www.originalsbyrosanna.clientschoice.com Open in urlscan Pro
67.225.208.14  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.originalsbyrosanna.clientschoice.com/	11 KB 11 KB	612ms 224ms	Document text/html	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash f3ca2c2e380ad6dd5673b392120b78a173d775167cb9e1fa142f0910406806bd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 10947 content-type text/html date Fri, 08 Dec 2023 00:30:19 GMT last-modified Wed, 18 Oct 2023 10:59:33 GMT server Apache
GET H2	200	css fonts.googleapis.com/	2 KB 980 B	39ms 16ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300 Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4d20f3d941ac9828ed48f9424e249fba0939dc62e99875ae214e85de9886b62d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 00:30:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 07 Dec 2023 23:19:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 00:30:19 GMT
GET H2	200	css fonts.googleapis.com/	386 B 372 B	41ms 18ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Federo Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 049fb6fe99c81dda4f85202a6e45c70dfab58a414266cdb2e4cae5bb7aa1a310 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 00:30:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 08 Dec 2023 00:30:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 00:30:19 GMT
GET H2	200	p7HMY-01.css www.originalsbyrosanna.clientschoice.com/p7hmy/	11 KB 11 KB	117ms 115ms	Stylesheet text/css	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/p7hmy/p7HMY-01.css Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 75d6ac7b44d2b59c92ac6092fcab2cd9f8fafaf3abf177d403b1fce5b3fc0f11 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 11647 content-type text/css
GET H2	200	p7AMM-01.css www.originalsbyrosanna.clientschoice.com/p7amm/	39 KB 39 KB	118ms 116ms	Stylesheet text/css	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/p7amm/p7AMM-01.css Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash dd970a1a6f927dee43c59dfe8986bdda1d92f98b1672d9ae47648a0d38244626 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 39856 content-type text/css
GET H2	200	p7GADZ-01.css www.originalsbyrosanna.clientschoice.com/p7gadzooks/	9 KB 9 KB	118ms 116ms	Stylesheet text/css	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/p7GADZ-01.css Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 0bc23c84339d43fe68ec0ff996be2d93e984f6e9aa7b80bcc271388d4a769c01 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 8934 content-type text/css
GET H2	200	p7HMYscripts.js Show response www.originalsbyrosanna.clientschoice.com/p7hmy/	4 KB 4 KB	116ms 114ms	Script text/javascript	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/p7hmy/p7HMYscripts.js Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash d86856c05752054fc2f93760889188816f86fc52ce27c1106dd9007112ec6566 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 3946 content-type text/javascript
GET H2	200	p7SCSscripts.js Show response www.originalsbyrosanna.clientschoice.com/p7scs/	5 KB 5 KB	117ms 115ms	Script text/javascript	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/p7scs/p7SCSscripts.js Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 0f79a8b86ccc69cb047a5eee60e35b16368f4421be964a1e34af9f2e95a61bdf Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 5369 content-type text/javascript
GET H2	200	p7AMMscripts.js Show response www.originalsbyrosanna.clientschoice.com/p7amm/	37 KB 37 KB	341ms 340ms	Script text/javascript	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/p7amm/p7AMMscripts.js Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash b10e1bdda8e5e89a99fc25068ea2612d06eb5beb9418b1a1f0a5442cf8a47842 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 38281 content-type text/javascript
