Submitted URL: http://www.fredagain.com/
Effective URL: https://www.fredagain.com/
Submission: On August 09 via manual from GB — Scanned from GB

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 31 HTTP transactions. The main IP is 100.26.38.136, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.fredagain.com.
TLS certificate: Issued by R3 on July 5th 2022. Valid for: 3 months.
This is the only time www.fredagain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 100.26.38.136 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.215.244.24 14618 (AMAZON-AES)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
31 9
Apex Domain
Subdomains
Transfer
13 fredagain.com
www.fredagain.com
1 MB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 434
131 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 413
118 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 111
54 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
87 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 730
462 B
1 wminewmedia.com
www.wminewmedia.com — Cisco Umbrella Rank: 132132
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
942 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
33 KB
31 9
Domain Requested by
13 www.fredagain.com 1 redirects www.fredagain.com
8 cdn.cookielaw.org www.fredagain.com
cdn.cookielaw.org
3 assets.adobedtm.com www.fredagain.com
assets.adobedtm.com
2 www.youtube.com www.fredagain.com
www.youtube.com
2 cdnjs.cloudflare.com www.fredagain.com
cdnjs.cloudflare.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.wminewmedia.com www.fredagain.com
1 fonts.googleapis.com www.fredagain.com
1 code.jquery.com www.fredagain.com
31 9
Subject Issuer Validity Valid
www.fredagain.com
R3
2022-07-05 -
2022-10-03
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
www.wminewmedia.com
R3
2022-07-05 -
2022-10-03
3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.fredagain.com/
Frame ID: 3BB430B9D2F04E56DAAC75F678B724A3
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

Fred again.. • Actual LifeBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://www.fredagain.com/ HTTP 301
    https://www.fredagain.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

1488 kB
Transfer

2532 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.fredagain.com/ HTTP 301
    https://www.fredagain.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.fredagain.com/
Redirect Chain
  • http://www.fredagain.com/
  • https://www.fredagain.com/
37 KB
8 KB
Document
General
Full URL
https://www.fredagain.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) / PHP/8.0.21
Resource Hash
eccda8b2a7b19d095ae1f4f47de3f73cee0e2b5d79c3d53122902a49ec2732dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-length
7878
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 22:15:13 GMT
server
Apache/2.4.54 (Debian)
vary
Accept-Encoding
x-powered-by
PHP/8.0.21

Redirect headers

Content-Length
317
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 09 Aug 2022 22:15:12 GMT
Location
https://www.fredagain.com/
Server
Apache/2.4.54 (Debian)
styles.css
www.fredagain.com/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.fredagain.com/css/styles.css
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
50deec0830d91ca4f39a5cccca460c831334551ead6a7b034054b282e289d382

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
etag
"1367-5e4f0568e3ec0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1035
jquery.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery.min.js
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-1764d"
vary
Accept-Encoding
x-hw
1660083313.dop034.lo4.t,1660083313.cds238.lo4.hn,1660083313.cds083.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33226
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css?ver=5.8.1
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5370280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10391
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-e637"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2DPqSWNzpwaIHWCsZu2odT6ohLuxD4nA0jWwiTHs0lpjWyyzNmlALo%2BFrD3UpWWqUeA3K55xvtj6q%2FfIaGrkBZGtaaCQE0U1jnDTZpCU4PLkzHCDvR57OvSH9Ji1ka6rqnw31xmEEOl92X6OjB0lj1g"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7383d9648f09cc62-ZRH
expires
Sun, 30 Jul 2023 22:15:13 GMT
css2
fonts.googleapis.com/
1 KB
942 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lexend:wght@700&display=swap
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82c5f5590a50547df2a4023b5ea75db34b3aaaf3cbc611c5735468007241c7e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 22:15:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 22:15:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 22:15:13 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9c22IGK2T1KyARgpJHRGhw==
age
6364
vary
Accept-Encoding
content-length
7101
x-ms-lease-status
unlocked
last-modified
Fri, 05 Aug 2022 08:01:52 GMT
server
cloudflare
etag
0x8DA76B8C1F98BBC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d253c5b-601e-0002-08bb-a8da1c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7383d9649a7a2355-ZRH
ot.css
www.wminewmedia.com/cookies-policy/onetrust/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.wminewmedia.com/cookies-policy/onetrust/ot.css
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.244.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-244-24.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
af3cc0909c12da183996bab43bc485ccae3c22879c739579f6bbf6d2a2e758b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 15:08:18 GMT
server
Apache/2.4.54 (Debian)
etag
"2e06-5e5437c81bc80-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2668
main.min.css
www.fredagain.com/assets/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.fredagain.com/assets/main.min.css
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
649ee220bf755236face8e2811b8b6fe67226ac5b06897f3ab363c347533aae6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
etag
"115a-5e4f0568e3ec0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1063
launch-EN302b8a31b75a4dda8ff8df1d0cdb4762.min.js
assets.adobedtm.com/
449 KB
104 KB
Script
General
Full URL
https://assets.adobedtm.com/launch-EN302b8a31b75a4dda8ff8df1d0cdb4762.min.js
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9e9bf4e361274295c0c4e14a27d629c55f7d2258d2e8f2675409e83a6042b055

