adserveyield360.w3spaces.com Open in urlscan Pro
2600:9000:2156:6800:b:df74:43c0:93a1  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response adserveyield360.w3spaces.com/	11 KB 12 KB	942ms 875ms	Document text/html	2600:9000:2156:6800:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6800:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 13f7fb00e3485e621206062f1448b3f641bed6fc409945d7ae2f4e0492c19a36 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 11654 content-type text/html date Tue, 28 Nov 2023 17:08:41 GMT etag "b92e834cb0f10900692905fd8eb31b35" last-modified Tue, 28 Nov 2023 16:20:37 GMT server AmazonS3 via 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront) x-amz-cf-id lLg0zOF7fc_XcOHZRCzoM4rRpdAIwXwvPsfwlbWFSBCzZsV1dVJacw== x-amz-cf-pop FRA50-C1 x-amz-id-2 sjWoLS1S81cyafcDxkPfrqAj0gEPkN7+P7VhXlCCe1bcDeioqXud36+YxRW6TXWCax6Rr7etw9Q= x-amz-request-id M151YM56ERYZ7JVP x-amz-server-side-encryption AES256 x-cache Miss from cloudfront
GET H2	200	w3.css www.w3schools.com/w3css/4/	23 KB 5 KB	110ms 19ms	Stylesheet text/css	192.229.133.221 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.w3schools.com/w3css/4/w3.css Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.133.221 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6796) / ASP.NET Resource Hash c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com; X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com; Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://mycourses.w3schools.com; content-encoding gzip date Tue, 28 Nov 2023 17:08:40 GMT last-modified Mon, 27 Nov 2023 08:43:56 GMT server ECS (frb/6796) age 13856 etag "06e65dbd21da1:0+gzip" x-powered-by ASP.NET vary Accept-Encoding x-cache HIT content-type text/css cache-control public,max-age=14400,public accept-ranges bytes content-length 5256 x-content-security-policy frame-ancestors 'self' https://mycourses.w3schools.com;
GET H2	200	w3-colors-highway.css www.w3schools.com/lib/	544 B 272 B	110ms 20ms	Stylesheet text/css	192.229.133.221 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.w3schools.com/lib/w3-colors-highway.css Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.133.221 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/668A) / ASP.NET Resource Hash a04d7b356bd0bf7cb7b5526a7f6ed11ecf2b1d631a3d92ca3f8263612019a0b7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com; X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com; Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://mycourses.w3schools.com; content-encoding gzip date Tue, 28 Nov 2023 17:08:40 GMT last-modified Tue, 28 Nov 2023 13:21:06 GMT server ECS (frb/668A) age 10258 etag "0cdfbefd21da1:0+gzip" x-powered-by ASP.NET vary Accept-Encoding x-cache HIT content-type text/css cache-control public,max-age=14400,public accept-ranges bytes content-length 172 x-content-security-policy frame-ancestors 'self' https://mycourses.w3schools.com;
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	82ms 34ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:40 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1782719 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJe%2B5wc%2FgzTcgJcsAazXHDt8OWk86zDWbmdsjS3HHDhedFA0Hxid4dOAfgpSyolH7RXVvSCb7SIvoOhtgU7P3tUjwfsxXiG5tSGAA7dTE3Ve%2FlFUxjBNXUxOTeDcN0nG1CB7ifUoEkABDCDu8WgjdcUR"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82d436db2db59256-FRA expires Sun, 17 Nov 2024 17:08:40 GMT
GET H2	200	styles.css adserveyield360.w3spaces.com/	11 KB 11 KB	935ms 934ms	Stylesheet text/css	2600:9000:2156:6800:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserveyield360.w3spaces.com/styles.css Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6800:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 686785caf736c3bd3b4c2e6c56aa45c01dce18a18a8a8021b465f00d4d4cc952 Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT via 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront) last-modified Tue, 28 Nov 2023 14:16:29 GMT server AmazonS3 x-amz-request-id 8ZHT2FMHYB4Z7WBZ x-amz-cf-pop FRA50-C1 x-amz-server-side-encryption AES256 etag "5a160544884bf126b8f3205d5475b18c" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 10832 x-amz-id-2 nGH0z+tSSYyk7hIJq9TRAusQ3u2nz52G2pQb6/kASLS2K/uLI9NhxlofsnLcncuJUCSfzIhStiw= x-amz-cf-id q4MKM7_mz7FxevhcUAv6tCNAmPfmzRGt_T1rRPoXcSsq5adTaPJa9A==