GET H2	200	p7PM3-01.css www.originalsbyrosanna.clientschoice.com/p7pm3/	10 KB 10 KB	116ms 115ms	Stylesheet text/css	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/p7pm3/p7PM3-01.css Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 54b1d13d33f606d5c17572b15a017efd7449b21261fafdc56285b66af238c1e8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 18:17:26 GMT server Apache accept-ranges bytes content-length 10110 content-type text/css
GET H2	200	p7PM3scripts.js Show response www.originalsbyrosanna.clientschoice.com/p7pm3/	37 KB 37 KB	341ms 340ms	Script text/javascript	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.originalsbyrosanna.clientschoice.com/p7pm3/p7PM3scripts.js Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 7ccda7a9c2902381c6fce41ae63aeea789f689164fb91bd9a9386dccd172b1bf Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 18:17:26 GMT server Apache accept-ranges bytes content-length 37696 content-type text/javascript
GET H2	200	sharethis.js Show response platform-api.sharethis.com/js/	205 KB 46 KB	68ms 10ms	Script text/javascript	108.157.4.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://platform-api.sharethis.com/js/sharethis.js Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-79.dus51.r.cloudfront.net Software / Resource Hash 130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:24:31 GMT content-encoding gzip via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop DUS51-P2 age 366 etag W/"332a8-TLw9AuvfjXyryvfCUMBAgFW/bLw" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript; charset=utf-8 edge-control cache-maxage=60m,downstream-ttl=60m cache-control max-age=600, public x-cache Hit from cloudfront x-amz-cf-id ucaVHsdnuf1rDFurtFJqE69wxKtsJjXWiWBpaCeA9tOeyG8f9IMNLg==
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 3 KB	23ms 8ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 258990c761aab3a5c47f954b00b0fd70883914a0f74265d7d397f96ddcbf37d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.originalsbyrosanna.clientschoice.com/ Origin https://www.originalsbyrosanna.clientschoice.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 08 Dec 2023 00:30:19 GMT content-md5 URLAyZHx2KOelozFepZQYQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1686 reporting-endpoints x-fb-debug 7EePNkq4wUw01NbkcJQu5XWT32IQeFNJ2Gl38y9Gxmx5aYXwAGGHSBWp5YM+i0IVKo49uFkkHcDL9lV0GJwpoA== x-fb-content-md5 81d2465fcbda20f7ad652f76e2e83275 cross-origin-opener-policy same-origin-allow-popups etag "1f002bfcf1802447efc4accadfa19722" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 08 Dec 2023 00:41:00 GMT
GET H2	200	originals-logo.png www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/	18 KB 18 KB	341ms 340ms	Image image/png	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/originals-logo.png Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash b388852cad92783a0d9d6f220fec5b4d6a15e434a34367b51af54404e62da0bc Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:40:59 GMT server Apache accept-ranges bytes content-length 18664 content-type image/png
GET H2	200	laser-products.jpg www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/	265 KB 265 KB	451ms 451ms	Image image/jpeg	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/laser-products.jpg Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 30873ba5bd66aecd839ed0ded0a8953152e9bee177fc3f40d899c43acec77732 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Tue, 18 Apr 2023 22:43:55 GMT server Apache accept-ranges bytes content-length 270980 content-type image/jpeg
GET H2	200	baby-bibs.jpg www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/	166 KB 167 KB	221ms 221ms	Image image/jpeg	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/baby-bibs.jpg Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 7ace0f6234d35a4c54fa764d61c4ed4a294bcc24c06f560ade72b2ee6fab8030 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 10 Jun 2021 18:50:22 GMT server Apache accept-ranges bytes content-length 170449 content-type image/jpeg