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 16:04:45 GMT
server
AkamaiNetStorage
etag
"0ab23c97a50aa10d8b6b25d8ccde8b16:1659715485.497966"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fredagain.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
106160
expires
Tue, 09 Aug 2022 23:15:13 GMT
dots_logo.png
www.fredagain.com/img/
1 KB
1 KB
Image
General
Full URL
https://www.fredagain.com/img/dots_logo.png
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
f7fa5df79ede3d44a15f804592929f219d6b447a0b14997542945ea0db29d700

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"499-5e4f0568e3ec0"
content-length
1177
content-type
image/png
460847f4-4c90-4e93-90b0-308e9b43ee20.json
cdn.cookielaw.org/consent/460847f4-4c90-4e93-90b0-308e9b43ee20/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/460847f4-4c90-4e93-90b0-308e9b43ee20/460847f4-4c90-4e93-90b0-308e9b43ee20.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
823817ff4120a79e14d9a2308a8354ecfe10cc34b38c0ff79115d37f04f734b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BlODWhPHjeVgRiBEFQFrMA==
age
12753
vary
Accept-Encoding
content-length
1415
x-ms-lease-status
unlocked
last-modified
Tue, 15 Mar 2022 18:01:17 GMT
server
cloudflare
etag
0x8DA06ADCD986A9E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
288271e8-901e-00bd-63dc-4fce6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7383d9667afd01f0-ZRH
expires
Wed, 10 Aug 2022 02:15:13 GMT
fredagain_bg.jpg
www.fredagain.com/img/
29 KB
30 KB
Image
General
Full URL
https://www.fredagain.com/img/fredagain_bg.jpg
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/css/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
721b4321f3c73f83595d2d4ce3acc938679d39f8f8eefc7b9675ec7dbb15f728

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"75c2-5e4f0568e3ec0"
content-length
30146
content-type
image/jpeg
logo.png
www.fredagain.com/assets/img/
8 KB
8 KB
Image
General
Full URL
https://www.fredagain.com/assets/img/logo.png
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/assets/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
9cd491d6fa4e1cece36438d3b481762eff36c9595487511ac894145b90f68239

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/assets/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"21a6-5e4f0568e3ec0"
content-length
8614
content-type
image/png
fred-again-v2.avif
www.fredagain.com/assets/img/
17 KB
17 KB
Image
General
Full URL
https://www.fredagain.com/assets/img/fred-again-v2.avif
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/assets/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
807a329c6ea63bcf6cff8895de49f345738df574247d91763c33dd915c7e4c54

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/assets/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"422e-5e4f0568e3ec0"
content-length
16942
content-type
application/octet-stream
squares.png
www.fredagain.com/assets/img/
3 KB
3 KB
Image
General
Full URL
https://www.fredagain.com/assets/img/squares.png
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/assets/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
3ec25bc022f2f7063b340b5f6b8e1d3b7d487e0a2a57bfce7706ceb4c73c6161