GET H2	200	bannerpropopup.js Show response adserveyield360.w3spaces.com/	492 KB 493 KB	928ms 927ms	Script text/javascript	2600:9000:2156:6800:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserveyield360.w3spaces.com/bannerpropopup.js Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6800:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 85e1903afd2c8d224fb2b82aba0a36037cece93de2221ee56f284949dab9af80 Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT via 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront) last-modified Tue, 28 Nov 2023 16:16:58 GMT server AmazonS3 x-amz-request-id 8ZHRXKYG8N000NXK x-amz-cf-pop FRA50-C1 etag "929452eabfbc43f3dd5b6ebc7b1c29b3" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type text/javascript accept-ranges bytes content-length 504082 x-amz-id-2 62Pw1cgAxFNY9NWQ5c++XvLm7tLWm/vNN492QfdHxu24BtpW8cCf9KGX8CMrzckLhxnjxiJevY4= x-amz-cf-id 8s_7BRoP5nQ7fjxsnFM9OTJtAx-cd9KBg8GrynnZxq_A-VngyAcKoA==
GET H2	200	platform.js Show response static.elfsight.com/platform/	49 KB 17 KB	89ms 41ms	Script application/javascript	2606:4700:10::6816:455f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.elfsight.com/platform/platform.js Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:41 GMT strict-transport-security max-age=0 content-encoding gzip cf-cache-status HIT x-amz-request-id tx0000000000000940347ca-006565d9d2-522b2cff-sfo2a age 12153 x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 last-modified Tue, 28 Nov 2023 12:13:36 GMT server cloudflare etag W/"2063d9765e1647d954e5344382c692a1" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/javascript x-do-cdn-uuid e32c40dc-02c3-4408-a6ec-51bfedff6dd9 x-rgw-object-type Normal cache-control max-age=31536000 cf-ray 82d436e10ff82bf1-FRA
GET H2	200	sgZX15Da8YE.jpg spaces.w3schools.com/images/	343 KB 344 KB	557ms 468ms	Image image/jpeg	2600:9000:2251:a000:f:a7af:eb40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://spaces.w3schools.com/images/sgZX15Da8YE.jpg Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:a000:f:a7af:eb40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a8663c38d4e2905016bede3192e49b57fc64c5ec123a1358e68652d02dbf95d3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 content-security-policy frame-ancestors 'self'; x-content-type-options nosniff date Tue, 28 Nov 2023 17:08:42 GMT via 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 351105 last-modified Fri, 06 Oct 2023 11:29:47 GMT server AmazonS3 etag "83ef1bc6d3cec54c08715c3912c535d0" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg accept-ranges bytes x-amz-cf-id sC9sn_qpOERBv6GMmZ1w2tMtpa2gGu_pPvXem8KlVIouh6n1ED90Pw==
GET H2	200	OQ6DP54awvw.jpg spaces.w3schools.com/images/	84 KB 84 KB	521ms 433ms	Image image/jpeg	2600:9000:2251:a000:f:a7af:eb40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://spaces.w3schools.com/images/OQ6DP54awvw.jpg Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:a000:f:a7af:eb40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b05c12b20ec974c02f47710af0807ab64101598ba0fabd330d8f75f68fd35af8 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=63072000 content-security-policy frame-ancestors 'self'; x-content-type-options nosniff date Tue, 28 Nov 2023 17:08:42 GMT via 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 85700 last-modified Fri, 06 Oct 2023 11:29:43 GMT server AmazonS3 etag "15a6a8876408741d813d092b650c43c8" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg accept-ranges bytes x-amz-cf-id nDzyZNIdK5j_ryoGNv0HSoB22p8dNqzX5RaVpzV3kydU48KhpjXsKA==
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	53ms 28ms	Font application/octet-stream	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Origin https://adserveyield360.w3spaces.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1787017 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67UNxfsr4GqnHpeUlyValvCHogDZA8EYXetxI1jhMRw4Ymli%2F3kZGUD6SzsUnw4T1AluCnEKoUAOf%2FDDgnpTIvOaP8PdlatjLdTUhJyQBOeZrzJWD9uuy0iB5yVe0moW%2FGS6NP6sKm6ZcOZCGNGk5FfY"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82d436e38ee95d74-FRA expires Sun, 17 Nov 2024 17:08:42 GMT