GET H2	200	puzzles.jpg www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/	491 KB 491 KB	223ms 222ms	Image image/jpeg	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/puzzles.jpg Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 3bcfe16ce91b5ba8cde594685a7117ad9f23a84ee76145df3c3e33a7978ca7d7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 10 Jun 2021 19:08:38 GMT server Apache accept-ranges bytes content-length 502504 content-type image/jpeg
GET H2	200	bookmarks.jpg www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/	460 KB 460 KB	337ms 336ms	Image image/jpeg	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/bookmarks.jpg Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 12088199123dcf85dc71180448a2474d455a1ff85f11a0ba6f6b4544fa9a2123 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Sun, 16 Oct 2022 18:29:44 GMT server Apache accept-ranges bytes content-length 471026 content-type image/jpeg
GET H2	200	ornaments.jpg www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/	455 KB 455 KB	337ms 337ms	Image image/jpeg	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/ornaments.jpg Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 6bcbe9444cd0c4689664276dc7a72044570b7ad44ecabe6ff3cac89fa6d31b50 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 10 Jun 2021 20:45:45 GMT server Apache accept-ranges bytes content-length 465449 content-type image/jpeg
GET H2	200	sweetie.jpg www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/	371 KB 371 KB	336ms 336ms	Image image/jpeg	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/sweetie.jpg Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash d024eb50caa7b458ebf6b8706a28ae10d3fd5b586ea3d4a96b4da15dc8b84983 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 10 Jun 2021 21:44:26 GMT server Apache accept-ranges bytes content-length 379534 content-type image/jpeg
GET H2	200	facebook.png www.originalsbyrosanna.clientschoice.com/p7gadzooks/social/	1018 B 1 KB	338ms 338ms	Image image/png	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/social/facebook.png Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash af67864ef64722ec542257be577db6288411e0ba2da772530ef9d2653f81aeb1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 1018 content-type image/png
GET H2	200	instagram.png www.originalsbyrosanna.clientschoice.com/p7gadzooks/social/	2 KB 2 KB	338ms 337ms	Image image/png	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/social/instagram.png Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash ab349aeee7a838d8803e79ffa9fbeeed7eeb311b9d64af216c98bd4ead327e22 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 1867 content-type image/png
GET H2	200	linkedin.png www.originalsbyrosanna.clientschoice.com/p7gadzooks/social/	1 KB 1 KB	338ms 337ms	Image image/png	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/social/linkedin.png Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 4b80ec0a998df3611c6391e11549f519c575962af52838b75504277ce27cccfb Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 1095 content-type image/png
GET H2	200	page-bg.jpg www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/	161 KB 161 KB	338ms 338ms	Image image/jpeg	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/img/page-bg.jpg Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/p7GADZ-01.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 461049907caae8166d28d93bd406d196c7abd25cdfa572fc00404fc8a3b6a3ac Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/p7gadzooks/p7GADZ-01.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 164898 content-type image/jpeg
GET H2	200	iJWFBX-cbD_ETsbWilmf.woff2 fonts.gstatic.com/s/federo/v19/	26 KB 26 KB	30ms 9ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/federo/v19/iJWFBX-cbD_ETsbWilmf.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Federo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b011df17e8d9676cbaae47f785b9060a97feb144818eb5770e1d8ae7455dafd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.originalsbyrosanna.clientschoice.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 04 Dec 2023 22:35:45 GMT x-content-type-options nosniff age 266074 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26604 x-xss-protection 0 last-modified Thu, 21 Apr 2022 16:57:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 03 Dec 2024 22:35:45 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	28ms 7ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.originalsbyrosanna.clientschoice.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 03:15:52 GMT x-content-type-options nosniff age 249267 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Dec 2024 03:15:52 GMT
GET H2	200	amm-right-light.gif www.originalsbyrosanna.clientschoice.com/p7amm/img/	59 B 96 B	448ms 448ms	Image image/gif	67.225.208.14 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.originalsbyrosanna.clientschoice.com/p7amm/img/amm-right-light.gif Requested by Host: www.originalsbyrosanna.clientschoice.com URL: https://www.originalsbyrosanna.clientschoice.com/p7amm/p7AMM-01.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.225.208.14 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tango.metasecure.net Software Apache / Resource Hash 4c169e8d8cb4f3d9fa0db48143e5b39ccbe61252d3db1cc88ec4019d7b92f825 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/p7amm/p7AMM-01.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:19 GMT last-modified Thu, 16 Jul 2020 16:20:20 GMT server Apache accept-ranges bytes content-length 59 content-type image/gif
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	297 KB 85 KB	8ms 7ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=32bbf0b4a1d22489d2e7cc014474a0e5 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 24b63961b3235128339aaf14bdc4130244cedaa83204372c6ebe82a3dde8fc28 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.originalsbyrosanna.clientschoice.com/ Origin https://www.originalsbyrosanna.clientschoice.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 08 Dec 2023 00:30:19 GMT content-md5 UzskM9vRWZT1gmZQq85mYQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 86870 reporting-endpoints x-fb-debug Ut9Uk31Xj0YEz8t0p/TOqQ97/DORiEBaQWAAN/tRcehCN+NsZ0iygqgw6nDcFo1f8rpGnwIkGGBQ6vdqDk+dvw== x-fb-content-md5 b33937d7ddf23b18699c712946fece90 cross-origin-opener-policy same-origin-allow-popups etag "4a276ce5691959a2ab61339793de4b03" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 06 Dec 2024 23:05:10 GMT
GET H2	200	5f3c1d701803f100118844c0.js Show response buttons-config.sharethis.com/js/	742 B 1 KB	488ms 440ms	Script text/javascript	2600:9000:224a:7800:c:abe:f440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buttons-config.sharethis.com/js/5f3c1d701803f100118844c0.js Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:7800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dfe51d14d1877db331412502dce17c485eacd0fb8dbf73faaf4c72b016755719 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:21 GMT via 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 18 Aug 2020 18:29:59 GMT server AmazonS3 x-amz-cf-pop DUS51-P1 etag "db8e57b255f2ac577b1ca2c718d9dfe1" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type text/javascript cache-control public, max-age=60 accept-ranges bytes content-length 742 x-amz-cf-id 3QkJD73MB3sEzxg6qJNMdz9xImPFMg5D3wpBwG8KbbGJX5TJ5xmu8Q==
GET H/1.1	204 No Content	pview Show response l.sharethis.com/	0 427 B	41ms 8ms	XHR text/plain	3.120.44.138 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://l.sharethis.com/pview?event=pview&hostname=www.originalsbyrosanna.clientschoice.com&location=%2F&product=unknown&url=https%3A%2F%2Fwww.originalsbyrosanna.clientschoice.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Originals%20by%20Rosanna&cms=unknown&publisher=5f3c1d701803f100118844c0&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=46795d91-69eb-4eee-8543-aa3530058d71 Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.44.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-44-138.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:30:19 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Access-Control-Max-Age 1728000 Access-Control-Allow-Origin https://www.originalsbyrosanna.clientschoice.com Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers *
GET H2	200	cmp-v2.js Show response gdpr-api.sharethis.com/	2 MB 527 KB	68ms 15ms	Script text/javascript	18.239.50.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gdpr-api.sharethis.com/cmp-v2.js Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-28.ams58.r.cloudfront.net Software / Resource Hash 55065824cade0323f98d18691514bb1f8c8c1d606d7639f9b0e014d79cde6d60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:30:06 GMT content-encoding gzip via 1.1 2b13b2ad91208ea27acb039cde3e8f42.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop AMS58-P3 age 52 etag W/"1e560c-qpOsqtKds3+8b4nrlooeWarwoKM" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control max-age=600, public x-amz-cf-id SVBEBCq3eXjJk0RMQByGf_uzpKqQFGyAWiiXW6rLzydhbslk_nIS5A==
GET H2	200	portal-v2.html Show response gdpr-api.sharethis.com/ Frame 67DB	2 KB 1 KB	13ms 12ms	Document text/html	18.239.50.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gdpr-api.sharethis.com/portal-v2.html Requested by Host: gdpr-api.sharethis.com URL: https://gdpr-api.sharethis.com/cmp-v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-28.ams58.r.cloudfront.net Software / Resource Hash 8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.originalsbyrosanna.clientschoice.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1020 cache-control max-age=3600, public content-encoding gzip content-type text/html; charset=utf-8 date Fri, 08 Dec 2023 00:13:24 GMT etag W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8" strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 2b13b2ad91208ea27acb039cde3e8f42.cloudfront.net (CloudFront) x-amz-cf-id IJmAEApJ439HLLR3lVumZR2cKQnAAmWm_v8UCWV8ZhRhc1SnquHTvw== x-amz-cf-pop AMS58-P3 x-cache Hit from cloudfront
GET H2	200	css fonts.googleapis.com/	8 KB 841 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 93c9b0c2e8b47042c9f1cff90e635f3fe72d3a0384ea73b0a122dd28dd33316d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 00:30:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 07 Dec 2023 23:20:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 00:30:20 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 835 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0cb2602f766e34b3a1cfe4aec0ace43d8d8197abb402fbb325a2c7820f99c5d2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 08 Dec 2023 00:30:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 07 Dec 2023 23:18:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 08 Dec 2023 00:30:20 GMT
GET H2	200	vendor-list.json Show response gdpr-api.sharethis.com/v3/	553 KB 69 KB	39ms 14ms	XHR application/json	18.239.50.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gdpr-api.sharethis.com/v3/vendor-list.json Requested by Host: gdpr-api.sharethis.com URL: https://gdpr-api.sharethis.com/cmp-v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-28.ams58.r.cloudfront.net Software / Resource Hash 3ef2f2769900bd8d3ce1b482ab7e820b7a6c1f8fa495dd5e41adc7842a65916e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 05:19:25 GMT content-encoding gzip via 1.1 a752e456797165fcc0a1e5de08b5353c.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop AMS58-P3 age 69055 etag W/"8a4e4-V/fGUTLS35UtaYKAYFIwKfAICb8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=86400, public x-amz-cf-id LPt9cnX2mmZjoQ-29Z2hpH_Ax5NWz-mkgd5ekPqAIJU_RnyAB02w8w==
GET H2	200	cmp-list.json Show response gdpr-api.sharethis.com/v2/	11 KB 4 KB	27ms 27ms	Fetch application/json	18.239.50.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gdpr-api.sharethis.com/v2/cmp-list.json Requested by Host: gdpr-api.sharethis.com URL: https://gdpr-api.sharethis.com/cmp-v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-28.ams58.r.cloudfront.net Software / Resource Hash a11e4352fd23d73386b174275cc8a06b0dc0924a1219b843f471ffa9bbe03eeb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept application/json Referer https://www.originalsbyrosanna.clientschoice.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 06:23:55 GMT content-encoding gzip via 1.1 a752e456797165fcc0a1e5de08b5353c.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop AMS58-P3 age 65185 etag W/"2cdd-LpnFvbRoo8+JTwRRPVD1cJz/4Dc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=86400, public x-amz-cf-id NUtYBZDl4Ck0Qy6pkktzgjmXWztDNzeWUbjBvL0oioTVckP2lrPpmQ==
GET H2	200	gear.png gdpr-api.sharethis.com/static/media/	1 KB 1 KB	13ms 12ms	Image image/png	18.239.50.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://gdpr-api.sharethis.com/static/media/gear.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-28.ams58.r.cloudfront.net Software / Resource Hash 9a8d6fec895b72510a781f8c72643450f7cdac47e65136de8c132526e9bccc30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.originalsbyrosanna.clientschoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 05:11:25 GMT via 1.1 2b13b2ad91208ea27acb039cde3e8f42.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop AMS58-P3 age 69535 etag W/"418-mq8l6jU/x/aM4wjuAx3Ipuodoz0" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png cache-control max-age=86400, public content-length 1048 x-amz-cf-id 97dKY8FQQj_EWEQcwXvDPyf7lFJw9A95V6Q2jWB80bpApOjSkjryDg==
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.originalsbyrosanna.clientschoice.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 08:50:21 GMT x-content-type-options nosniff age 229199 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Dec 2024 08:50:21 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	11ms 10ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.originalsbyrosanna.clientschoice.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 08:50:21 GMT x-content-type-options nosniff age 229199 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Dec 2024 08:50:21 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	14ms 14ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.originalsbyrosanna.clientschoice.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 08:50:21 GMT x-content-type-options nosniff age 229199 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Dec 2024 08:50:21 GMT

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| p7HMY function| P7_HMYaddLoad function| P7_HMYinit function| P7_HMYgetIEver function| P7_HMYsetClass function| P7_HMYremClass function| P7_HMYgetByClass function| P7_HMYgetCSSPre function| P7_HMYsupports object| p7SCS function| P7_SCSaddLoad function| P7_SCSinit function| P7_SCSswitch function| P7_SCStoggle function| P7_SCSsetClass function| P7_SCSremClass function| P7_SCSaddEvent function| P7_SCSbindPointer function| P7_SCSsetPointer object| p7AMM function| P7_AMMset function| P7_AMMbb function| P7_AMMaddLoad function| P7_AMMinit function| P7_AMMinitUL function| P7_AMMcreateTMR function| P7_AMMtrig function| P7_AMMclick function| P7_AMMopen function| P7_AMMfinAnim function| P7_AMMclose function| P7_AMMtoggle function| P7_AMMshut function| P7_AMMshutAll function| P7_AMMbody function| P7_AMMfixed function| P7_AMManimate function| P7_AMManimator function| P7_AMMscrollToElement function| P7_AMMscrollAnim function| P7_AMMscrollAnimator function| P7_AMMgetTime function| P7_AMManim function| P7_AMMfade function| P7_AMMfader function| P7_AMMrsz function| P7_AMMrsPriority function| P7_AMMbindPointer function| P7_AMMsetPointer function| P7_AMMkey function| P7_AMMsetFocus function| P7_AMMgetMenuItem function| P7_AMMgetNextVis function| P7_AMMmark function| P7_AMMcurrentMark function| P7_AMMsupports function| P7_AMMgetByAttribute function| P7_AMMgetCSSPre function| P7_AMMsetClass function| P7_AMMremClass function| P7_AMMgetStyle function| P7_AMMgetIEver function| P7_AMMgetScrollBody function| P7_AMMgetWinDims function| P7_AMMgetWinScroll function| P7_AMMmenuMode string| p7PM3over string| p7PM3open string| p7PM3indent object| p7PM3ctl boolean| p7PM3i boolean| p7PM3a object| p7PM3adv number| p7PM3dy boolean| p7PM3kf boolean| p7PM3clk function| P7_PM3set function| P7_PM3op function| P7_PM3setCSSanim function| P7_PM3bb function| P7_PM3addLoad function| P7_PM3init function| P7_PM3preloader function| P7_PM3imovr function| P7_PM3imout function| P7_PM3setBC function| P7_PM3fixed function| P7_PM3trig function| P7_PM3trigTB function| P7_PM3click function| P7_PM3open function| P7_PM3close function| P7_PM3closeAnim function| P7_PM3toggle function| P7_PM3toggleTB function| P7_PM3shut function| P7_PM3shutall function| P7_PM3body function| P7_PM3rsz function| P7_PM3animator function| P7_PM3fade function| P7_PM3anim function| P7_PM3getTime function| P7_PM3bindPointer function| P7_PM3setPointer function| P7_PM3mark function| P7_PM3currentMark function| P7_PM3setClass function| P7_PM3remClass function| P7_PM3changeClass function| P7_PM3getStyle function| P7_PM3getWinDims function| P7_PM3getWinScroll function| P7_PM3getIEver function| P7_PM3isMobile function| P7_PM3getCSSPre function| P7_PM3addSheet function| P7_PM3buildSel function| P7_PM3supTouch boolean| p7AMMclk object| FB object| __buffer object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| __cmpconfig function| __tcfapi function| setImmediate function| clearImmediate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gdpr-api.sharethis.com
l.sharethis.com
platform-api.sharethis.com
www.originalsbyrosanna.clientschoice.com
108.157.4.79
18.239.50.28
2600:9000:224a:7800:c:abe:f440:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:830::200a
2a03:2880:f083:100:face:b00c:0:3
3.120.44.138
67.225.208.14
049fb6fe99c81dda4f85202a6e45c70dfab58a414266cdb2e4cae5bb7aa1a310
0bc23c84339d43fe68ec0ff996be2d93e984f6e9aa7b80bcc271388d4a769c01
0cb2602f766e34b3a1cfe4aec0ace43d8d8197abb402fbb325a2c7820f99c5d2
0f79a8b86ccc69cb047a5eee60e35b16368f4421be964a1e34af9f2e95a61bdf
12088199123dcf85dc71180448a2474d455a1ff85f11a0ba6f6b4544fa9a2123
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
24b63961b3235128339aaf14bdc4130244cedaa83204372c6ebe82a3dde8fc28
258990c761aab3a5c47f954b00b0fd70883914a0f74265d7d397f96ddcbf37d8
30873ba5bd66aecd839ed0ded0a8953152e9bee177fc3f40d899c43acec77732
3b011df17e8d9676cbaae47f785b9060a97feb144818eb5770e1d8ae7455dafd
3bcfe16ce91b5ba8cde594685a7117ad9f23a84ee76145df3c3e33a7978ca7d7
3ef2f2769900bd8d3ce1b482ab7e820b7a6c1f8fa495dd5e41adc7842a65916e
461049907caae8166d28d93bd406d196c7abd25cdfa572fc00404fc8a3b6a3ac
4b80ec0a998df3611c6391e11549f519c575962af52838b75504277ce27cccfb
4c169e8d8cb4f3d9fa0db48143e5b39ccbe61252d3db1cc88ec4019d7b92f825
4d20f3d941ac9828ed48f9424e249fba0939dc62e99875ae214e85de9886b62d
54b1d13d33f606d5c17572b15a017efd7449b21261fafdc56285b66af238c1e8
55065824cade0323f98d18691514bb1f8c8c1d606d7639f9b0e014d79cde6d60
6bcbe9444cd0c4689664276dc7a72044570b7ad44ecabe6ff3cac89fa6d31b50
75d6ac7b44d2b59c92ac6092fcab2cd9f8fafaf3abf177d403b1fce5b3fc0f11
7ace0f6234d35a4c54fa764d61c4ed4a294bcc24c06f560ade72b2ee6fab8030
7ccda7a9c2902381c6fce41ae63aeea789f689164fb91bd9a9386dccd172b1bf
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
93c9b0c2e8b47042c9f1cff90e635f3fe72d3a0384ea73b0a122dd28dd33316d
9a8d6fec895b72510a781f8c72643450f7cdac47e65136de8c132526e9bccc30
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a11e4352fd23d73386b174275cc8a06b0dc0924a1219b843f471ffa9bbe03eeb
ab349aeee7a838d8803e79ffa9fbeeed7eeb311b9d64af216c98bd4ead327e22
af67864ef64722ec542257be577db6288411e0ba2da772530ef9d2653f81aeb1
b10e1bdda8e5e89a99fc25068ea2612d06eb5beb9418b1a1f0a5442cf8a47842
b388852cad92783a0d9d6f220fec5b4d6a15e434a34367b51af54404e62da0bc
d024eb50caa7b458ebf6b8706a28ae10d3fd5b586ea3d4a96b4da15dc8b84983
d86856c05752054fc2f93760889188816f86fc52ce27c1106dd9007112ec6566
dd970a1a6f927dee43c59dfe8986bdda1d92f98b1672d9ae47648a0d38244626
dfe51d14d1877db331412502dce17c485eacd0fb8dbf73faaf4c72b016755719
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3ca2c2e380ad6dd5673b392120b78a173d775167cb9e1fa142f0910406806bd
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef