprepeu/assets/cache/bottom-8b022e87.js(Line 40)
Message:
JQMIGRATE: Migrate is installed, version 3.1.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.axxus.es
maxcdn.bootstrapcdn.com
www.buyprep.eu
www.google-analytics.com
2606:4700:20::681a:c06
2606:4700:3035::ac43:8ca8
2606:4700::6812:acf
2a00:1450:4001:831::200e
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0be5ab7a9de5e2340f137739809e35971b7825bc769ab138e6045544a5b37259
137579e1696bcd4d1daa398a1f7b0384aff90575cb2969be7d60784428b04c5a
190ad4fb49484fc295ea10ecbeebf92fd0841b6957fd6d3a7b4cf51dafdfcf1a
1f35599d67db8ec0033ec7f57eff6ec5f6e5824920d51012a11e1754f78d263c
28d79ef2a5456327a733804d38e65d10379b8a51b79014fbf79d8ec9582c48c9
3f1cc3997b489830199481bd30fc7e0b387062c94b0ec2c7e5696cca20bf792e
438ef24cc689524677dac0f379ba5d09a52952cfd3207ba2ec7b31a4510cd4de
5a6979c41c7cc7a6d6b4bc9b96d5556472078784e287b980c25fdda259fedfc6
63ad160ce6133161c316d427aec79083d0fd9c4b05b6f15d5cffd98578add7b9
63da621bb64eb16719b5be55e2b9b3534d55ee826c9f0c4e6d856d1cc9628809
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a98912cec090cf0ce8662622301f83846a421ca60d34a4e2931b1874e2092cb
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1376c2d8e99fcf067c5599d679081eb259c467229cdf050724fcb080a7dce64
a79b3f2dd2ee4941563f67acdb776c17b800f91b891573d2561f762b1d908f08
a8542e90db3cb53609d7156e57fc3e36de4fe1a20789bb0093d40d39faf236d0
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
b190da42f5bfdbee8c6066fa30c9a56aa782fbcc4547ca8bfff1027cc39fce53
cdd0264ec52abe3a12fdb898457d7f97ede31695740b07435a7b6696c3dc97eb
e280b4768036355692834d9c37804ecb6fe33590afeef42de02fe0d8a72133aa
e6ae9a471256549491b27839a3cca9147b28674d5f102fe78f9e36ea0d2c4e48
e72545562dc0383aef0b0288ab2e0f1bce4bf7df59530939875ff90983bd8465
eac6090b1b43f3705512e9d5accdd18be6cac3c4b09d7bb851c4745dc1558e56
f569417ef05aaaabb84d5087ae84a1efc970970ac3357bc837a797e1878c1053
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe2a4e0e9e5be052631edf226196d3ef257f6cc88944349ebfe5051010bbcb5a