GET H2	200	accountInfo.json Show response cdn-account.optimonk.com/215542/	186 B 947 B	120ms 55ms	XHR application/json	2400:52e0:1e00::1082:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn-account.optimonk.com/215542/accountInfo.json Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1082 / Resource Hash 9d2447ea244da8cd9d660a6e5c1eaab7beca6c7ae3e31f22ddc94d4c6b2b4fd6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff content-encoding br cdn-edgestorageid 1081 x-dns-prefetch-control off cdn-cachedat 11/28/2023 17:08:42 cdn-pullzone 951434 x-xss-protection 1; mode=block server BunnyCDN-DE1-1082 cdn-proxyver 1.04 x-bunnycdn-countrycode DE etag W/"ba-CMIsCofPky2Kl7zRpi16/ZWABWQ" x-download-options noopen vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * cdn-cache MISS cdn-uid 03887a3a-e2eb-4f9c-b547-bb29001e27f6 access-control-expose-headers X-BunnyCDN-CountryCode cache-control public, max-age=30 cdn-requestpullcode 200 cdn-requestid 8f16097a97105e0fbe1928f13bad9de4 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	/ Show response core.service.elfsight.com/p/boot/	7 KB 4 KB	259ms 208ms	XHR application/json	2606:4700:10::6816:445f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fadserveyield360.w3spaces.com%2F&w=560f5b32-4f55-40f1-83ef-ec290e14eebd Requested by Host: static.elfsight.com URL: https://static.elfsight.com/platform/platform.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68ad34948c2d6154b51c162f1db9010a235068730a5b24f638b3fa24490fbf45 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC x-permitted-cross-domain-policies none strict-transport-security max-age=0 x-dns-prefetch-control on cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0, 1; mode=block referrer-policy no-referrer server cloudflare cross-origin-opener-policy unsafe-none etag W/"1dd3-OUa222Kek6N/CXFLCs14xOxlai4" x-download-options noopen vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://adserveyield360.w3spaces.com origin-agent-cluster ?1 access-control-allow-credentials true cf-apo-via origin,host cf-ray 82d436e4acaf9119-FRA
POST H2	200	after-pre-init Show response front.optimonk.com/public/215542/embedded/	152 B 508 B	91ms 31ms	XHR text/html	209.38.224.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/public/215542/embedded/after-pre-init Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.38.224.22 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://adserveyield360.w3spaces.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 28 Nov 2023 17:08:42 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff content-encoding gzip server nginx etag W/"98-lC3A9CNC58A3Xk5qtOzmLLQkxH0" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding, Accept-Encoding content-type text/html; charset=utf-8 x-dns-prefetch-control off access-control-allow-origin * cache-control no-cache x-xss-protection 1; mode=block
GET H2	200	jfclientsdk.min.js Show response gs-cdn.optimonk.com/jfclientsdk/latest/	90 KB 31 KB	96ms 19ms	Script application/javascript	2400:52e0:1e00::1082:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14 Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1082 / Resource Hash 55dbd0e83e9d146778625976b8231c58419ec23b690f25dc5cd4c27667ca713d Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT content-encoding br cdn-edgestorageid 1081 x-guploader-uploadid ABPtcPosQdniNdMv7gJoDmveG3H3ki7A54Wj_Z5abW7GLKU0JvGxN8FhweLQTHmporF89ChPJFP8HwN17A x-goog-storage-class STANDARD x-goog-metageneration 1 cdn-cachedat 10/31/2023 18:07:50 cdn-pullzone 592317 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000 last-modified Mon, 09 Oct 2023 19:28:11 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"863d7f9742fbb3e78601d44762fa0077" vary Accept-Encoding, Accept-Encoding x-goog-generation 1696879691149932 content-type application/javascript cdn-cache HIT x-goog-hash crc32c=O/S94Q==, md5=hj1/l0L7s+eGAdRHYvoAdw== cdn-uid 03887a3a-e2eb-4f9c-b547-bb29001e27f6 cache-control public, max-age=2592000 x-goog-stored-content-length 91837 cdn-requestid 7666b7e766c8dad939a5a9a53691b0a3 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	preload.js Show response front.optimonk.com/public/215542/js/	5 KB 2 KB	97ms 38ms	Script application/javascript	209.38.224.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/public/215542/js/preload.js? Requested by Host: adserveyield360.w3spaces.com URL: https://adserveyield360.w3spaces.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.38.224.22 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 31b5f5874b3e915f171f44a81a251f0e7efe62d9a64495ca950b6040d9dcde20 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff content-encoding gzip server nginx etag W/"14db-u9JeoAv61ELqUWrMs6Jqt9lomV0" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=1350 vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	preload-base.f4b15268.js Show response front.optimonk.com/	63 KB 20 KB	28ms 28ms	Script application/javascript	209.38.224.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/preload-base.f4b15268.js Requested by Host: front.optimonk.com URL: https://front.optimonk.com/public/215542/js/preload.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.38.224.22 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e2792a8b29b473b1c37ba0446d682a5f8392510f67bc4ddd2334a58ed63dd51f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff content-encoding gzip server nginx etag W/"fda5-+NZVF2JpVyv0n50PnpgdXcPbCBQ" x-download-options noopen x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 vary Accept-Encoding x-xss-protection 1; mode=block
POST H2	200	/ Show response jfapiprod.optimonk.com/v2/	26 B 187 B	203ms 149ms	Fetch application/json	34.117.177.207 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://jfapiprod.optimonk.com/v2/ Requested by Host: gs-cdn.optimonk.com URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 207.177.117.34.bc.googleusercontent.com Software / Resource Hash 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854 Request headers Referer https://adserveyield360.w3spaces.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 28 Nov 2023 17:08:42 GMT via 1.1 google etag W/"1a-oDk6RB3+SLV96sulj5WuSYroQto" content-length 26 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type application/json; charset=utf-8
POST H2	200	load Show response front.optimonk.com/public/215542/js/	0 346 B	41ms 41ms	XHR application/javascript	209.38.224.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/public/215542/js/load Requested by Host: front.optimonk.com URL: https://front.optimonk.com/preload-base.f4b15268.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.38.224.22 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://adserveyield360.w3spaces.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 28 Nov 2023 17:08:42 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff content-encoding gzip server nginx x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 x-dns-prefetch-control off access-control-allow-origin * cache-control no-cache x-xss-protection 1; mode=block
GET H2	200	subscriptionForm.js Show response static.elfsight.com/apps/subscription-form/stable/11f8810c6109e6abad50e34c4496b76755308c82/app/	619 KB 201 KB	35ms 34ms	Script application/javascript	2606:4700:10::6816:455f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.elfsight.com/apps/subscription-form/stable/11f8810c6109e6abad50e34c4496b76755308c82/app/subscriptionForm.js Requested by Host: static.elfsight.com URL: https://static.elfsight.com/platform/platform.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3726e677dd077ada4c6db15842852c88f3ec84cce5057b8b0b5a9a51b561c88 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT strict-transport-security max-age=0 content-encoding gzip cf-cache-status HIT x-amz-request-id tx000000000000092754fe1-0065649134-521f6452-sfo2a age 10580 x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 last-modified Mon, 27 Nov 2023 12:50:38 GMT server cloudflare etag W/"06774120f8a0511886fb84c5bc10a6e6" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/javascript; charset=utf-8 x-do-cdn-uuid e32c40dc-02c3-4408-a6ec-51bfedff6dd9 x-rgw-object-type Normal cache-control max-age=31536000 cf-ray 82d436e5ff0d2bf1-FRA
GET H2	200	email.svg Show response static.elfsight.com/icons/	375 B 744 B	289ms 245ms	XHR image/svg+xml	2606:4700:10::6816:455f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.elfsight.com/icons/email.svg Requested by Host: static.elfsight.com URL: https://static.elfsight.com/apps/subscription-form/stable/11f8810c6109e6abad50e34c4496b76755308c82/app/subscriptionForm.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6259d70c8558bfad7d0c89195cf639abc7eb4209aa63746fe6531609e93fec7 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 17:08:42 GMT strict-transport-security max-age=0 content-encoding gzip cf-cache-status MISS x-amz-request-id tx0000000000000945c10d3-0065661e61-522b2d1d-sfo2a x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 last-modified Tue, 28 Nov 2023 13:51:03 GMT server cloudflare etag W/"51590a5cbd2aaad83a85171ddc5780d9" access-control-max-age 0 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * x-do-cdn-uuid e32c40dc-02c3-4408-a6ec-51bfedff6dd9 x-rgw-object-type Normal cache-control max-age=31536000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-ray 82d436e72ac29bdd-FRA
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	81ms 31ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,b,i Requested by Host: static.elfsight.com URL: https://static.elfsight.com/apps/subscription-form/stable/11f8810c6109e6abad50e34c4496b76755308c82/app/subscriptionForm.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 78fa424f775537e13e5c96612c7a06f6c6c6536ceae29b0ab3c3dfdbcc9d9851 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adserveyield360.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 17:08:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 17:08:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 17:08:42 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	69ms 20ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,b,i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://adserveyield360.w3spaces.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 07:18:49 GMT x-content-type-options nosniff age 294593 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 07:18:49 GMT

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| _0x4608 function| _0x58b9 object| OptiMonkEmbedded object| OptiMonkRegistry boolean| OptiMonkPreloadStarted function| toggleMobileNavigation function| goToTop function| plusSlides function| currentSlide function| showSlides object| __core-js_shared__ object| core object| eapps object| omPreloadScript function| ns function| generateUUID function| getVersionedFile function| getStaticUrlFor function| getAssetUrlFor object| OptiMonk object| webpackChunkJFClientSDK object| JFClientSDK object| dataLayer object| webpackChunkelfsight_app_forms function| eappsSubscriptionForm

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			adserveyield360.w3spaces.com/	1970-01-21 01:20:13	Name: optiMonkClientId Value: 5334de0c-71e0-a186-2e09-67677d208c0a
			adserveyield360.w3spaces.com/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1701191322
			adserveyield360.w3spaces.com/	1970-01-21 01:20:13	Name: optiMonkEmbedded215542 Value: N4IgFghgzgMglgWzgFwEoFMIGMzoCYgBcAZhADZToC+QA===
			core.service.elfsight.com/	1970-01-20 16:33:11	Name: elfsight_viewed_recently Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adserveyield360.w3spaces.com
cdn-account.optimonk.com
cdnjs.cloudflare.com
core.service.elfsight.com
fonts.googleapis.com
fonts.gstatic.com
front.optimonk.com
gs-cdn.optimonk.com
jfapiprod.optimonk.com
spaces.w3schools.com
static.elfsight.com
www.w3schools.com
192.229.133.221
209.38.224.22
2400:52e0:1e00::1082:1
2600:9000:2156:6800:b:df74:43c0:93a1
2600:9000:2251:a000:f:a7af:eb40:93a1
2606:4700:10::6816:445f
2606:4700:10::6816:455f
2606:4700::6811:180e
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
34.117.177.207
13f7fb00e3485e621206062f1448b3f641bed6fc409945d7ae2f4e0492c19a36
2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c
31b5f5874b3e915f171f44a81a251f0e7efe62d9a64495ca950b6040d9dcde20
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
55dbd0e83e9d146778625976b8231c58419ec23b690f25dc5cd4c27667ca713d
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
686785caf736c3bd3b4c2e6c56aa45c01dce18a18a8a8021b465f00d4d4cc952
68ad34948c2d6154b51c162f1db9010a235068730a5b24f638b3fa24490fbf45
7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42
78fa424f775537e13e5c96612c7a06f6c6c6536ceae29b0ab3c3dfdbcc9d9851
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85e1903afd2c8d224fb2b82aba0a36037cece93de2221ee56f284949dab9af80
9d2447ea244da8cd9d660a6e5c1eaab7beca6c7ae3e31f22ddc94d4c6b2b4fd6
a04d7b356bd0bf7cb7b5526a7f6ed11ecf2b1d631a3d92ca3f8263612019a0b7
a8663c38d4e2905016bede3192e49b57fc64c5ec123a1358e68652d02dbf95d3
b05c12b20ec974c02f47710af0807ab64101598ba0fabd330d8f75f68fd35af8
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c3726e677dd077ada4c6db15842852c88f3ec84cce5057b8b0b5a9a51b561c88
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
d6259d70c8558bfad7d0c89195cf639abc7eb4209aa63746fe6531609e93fec7
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e2792a8b29b473b1c37ba0446d682a5f8392510f67bc4ddd2334a58ed63dd51f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855