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/assets/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"baa-5e4f0568e3ec0"
content-length
2986
content-type
image/png
HelveticaNeueLTStd-HvEx.woff2
www.fredagain.com/assets/fonts/
13 KB
13 KB
Font
General
Full URL
https://www.fredagain.com/assets/fonts/HelveticaNeueLTStd-HvEx.woff2
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/assets/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
e3ab6adb7de9251278b7c6019d0cf23c60daa2a2beb112fe4f8ce29c977c914a

Request headers

Referer
https://www.fredagain.com/assets/main.min.css
Origin
https://www.fredagain.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"34a8-5e4f0568e3ec0"
content-length
13480
content-type
font/woff2
HelveticaNeueLTStd-UltLtEx.woff2
www.fredagain.com/assets/fonts/
13 KB
13 KB
Font
General
Full URL
https://www.fredagain.com/assets/fonts/HelveticaNeueLTStd-UltLtEx.woff2
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/assets/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
9428a48656e54f7bbc23f2d92da11213838ff1800da575e1ad01fc4576985024

Request headers

Referer
https://www.fredagain.com/assets/main.min.css
Origin
https://www.fredagain.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"341c-5e4f0568e3ec0"
content-length
13340
content-type
font/woff2
pano_trial_regular-webfont.woff2
www.fredagain.com/fonts/
7 KB
8 KB
Font
General
Full URL
https://www.fredagain.com/fonts/pano_trial_regular-webfont.woff2
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/css/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
132d2154d700de20d845bbac1adecf7aeb74e3e3e221041f905adf2d2c473070

Request headers

Referer
https://www.fredagain.com/css/styles.css
Origin
https://www.fredagain.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"1de4-5e4f0568e3ec0"
content-length
7652
content-type
font/woff2
totl_artwork.jpg
www.fredagain.com/img/
958 KB
958 KB
Image
General
Full URL
https://www.fredagain.com/img/totl_artwork.jpg
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.38.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-38-136.compute-1.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
c3f406c4136b8d487795efb18b5b3733d18642ee341d421456ba2d464cbe8a19

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
last-modified
Fri, 29 Jul 2022 11:56:19 GMT
server
Apache/2.4.54 (Debian)
accept-ranges
bytes
etag
"ef65c-5e4f0568e3ec0"
content-length
980572
content-type
image/jpeg
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/
76 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css?ver=5.8.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css?ver=5.8.1
Origin
https://www.fredagain.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
523059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77400
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-12e58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5w03lNsNALD7PqSJnjcAfqDGR0xOrjb1VDCkcp1tuGGQYlYcsSaXcPXRW5h7rUVH1xw3T1i9KXv%2F%2FYebC8HgOmIVZeNVnCxAJD%2BGHFv94xKAn3eVyQcz9QR5YCp4rJVIjlSF7DgvL2hDmvCFYsnMITVD"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7383d966c9d801f8-ZRH
expires
Sun, 30 Jul 2023 22:15:13 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
177 B
462 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97551120a31b768832ec633d33187a4273e9f4073386de563b0df8ec285a052c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.fredagain.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7383d9678d5b01df-ZRH
access-control-allow-headers
Content-Type
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN302b8a31b75a4dda8ff8df1d0cdb4762.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fredagain.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Tue, 09 Aug 2022 23:15:13 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN302b8a31b75a4dda8ff8df1d0cdb4762.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.fredagain.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Tue, 09 Aug 2022 23:15:13 GMT
iframe_api
www.youtube.com/
980 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cbc9174d5eb2cdc6a15e1f887c5fb7dcd8ba9d59e14a0252fc4dbadc63d5ba6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 09 Aug 2022 22:15:13 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.32.0/
335 KB
79 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 22:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ryfZhYsqLisJEnBsOqgVsQ==
age
4146
vary
Accept-Encoding
content-length
81095
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:23 GMT
server
cloudflare
etag
0x8DA08FC76466F7A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
73661b59-d01e-0010-31f1-3aee00000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7383d967fec82355-ZRH
en.json
cdn.cookielaw.org/consent/460847f4-4c90-4e93-90b0-308e9b43ee20/93f434c3-cd2a-4162-b72b-7d47aa724d15/
106 KB
21 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/460847f4-4c90-4e93-90b0-308e9b43ee20/93f434c3-cd2a-4162-b72b-7d47aa724d15/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef97ef9e51aaae6dc1d4104292c7f30bd0ac9ea97e09c472166dacba254d27b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 22:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
3HHV6U/kabuKwSsPYG990g==
age
12753
vary
Accept-Encoding
content-length
21034
x-ms-lease-status
unlocked
last-modified
Tue, 15 Mar 2022 18:01:18 GMT
server
cloudflare
etag
0x8DA06ADCE5C6082
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d1e53598-901e-0017-4bdc-4f1885000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7383d968adf801f0-ZRH
expires
Wed, 10 Aug 2022 02:15:14 GMT
www-widgetapi.js
www.youtube.com/s/player/0d77e7db/www-widgetapi.vflset/
161 KB
52 KB
Script
General
Full URL
https://www.youtube.com/s/player/0d77e7db/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9b6bc08a96cecccf0a279088f1f6eea1d0b21797ef29eec230ba26b464d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 21:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53319
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 09 Aug 2023 21:03:15 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.32.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 22:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8zrrRItZNMaEtuchK/ofwQ==
age
12753
vary
Accept-Encoding
content-length
2959
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:14 GMT
server
cloudflare
etag
0x8DA08FC70DA836E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4b876e79-401e-003c-24dc-4f6c3d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7383d9692e8901f0-ZRH
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/
48 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 22:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uYlRueaFtS5mhOymjGWFow==
age
12753
vary
Accept-Encoding
content-length
11627
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:16 GMT
server
cloudflare
etag
0x8DA08FC723EC22F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d637e0e8-401e-009d-3bec-3aa2a6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7383d9692e8a01f0-ZRH
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.32.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 22:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SHFDtZO2nDZuiPDW83p1IQ==
age
12753
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
51d18c7f-f01e-0108-57dc-4f85c0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7383d9692e8c01f0-ZRH
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.fredagain.com
URL: https://www.fredagain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.fredagain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 22:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
8906
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 05 Aug 2022 08:01:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
16fea202-201e-0086-4bbb-a88c34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7383d969c8e32355-ZRH

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| OneTrustStub function| OptanonWrapper object| digitalData object| jQuery111109198583739908706 function| enterSite object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in number| executionStartTime object| CCM_Array string| CCM_Delim string| LastWins string| ApproveWins string| chosenResolutionStrategy object| CCM_ValsStorage string| CCM_StorageKey object| OptIn_PrevPermStorage string| OptIn_PrevPermKey undefined| satelliteWhichExecutedPerfLogic undefined| satelliteWhichExecutedAdvLogic string| custE string| spaE function| isOneTrustAllowing function| areAdvertisingCookiesAllowed function| arePerformanceCookiesAllowed function| isApprovedByOptIn function| syncUpOptIn function| shouldIgnoreOptInSync function| shouldIgnoreOneTrustEvent function| isSPAEvent function| CCM_Cats function| CCM_CatsForLW function| CCM_CatsForAW function| forEachMapEntry function| getCCM_CurVals function| setCCM_CurVals function| getCCM_StorageVals function| setOptIn_PrevPerms function| getStorageVal function| setStorageVal string| videoSwitch undefined| customVideo function| enableYoutubeAPI object| ytPlayers function| onYouTubeIframeAPIReady function| onPlayerStateChange function| formYoutubePlayerLaunch function| getAllParms function| getParam function| urlWithoutWWW undefined| executionEndTime string| todayDateString function| passDomainAndDate function| passDomain function| passDate function| getDeVal function| getDE function| loadScriptAsync function| getPromise function| retrieveConditionBased function| retrieveDomainBased function| retrieveRulesForKey function| arrayOfUniqueRules function| getDicOfCookies function| getCookieVal function| linkedinLogic function| executeLinkedInPixel function| executeVendorTypeTL function| executeSocialMediaTL function| executeTicketTL function| executeLinkOnlyTL function| executeLinkOnlyTL_NoPN function| executePlainTL function| doubleClickOnEmerge_forSocialButtons function| executeGlobalTL function| originateLinkTrackingVars function| s_getLoadTime function| getTimeParting function| addZero function| timeStamp function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| pinterestLogic function| executePinterestPixel object| mmGlobalRules object| mmDomainBasedRules object| mmConditionBasedRules object| fbGlobalRules object| fbDomainBasedRules object| fbConditionBasedRules object| hjGlobalRules object| hjDomainBasedRules object| hjConditionBasedRules object| gaGlobalRules object| gaDomainBasedRules object| gaConditionBasedRules object| qcGlobalRules object| qcDomainBasedRules object| qcConditionBasedRules object| adGlobalRules object| adDomainBasedRules object| adConditionBasedRules object| ttGlobalRules object| ttDomainBasedRules object| ttConditionBasedRules object| dcGlobalRules object| dcDomainBasedRules object| dcConditionBasedRules object| tdGlobalRules object| tdDomainBasedRules object| tdConditionBasedRules object| snapGlobalRules object| snapDomainBasedRules object| snapConditionBasedRules object| vzGlobalRules object| vzDomainBasedRules object| vzConditionBasedRules object| csGlobalRules object| csDomainBasedRules object| csConditionBasedRules object| twGlobalRules object| twDomainBasedRules object| twConditionBasedRules object| awGlobalRules object| awDomainBasedRules object| awConditionBasedRules function| mediaMathLogic function| handleRuleMM function| getAllRulesMM function| retrieveDomainBasedRulesMM function| retrieveConditionBasedRulesMM function| comscoreLogic function| handleRuleCS function| getAllRulesCS function| retrieveDomainBasedRulesCS function| retrieveConditionBasedRulesCS boolean| isSumCalculated object| products number| totalPrice undefined| owner undefined| acntID undefined| shouldTrackCommerce function| facebookLogic function| getAllRulesFB function| handleRuleFB function| trackCommerceFB function| handleProductViewFB function| calculateProductsProductView function| calculateProductsCheckout function| calculateProductsAndTotalPrice function| handleInitiateCheckoutFB function| handlePurchaseFB function| retrieveDomainBasedRulesFB function| retrieveConditionBasedRulesFB function| initializeFacebookScript boolean| runLinkTrackingSetup object| lTD function| googleAnalyticsLogic function| getallRulesGA function| handleRuleGA function| retrieveDomainBasedRulesGA function| retrieveConditionBasedRulesGA function| clickTracking function| handleClick function| clickName function| verizonLogic function| handleRuleVZ function| getAllRulesVZ function| retrieveDomainBasedRulesVZ function| retrieveConditionBasedRulesVZ function| hotjarLogic function| handleRuleHJ function| getAllRulesHJ function| retrieveDomainBasedRulesHJ function| retrieveConditionBasedRulesHJ function| tikTokLogic function| handleRuleTT function| getAllRulesTT function| retrieveDomainBasedRulesTT function| retrieveConditionBasedRulesTT function| audigentLogic function| handleRuleAD function| getAllRulesAD function| retrieveDomainBasedRulesAD function| retrieveConditionBasedRulesAD function| doubleClickLogic function| getAllRulesDC function| handleRule function| retrieveGlobalRulesDC function| retrieveConditionBasedRulesDC function| retrieveDomainBasedRulesDC function| snapLogic function| getAllRulesSnap function| handleRuleSnap function| trackCommerceSnap function| handleContentViewSnap function| handleInitiateCheckoutSnap function| handlePurchaseSnap function| retrieveDomainBasedRulesSnap function| retrieveConditionBasedRulesSnap function| initializeSnapScript function| twitterLogic function| handleRuleTW function| trackCommerceTW function| getAllRulesTW function| retrieveDomainBasedRulesTW function| retrieveConditionBasedRulesTW function| initializeTwitterScript function| tradeDeskLogic function| handleRuleTD function| executeTradeDeskPixel function| getAllRulesTD function| retrieveDomainBasedRulesTD function| retrieveConditionBasedRulesTD function| quantcastLogic function| handleRuleQC function| getAllRulesQC function| retrieveDomainBasedRulesQC function| retrieveConditionBasedRulesQC function| adobeAnalyticsLogic function| setGlobalVars function| adWordsLogic function| getAllRulesAW function| handleRuleAW function| retrieveConditionBasedRulesAW function| retrieveDomainBasedRulesAW object| otStubData function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| getVisitNum function| endOfDatePeriod function| getNewRepeat object| s_dtm boolean| bFlag object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| Optanon object| OneTrust string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| gtag object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| x

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 6OrMMud6Ndc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 0tdz4QtE8rc
.fredagain.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Aug+09+2022+22%3A15%3A14+GMT%2B0000+(GMT)&version=6.32.0&isIABGlobal=false&hosts=&consentId=6f7528b8-57b6-4a5b-8b02-77b2cc359e80&interactionCount=0&landingPath=https%3A%2F%2Fwww.fredagain.com%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.cookielaw.org
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
geolocation.onetrust.com
www.fredagain.com
www.wminewmedia.com
www.youtube.com
100.26.38.136
2001:4de0:ac18::1:a:2b
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2606:4700::6811:180e
2a00:1450:4001:80f::200e
2a00:1450:4001:829::200a
2a02:26f0:3500:587::1e80
3.215.244.24
0f9b6bc08a96cecccf0a279088f1f6eea1d0b21797ef29eec230ba26b464d472
132d2154d700de20d845bbac1adecf7aeb74e3e3e221041f905adf2d2c473070
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1ef97ef9e51aaae6dc1d4104292c7f30bd0ac9ea97e09c472166dacba254d27b
25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a
3ec25bc022f2f7063b340b5f6b8e1d3b7d487e0a2a57bfce7706ceb4c73c6161
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
50deec0830d91ca4f39a5cccca460c831334551ead6a7b034054b282e289d382
649ee220bf755236face8e2811b8b6fe67226ac5b06897f3ab363c347533aae6
721b4321f3c73f83595d2d4ce3acc938679d39f8f8eefc7b9675ec7dbb15f728
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
807a329c6ea63bcf6cff8895de49f345738df574247d91763c33dd915c7e4c54
823817ff4120a79e14d9a2308a8354ecfe10cc34b38c0ff79115d37f04f734b5
82c5f5590a50547df2a4023b5ea75db34b3aaaf3cbc611c5735468007241c7e6
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
9428a48656e54f7bbc23f2d92da11213838ff1800da575e1ad01fc4576985024
97551120a31b768832ec633d33187a4273e9f4073386de563b0df8ec285a052c
9cd491d6fa4e1cece36438d3b481762eff36c9595487511ac894145b90f68239
9e9bf4e361274295c0c4e14a27d629c55f7d2258d2e8f2675409e83a6042b055
af3cc0909c12da183996bab43bc485ccae3c22879c739579f6bbf6d2a2e758b9
b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712
c3f406c4136b8d487795efb18b5b3733d18642ee341d421456ba2d464cbe8a19
cbc9174d5eb2cdc6a15e1f887c5fb7dcd8ba9d59e14a0252fc4dbadc63d5ba6a
e3ab6adb7de9251278b7c6019d0cf23c60daa2a2beb112fe4f8ce29c977c914a
eccda8b2a7b19d095ae1f4f47de3f73cee0e2b5d79c3d53122902a49ec2732dc
f7fa5df79ede3d44a15f804592929f219d6b447a0b14997542945ea0db29d700
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe