app.roostermoney.com Open in urlscan Pro
52.18.128.161  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app.roostermoney.com/app-link/login/	56 KB 56 KB	668ms 539ms	Document text/html	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash bf77433c4ee2053bee04e48401eb5eb5b91eabba0c019e29c0f111389c32fb6f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-length 56857 content-type text/html; charset=utf-8 date Wed, 08 May 2024 16:09:58 GMT etag W/"de19-/wFSJIjYY7pyOgPiQL+vCJa0Pt4" strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	2 KB 837 B	139ms 48ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700,300 Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 08 May 2024 16:09:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 08 May 2024 16:09:58 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 08 May 2024 16:09:58 GMT
GET H2	200	app.css app.roostermoney.com/css/	189 KB 190 KB	100ms 96ms	Stylesheet text/css	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/css/app.css?r=20161104b Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash 3378f2dfc428cd75f1a3e7a74d0141eff1f4941cc6c45f1d3581869379f4f049 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:21 GMT etag W/"2f4c9-18ea92cac48" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 193737 x-xss-protection 1; mode=block
GET H2	200	connect.css app.roostermoney.com/css/	22 KB 22 KB	98ms 95ms	Stylesheet text/css	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/css/connect.css Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash 3ff0d580633713d4c9ca4ea654a4c8d93479c1ef17cac43131dc2ed0f6dc6c04 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:28 GMT etag W/"576c-18ea92cc7a0" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 22380 x-xss-protection 1; mode=block
GET H3	200	modernizr.min.js Show response cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/	11 KB 5 KB	140ms 92ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1951996 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3980 last-modified Mon, 04 May 2020 16:13:26 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f26-2b4c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYXJOeWYSATyjZtBYjTX4GtS0YfSmeANIm4A6S%2FR8B00VvLLElp87vhkznG%2BdD5dhWh2czxgaa51dI136Dn8Oa70aNaVg8QOiggUVeKg8jt%2FvSrDIaMXmld6P4lgvkZFNA3D8WOI"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 880ab79c8b981c26-FRA expires Mon, 28 Apr 2025 16:09:58 GMT
GET H2	200	promise.polyfill.js Show response app.roostermoney.com/js/	3 KB 4 KB	170ms 167ms	Script application/javascript	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/js/promise.polyfill.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash 3b1882f6436e819d5a91e0f9d95ead3e96e41ac2d8a5c8dfdd8bdc9c1269abeb Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:21 GMT etag W/"cb0-18ea92cac48" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 3248 x-xss-protection 1; mode=block
GET H2	200	fetch.umd.js Show response app.roostermoney.com/js/	8 KB 8 KB	64ms 61ms	Script application/javascript	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/js/fetch.umd.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash bcefc45db365592f34ec52b2405ca2c632415888abccc7a518cbf3a6fb3eef23 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:21 GMT etag W/"1f0c-18ea92cac48" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 7948 x-xss-protection 1; mode=block
GET H2	200	validation.js Show response app.roostermoney.com/js/	11 KB 12 KB	60ms 57ms	Script application/javascript	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/js/validation.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash 89efa627a40f4cdf7f2d196206cfb2391214b09bea5f10fde659e68fe8bbd24b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:28 GMT etag W/"2d7f-18ea92cc7a0" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 11647 x-xss-protection 1; mode=block
GET H2	200	textToDownload.js Show response app.roostermoney.com/js/	2 KB 3 KB	112ms 109ms	Script application/javascript	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/js/textToDownload.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash 926d05986bd0c0ab8c896145e16d1e6ca1fdddd58f2f15c8320700e95159d774 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:28 GMT etag W/"953-18ea92cc7a0" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 2387 x-xss-protection 1; mode=block
GET H2	200	app-icons.svg images.roostermoney.com/static/bbs/	4 KB 4 KB	366ms 249ms	Image image/svg+xml	2600:9000:237d:dc00:1b:5219:1040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.roostermoney.com/static/bbs/app-icons.svg Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:dc00:1b:5219:1040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b1b43a55930b9a6eabb1e32dcb33dcfc5ff44ff69bfc623b6de04447ebdeb8cf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:59 GMT via 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront) last-modified Fri, 27 Aug 2021 10:18:33 GMT server AmazonS3 x-amz-cf-pop MUC50-P2 etag "0c402a1ed797d21fd0507088d093476a" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml accept-ranges bytes content-length 3593 x-amz-cf-id DDzwtzlJk4KTtHgazkOCJnLRXMt7YxtAYI1PmMY5V9EF0mHAfimIrA==
GET H2	200	gtm.js Show response www.googletagmanager.com/	300 KB 100 KB	148ms 61ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KRNMKXC Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1eec95e91383128a0b3a952b0df5d743792fcb02aa2603e6518db2b12a8882b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 102453 x-xss-protection 0 last-modified Wed, 08 May 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 08 May 2024 16:09:58 GMT
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 855 B	130ms 48ms	Script text/javascript	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software GSE / Resource Hash b4a87969c4cc52d70e75db24b6bda485dbb1beef9ab5c4074e4020176ea1713b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Wed, 08 May 2024 16:09:58 GMT
GET H2	200	app-store.png app.roostermoney.com/img/appstore_icons/	12 KB 13 KB	127ms 126ms	Image image/png	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.roostermoney.com/img/appstore_icons/app-store.png Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash fa793c09a39ca90b69764acdc778ac5abef07a347b8c230c259da764a66ac883 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:21 GMT etag W/"3149-18ea92cac48" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 12617 x-xss-protection 1; mode=block
GET H2	200	play-store.png app.roostermoney.com/img/appstore_icons/	19 KB 19 KB	57ms 56ms	Image image/png	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.roostermoney.com/img/appstore_icons/play-store.png Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash e44859e408f6582de3b3da754287d2ead45b2f1a8097224c0090c648ef151691 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:21 GMT etag W/"4b48-18ea92cac48" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 19272 x-xss-protection 1; mode=block
GET H2	200	amazon-store.png app.roostermoney.com/img/appstore_icons/	17 KB 17 KB	59ms 57ms	Image image/png	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.roostermoney.com/img/appstore_icons/amazon-store.png Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash d03cabd0d37b9e6baa690e715229d4ac49aee3e8c3074b1765e4e59f860cfd46 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:21 GMT etag W/"4451-18ea92cac48" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 17489 x-xss-protection 1; mode=block
GET H2	200	cookieBar.js Show response app.roostermoney.com/js/	1 KB 1 KB	59ms 57ms	Script application/javascript	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/js/cookieBar.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash 70b9abb6007d373cbb17d8ff826c6fcbcfb3038628196260d6e2672c4f3003d0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:28 GMT etag W/"41d-18ea92cc7a0" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 1053 x-xss-protection 1; mode=block
GET H3	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/	88 KB 28 KB	51ms 50ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1080427 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 28112 last-modified Wed, 21 Dec 2022 00:05:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "63a24ddb-6dd0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1O04VmkcWPIntDgvM6JZWJG6v6anlMHTjYxbo3gWRMsqMGvzto1OOJ84S9rcud%2BSWY1B3XyY5OCsA2x0J1OUyVDzaguldWy967%2BV9AyK4XR2OQ6vB6rqJBxGjdvwapJBgYr7d%2BX"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 880ab79dedd01c26-FRA expires Mon, 28 Apr 2025 16:09:58 GMT
GET H3	200	jquery.hoverIntent.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.hoverintent/1.9.0/	1 KB 1 KB	93ms 91ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.hoverintent/1.9.0/jquery.hoverIntent.min.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20a37ff9050b61882a7931a1ccf2566696b57d806eaf8bb805a25b740c9546ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 509328 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 576 last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-57d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EC9HuJSxPpMgYjINoNt1%2B5M%2FpHJQKOcEaQB8JZKtoDit%2BelWQ72m8NCd064gGZDAuF7XHMPhWy0cLZk6sH3kcJaJ9gagI5M5JeJNAk5GHZNuv9e8RDSJfMatJtWUrbP9x4JqvIBg"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 880ab79dedd11c26-FRA expires Mon, 28 Apr 2025 16:09:58 GMT
GET H3	200	velocity.min.js Show response cdnjs.cloudflare.com/ajax/libs/velocity/2.0.5/	47 KB 16 KB	94ms 92ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/velocity/2.0.5/velocity.min.js Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36d3d077f272ed97b613bd984bc5890c632eeb1158a262d889b134869c8b4e3b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1948792 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 15359 last-modified Mon, 04 May 2020 16:17:30 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb0401a-bc18" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Y4njCo6W3mi1VNw6aCKForA08MfB6uCxYReJaklTMw2z3dttvkmqe1Hxw0sjDPzjzICqVCJ4cNeUvqnTm%2F2NMh%2BiASA%2BYdYrd%2FebChsMdVLfsrs%2BosZICQAL1LGm3JXNA2AEi8w"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 880ab79dedd31c26-FRA expires Mon, 28 Apr 2025 16:09:58 GMT
GET H2	200	nanumpenscript.css fonts.googleapis.com/earlyaccess/	91 KB 23 KB	52ms 52ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/earlyaccess/nanumpenscript.css Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/css/app.css?r=20161104b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 00f24f400f901efe8873250ccd8650edd28b5f3edfe265ec62b58128973ed6cb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 08 May 2024 16:09:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 08 May 2024 16:09:58 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 08 May 2024 16:09:58 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 24 KB	127ms 39ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://app.roostermoney.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:02:21 GMT x-content-type-options nosniff age 115657 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 May 2025 08:02:21 GMT
GET H2	200	Rooster-Big.png app.roostermoney.com/img/homepage/slide-0/	44 KB 45 KB	59ms 57ms	Image image/png	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.roostermoney.com/img/homepage/slide-0/Rooster-Big.png Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/css/connect.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash f8baff4a152344a306ed0a13934ccf9ad425244969991e65def71d944bf5a55e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/css/connect.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:21 GMT etag W/"b127-18ea92cac48" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 45351 x-xss-protection 1; mode=block
GET H2	200	select-arrow.svg images.roostermoney.com/static/bbs/	425 B 773 B	181ms 180ms	Image image/svg+xml	2600:9000:237d:dc00:1b:5219:1040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.roostermoney.com/static/bbs/select-arrow.svg Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/css/connect.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:dc00:1b:5219:1040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ea3f4adb9bc7c646cada35ae4f58bb6ecf1dec41abef6571475faf9cb5b377af Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:59 GMT via 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront) last-modified Fri, 27 Aug 2021 10:18:33 GMT server AmazonS3 x-amz-cf-pop MUC50-P2 etag "c3bec4ea2230f7c228045d5f2d5ca7f7" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml accept-ranges bytes content-length 425 x-amz-cf-id iA7-xh1zMb3RuZXhutetybOt1kRxTO1KOP8iINwX7iz7Ehgmoh8Flw==
GET H2	200	send-link.svg images.roostermoney.com/static/bbs/	385 B 735 B	211ms 210ms	Image image/svg+xml	2600:9000:237d:dc00:1b:5219:1040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.roostermoney.com/static/bbs/send-link.svg Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/css/connect.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:dc00:1b:5219:1040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a1893c756bfcc00e5849659fa47364f878835db2e6eae0761d715e9beb27d40 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:59 GMT via 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront) last-modified Fri, 27 Aug 2021 10:18:33 GMT server AmazonS3 x-amz-cf-pop MUC50-P2 etag "322802e3771a9415c3ed080b7985bd95" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/svg+xml accept-ranges bytes content-length 385 x-amz-cf-id _ar2tTjjNZI0zgIEDTWtOB67MR_WqhcHz8NoGOPC6NBGzRBlYzw7_w==
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	126ms 77ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://app.roostermoney.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 04 May 2024 19:07:30 GMT x-content-type-options nosniff age 334948 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 02 May 2023 15:07:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 04 May 2025 19:07:30 GMT
GET BLOB	200 OK	085c9b0c-c350-4171-851d-ef489102678e https://app.roostermoney.com/	218 B 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://app.roostermoney.com/085c9b0c-c350-4171-851d-ef489102678e Requested by Host: app.roostermoney.com URL: https://app.roostermoney.com/app-link/login/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 0a64a8e8c3e320320a0340916b6606014c2193eba441414d2250636ebc834839 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 218 Content-Type
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/	509 KB 203 KB	125ms 38ms	Script text/javascript	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Origin https://app.roostermoney.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 15:54:46 GMT content-encoding gzip x-content-type-options nosniff age 912 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 207268 x-xss-protection 0 last-modified Mon, 22 Apr 2024 21:03:35 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 08 May 2025 15:54:46 GMT
POST H3	200	landing pagead2.googlesyndication.com/pagead/	42 B 64 B	156ms 75ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3q3q2q5&rnd=2050522864.1715184599&url=https%3A%2F%2Fapp.roostermoney.com%2Fapp-link%2Flogin%2F&dma_cps=-&dma=1&npa=1&gtm=45He4510n81KRNMKXCv812170830za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRNMKXC Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 08 May 2024 16:09:59 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	288 KB 98 KB	59ms 59ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-865MLBM1DX&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRNMKXC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f668f7467fb49721bfaf60a265134e72e5590665abd43f7f30180bf3fa850b95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:58 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100392 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 08 May 2024 16:09:58 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 257 B	206ms 46ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-865MLBM1DX&gtm=45je4510v878944310z8812170830za200&_p=1715184598433&gcs=G100&gcd=13q3q3q2q5&npa=1&dma_cps=-&dma=1&cid=845358617.1715184599&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=1&sid=1715184599&sct=1&seg=0&dl=https%3A%2F%2Fapp.roostermoney.com%2Fapp-link%2Flogin%2F&dt=NatWest%20Rooster%20Money&en=page_view&_fv=1&_nsi=1&_ss=1&ep.clean_url=%2Fapp-link%2Flogin%2F&tfd=1315 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-865MLBM1DX&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 08 May 2024 16:09:59 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.roostermoney.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 45A7	0 0	178ms 95ms	Document text/html	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfRFGofAAAAABUvnC92EFiqNdMwn5EDXnkF8FvD&co=aHR0cHM6Ly9hcHAucm9vc3Rlcm1vbmV5LmNvbTo0NDM.&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=4tfu71k61ly2 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-we-swhxopPeQ5lAXPQleHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://app.roostermoney.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-we-swhxopPeQ5lAXPQleHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 08 May 2024 16:09:59 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe www.google.com/recaptcha/api2/ Frame 4D52	0 0	53ms 53ms	Document text/html	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfRFGofAAAAABUvnC92EFiqNdMwn5EDXnkF8FvD Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-_e3iYvFe6C1r7TD7C-bKPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://app.roostermoney.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-_e3iYvFe6C1r7TD7C-bKPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 08 May 2024 16:09:59 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	47ms 47ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-865MLBM1DX&gtm=45je4510v878944310za200&_p=1715184598433&gcs=G100&gcd=13q3q3q2q5&npa=1&dma_cps=-&dma=1&cid=845358617.1715184599&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_eu=AEA&_s=2&sid=1715184599&sct=1&seg=0&dl=https%3A%2F%2Fapp.roostermoney.com%2Fapp-link%2Flogin%2F&dt=NatWest%20Rooster%20Money&en=scroll&ep.clean_url=%2Fapp-link%2Flogin%2F&epn.percent_scrolled=90&_et=5&tfd=2209 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-865MLBM1DX&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 08 May 2024 16:09:59 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.roostermoney.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicon-32x32.png app.roostermoney.com/	2 KB 2 KB	57ms 56ms	Other image/png	52.18.128.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.roostermoney.com/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.18.128.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-128-161.eu-west-1.compute.amazonaws.com Software / Resource Hash a3a741b689d3bc3f18967cdc61b31de0e688a856229568114508569465ed45a1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.roostermoney.com/app-link/login/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 08 May 2024 16:09:59 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff last-modified Thu, 04 Apr 2024 12:54:21 GMT etag W/"75e-18ea92cac48" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 1886 x-xss-protection 1; mode=block

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer object| html5 object| Modernizr object| WHATWGFetch function| recaptchaCallback function| JustValidate function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_859681

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.roostermoney.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
images.roostermoney.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.25.14
142.250.185.226
142.250.186.68
2001:4860:4802:32::36
2600:9000:237d:dc00:1b:5219:1040:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
52.18.128.161
00f24f400f901efe8873250ccd8650edd28b5f3edfe265ec62b58128973ed6cb
0a64a8e8c3e320320a0340916b6606014c2193eba441414d2250636ebc834839
1eec95e91383128a0b3a952b0df5d743792fcb02aa2603e6518db2b12a8882b0
20a37ff9050b61882a7931a1ccf2566696b57d806eaf8bb805a25b740c9546ef
2a1893c756bfcc00e5849659fa47364f878835db2e6eae0761d715e9beb27d40
3378f2dfc428cd75f1a3e7a74d0141eff1f4941cc6c45f1d3581869379f4f049
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
36d3d077f272ed97b613bd984bc5890c632eeb1158a262d889b134869c8b4e3b
3b1882f6436e819d5a91e0f9d95ead3e96e41ac2d8a5c8dfdd8bdc9c1269abeb
3ff0d580633713d4c9ca4ea654a4c8d93479c1ef17cac43131dc2ed0f6dc6c04
70b9abb6007d373cbb17d8ff826c6fcbcfb3038628196260d6e2672c4f3003d0
89efa627a40f4cdf7f2d196206cfb2391214b09bea5f10fde659e68fe8bbd24b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
926d05986bd0c0ab8c896145e16d1e6ca1fdddd58f2f15c8320700e95159d774
a3a741b689d3bc3f18967cdc61b31de0e688a856229568114508569465ed45a1
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b1b43a55930b9a6eabb1e32dcb33dcfc5ff44ff69bfc623b6de04447ebdeb8cf
b4a87969c4cc52d70e75db24b6bda485dbb1beef9ab5c4074e4020176ea1713b
bcefc45db365592f34ec52b2405ca2c632415888abccc7a518cbf3a6fb3eef23
bf77433c4ee2053bee04e48401eb5eb5b91eabba0c019e29c0f111389c32fb6f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d03cabd0d37b9e6baa690e715229d4ac49aee3e8c3074b1765e4e59f860cfd46
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44859e408f6582de3b3da754287d2ead45b2f1a8097224c0090c648ef151691
ea3f4adb9bc7c646cada35ae4f58bb6ecf1dec41abef6571475faf9cb5b377af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f668f7467fb49721bfaf60a265134e72e5590665abd43f7f30180bf3fa850b95
f8baff4a152344a306ed0a13934ccf9ad425244969991e65def71d944bf5a55e
fa793c09a39ca90b69764acdc778ac5abef07a347b8c230c259da764a66ac883