m.moneyweb.io Open in urlscan Pro
192.241.229.243  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response m.moneyweb.io/	30 KB 8 KB	612ms 175ms	Document text/html	192.241.229.243 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.241.229.243 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Express Resource Hash 88a708021b90f75aa8657ccb831bda85251f6df47636f32a6740a3823702c61c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Thu, 04 Aug 2022 13:19:23 GMT server nginx vary Accept-Encoding Accept-Encoding x-powered-by Express
GET H2	200	owl.carousel.css cdn.airfind.com/genericportal/public/css/components/	5 KB 1 KB	69ms 6ms	Stylesheet text/css	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/genericportal/public/css/components/owl.carousel.css?cb=c52298f Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT content-encoding gzip last-modified Fri, 29 Apr 2022 21:05:37 GMT server NetDNA-cache/2.2 etag W/"1206-5ddd167780e01" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=1200 expires Thu, 04 Aug 2022 13:33:43 GMT
GET H2	200	search-home.css cdn.airfind.com/genericportal/public/css/pages/	60 KB 13 KB	74ms 12ms	Stylesheet text/css	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/genericportal/public/css/pages/search-home.css?cb=c52298f Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash b31f2213d05096874eff738886029863d9d0fa4155f1b45bbf8fd365c79cb534 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT content-encoding gzip last-modified Fri, 29 Apr 2022 21:05:37 GMT server NetDNA-cache/2.2 etag W/"ee4e-5ddd167782d41" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=1200 expires Thu, 04 Aug 2022 13:27:44 GMT
GET H2	200	icon-search.png cdn.airfind.com/genericportal/public/img/	2 KB 2 KB	6ms 6ms	Image image/png	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/genericportal/public/img/icon-search.png Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 9c8d8dc2ae2f5dd2409c34049d4493b1992c5a4f3b35b4f88d358fb6eb5fa3be Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT last-modified Fri, 29 Apr 2022 21:05:37 GMT server NetDNA-cache/2.2 etag "83d-5ddd167785c22" x-cache HIT content-type image/png cache-control max-age=1200 accept-ranges bytes content-length 2109 expires Thu, 04 Aug 2022 13:32:31 GMT
GET H2	200	v1 api.airfind.com/stats/adrequest/	48 B 259 B	712ms 167ms	Image image/gif	198.199.108.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://api.airfind.com/stats/adrequest/v1?clientid=50459&type=impression&adCampaign=featuredAdTiles-Google&provider=AirFind&cb=643876 Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.108.22 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:24 GMT cache-control private, no-cache, proxy-revalidate, max-age=0 server nginx content-length 48 content-disposition inline content-type image/gif
GET H2	200	1611078497155-1583347962911-Google.png cdn.airfind.com/ext/	8 KB 8 KB	8ms 6ms	Image image/png	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/ext/1611078497155-1583347962911-Google.png Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 90ad536b4e8a98c12c408363a74c1321f16f203e3c21f8c869429bf6f749e7e8 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT last-modified Tue, 19 Jan 2021 17:48:17 GMT server NetDNA-cache/2.2 etag "1f25-5b9447187566c" x-cache HIT content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 7973 expires Tue, 16 Aug 2022 11:51:51 GMT
GET H2	200	v1 api.airfind.com/stats/adrequest/	48 B 259 B	712ms 167ms	Image image/gif	198.199.108.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://api.airfind.com/stats/adrequest/v1?clientid=50459&type=impression&adCampaign=featuredAdTiles-Facebook&provider=AirFind&cb=986651 Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.108.22 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:24 GMT cache-control private, no-cache, proxy-revalidate, max-age=0 server nginx content-length 48 content-disposition inline content-type image/gif
GET H2	200	1611078513390-1583347995670-facebook1.png cdn.airfind.com/ext/	3 KB 3 KB	9ms 7ms	Image image/png	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/ext/1611078513390-1583347995670-facebook1.png Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash d220d70c248276ac587f75614b9d15d9815491ffdfb091e1c2025c8cf26d66dd Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT last-modified Tue, 19 Jan 2021 17:48:33 GMT server NetDNA-cache/2.2 etag "ceb-5b944727f0425" x-cache HIT content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3307 expires Tue, 16 Aug 2022 11:51:51 GMT
GET H2	200	v1 api.airfind.com/stats/adrequest/	48 B 261 B	710ms 165ms	Image image/gif	198.199.108.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://api.airfind.com/stats/adrequest/v1?clientid=50459&type=impression&adCampaign=featuredAdTiles-Instagram&provider=AirFind&cb=270171 Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.108.22 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:24 GMT cache-control private, no-cache, proxy-revalidate, max-age=0 server nginx content-length 48 content-disposition inline content-type image/gif
GET H2	200	1611078533472-1583348106999-instagram-logo-color-512.png cdn.airfind.com/ext/	18 KB 18 KB	9ms 8ms	Image image/png	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/ext/1611078533472-1583348106999-instagram-logo-color-512.png Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash fb9ba19020412c12c3e9387c7a8ff8bb1d3fdbdc1d06007bdee5ee619a45933d Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT last-modified Tue, 19 Jan 2021 17:48:53 GMT server NetDNA-cache/2.2 etag "46e0-5b94473b168fd" x-cache HIT content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 18144 expires Tue, 16 Aug 2022 11:45:00 GMT
GET H2	200	v1 api.airfind.com/stats/adrequest/	48 B 259 B	710ms 166ms	Image image/gif	198.199.108.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://api.airfind.com/stats/adrequest/v1?clientid=50459&type=impression&adCampaign=featuredAdTiles-Youtube&provider=AirFind&cb=316868 Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.108.22 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:24 GMT cache-control private, no-cache, proxy-revalidate, max-age=0 server nginx content-length 48 content-disposition inline content-type image/gif
GET H2	200	1611078552034-1583348271001-youtube-icon-png-image-ios-youtube-icon-png.png cdn.airfind.com/ext/	9 KB 10 KB	13ms 12ms	Image image/png	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/ext/1611078552034-1583348271001-youtube-icon-png-image-ios-youtube-icon-png.png Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash e0b2ebd86a7f20f639930c73118b0188052f6d6e94ea24e3dc504a95f432c979 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT last-modified Tue, 19 Jan 2021 17:49:12 GMT server NetDNA-cache/2.2 etag "25f5-5b94474cc9c63" x-cache HIT content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 9717 expires Tue, 16 Aug 2022 11:51:51 GMT
GET H2	200	global.min.js Show response cdn.airfind.com/genericportal/public/js/	187 KB 71 KB	14ms 13ms	Script text/javascript	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/genericportal/public/js/global.min.js?cb=c52298f Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 0c6865be20defee0352f4fcd7899c387e4724086aa814487c991714fe6a40c84 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT content-encoding gzip last-modified Fri, 29 Apr 2022 21:05:37 GMT server NetDNA-cache/2.2 etag W/"2ed42-5ddd16778b9e3" vary Accept-Encoding x-cache HIT content-type text/javascript cache-control max-age=1200 expires Thu, 04 Aug 2022 13:35:34 GMT
GET H2	200	hotjar-285355.js Show response static.hotjar.com/c/	4 KB 3 KB	65ms 8ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-285355.js?sv=5 Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-53.fra56.r.cloudfront.net Software / Resource Hash f2da3939f4311f120270db5e2902c07adf9695ef9850bb80c43bf4cce9855997 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=86400; includeSubDomains content-encoding br x-content-type-options nosniff age 50 x-cache Hit from cloudfront date Thu, 04 Aug 2022 13:18:33 GMT cross-origin-resource-policy cross-origin via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) cache-control max-age=60 etag W/616b6f51bdecd23d7dda3723d1a8386d vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 x-amz-cf-pop FRA56-P2 x-amz-cf-id bEAz44y8iiHgD74HMKSLpS-_y3DNCq6ByTlkV2-Hg3wq0eY4gd_R0Q==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	122ms 38ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1043 date Thu, 04 Aug 2022 13:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 04 Aug 2022 15:02:00 GMT
GET H2	200	search-logo.png cdn.airfind.com/staging/core/public/img/	19 KB 20 KB	9ms 8ms	Image image/png	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/staging/core/public/img/search-logo.png Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 21af6a24312d174b0536ac91dd297ca9847ca9fc506a78717ed7b82b1ff59b3d Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT last-modified Thu, 21 Sep 2017 12:13:29 GMT server NetDNA-cache/2.2 etag "4d65-559b20531eb7d" x-cache HIT content-type image/png cache-control max-age=1200 accept-ranges bytes content-length 19813 expires Thu, 04 Aug 2022 13:32:42 GMT
GET H2	200	bing-logo.svg cdn.airfind.com/genericportal/public/img/search/	530 B 570 B	9ms 9ms	Image image/svg+xml	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/genericportal/public/img/search/bing-logo.svg Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/genericportal/public/css/pages/search-home.css?cb=c52298f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 7cda5ecc7f131c0951400f9ea3aa3100cdcc8ec06cb41b97d79ae273ab898ecc Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.airfind.com/genericportal/public/css/pages/search-home.css?cb=c52298f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT content-encoding gzip last-modified Fri, 29 Apr 2022 21:05:37 GMT server NetDNA-cache/2.2 etag W/"212-5ddd167786bc2" x-cache HIT content-type image/svg+xml cache-control max-age=1200 expires Thu, 04 Aug 2022 13:25:27 GMT
GET H2	200	owfont-regular.min.css cdn.airfind.com/core/public/bower_components/owfont/css/	6 KB 2 KB	9ms 6ms	Stylesheet text/css	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/core/public/bower_components/owfont/css/owfont-regular.min.css?cb=c52298f Requested by Host: m.moneyweb.io URL: https://m.moneyweb.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash c2b27d8ff9aaea2f76265988c7663472dec9e7483f07ef0ffab11dee104ef2f8 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT content-encoding gzip last-modified Fri, 29 Apr 2022 21:05:37 GMT server NetDNA-cache/2.2 etag W/"1917-5ddd16773e778" vary Accept-Encoding x-cache HIT content-type text/css cache-control max-age=1200 expires Thu, 04 Aug 2022 13:34:50 GMT
GET H2	200	google-analytics-scroll-tracker.min.js Show response cdn.airfind.com/genericportal/public/js/	2 KB 1 KB	7ms 6ms	Script text/javascript	23.111.11.113 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/genericportal/public/js/google-analytics-scroll-tracker.min.js?cb=c52298f Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/genericportal/public/js/global.min.js?cb=c52298f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.113 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash b22050b6ef3799688b650a1e9677986723087e07f53d0df9c2da7cb896624187 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT content-encoding gzip last-modified Fri, 29 Apr 2022 21:05:37 GMT server NetDNA-cache/2.2 etag W/"878-5ddd16778b9e3" vary Accept-Encoding x-cache HIT content-type text/javascript cache-control max-age=1200 expires Thu, 04 Aug 2022 13:26:44 GMT
GET H2	200	ipgeocoder Show response geo.airfind.com/	275 B 530 B	800ms 163ms	XHR application/json	107.170.213.60 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://geo.airfind.com/ipgeocoder Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/genericportal/public/js/global.min.js?cb=c52298f Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 107.170.213.60 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Express Resource Hash 9d2bfd877d336c2a5fc51b1666ed27213c7b114f2e1d606011fd6e7ea0805972 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:24 GMT content-encoding gzip etag W/"113-BHqSqOkBoknH0iM2D1KouQ" server nginx x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	modules.5d050be37fa3fcc28f90.js Show response script.hotjar.com/	248 KB 64 KB	37ms 8ms	Script application/javascript	52.222.236.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.5d050be37fa3fcc28f90.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-285355.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-43.fra56.r.cloudfront.net Software / Resource Hash 9594ff4a7989d3edaad4239be043a1dec33d992b4e547cdeec5041e894548041 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 11:39:06 GMT content-encoding br x-content-type-options nosniff age 92417 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin strict-transport-security max-age=86400; includeSubDomains content-length 64718 access-control-allow-origin * last-modified Wed, 03 Aug 2022 11:38:57 GMT etag "e1db1e6d1bcb7ee08b73da806fd913ab" vary Accept-Encoding content-type application/javascript via 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-P4 accept-ranges bytes x-robots-tag none x-amz-cf-id vjq1DVsqvSlxYMca5xZlyNq9kE2h9UNMfUs4UwzwhWb6Bpcon0MJOg==
GET H2	200	box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Show response vars.hotjar.com/ Frame F1E0	2 KB 1 KB	29ms 7ms	Document text/html	18.66.139.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-285355.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-28.fra60.r.cloudfront.net Software / Resource Hash 3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://m.moneyweb.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 257476 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 01 Aug 2022 13:48:07 GMT etag "b310868fbdb4c8ee7d37e1b85ae269fa" last-modified Mon, 01 Aug 2022 13:47:35 GMT strict-transport-security max-age=86400; includeSubDomains vary Accept-Encoding via 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront) x-amz-cf-id Im8QLvuaBHx_19AGQLFYE9VP32zDVD7AbDSKcC740G_FjTcG2Qau7Q== x-amz-cf-pop FRA60-P4 x-cache Hit from cloudfront x-robots-tag none
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:08:21 GMT content-encoding gzip x-content-type-options nosniff age 662 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 04 Aug 2022 14:08:21 GMT
GET H2	204	285355 Show response vc.hotjar.io/sessions/	0 257 B	78ms 39ms	XHR text/plain	13.225.78.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/285355?s=0.25&r=0.012446062063100394 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.5d050be37fa3fcc28f90.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-105.fra2.r.cloudfront.net Software Python/3.7 aiohttp/3.5.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:23 GMT via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) server Python/3.7 aiohttp/3.5.4 x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store x-amz-cf-id jLXLIA4oh5ET2K6OqzjnxXKZoNCAdG8jwOHTtlpBb9JarPfMeqePLw==
GET H2	200	v1 api.airfind.com/stats/pageviews/	48 B 259 B	169ms 168ms	Image image/gif	198.199.108.22 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://api.airfind.com/stats/pageviews/v1?clientId=50459&brand=&path=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.108.22 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e Request headers accept-language de-DE,de;q=0.9 Referer https://m.moneyweb.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 04 Aug 2022 13:19:24 GMT cache-control private, no-cache, proxy-revalidate, max-age=0 server nginx content-length 48 content-disposition inline content-type image/gif
GET H2	200	reversegeocoder Show response geo.airfind.com/	78 B 399 B	164ms 164ms	XHR application/json	107.170.213.60 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://geo.airfind.com/reversegeocoder?lat=51.221722&lng=6.77616&clientid=50459 Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/genericportal/public/js/global.min.js?cb=c52298f Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 107.170.213.60 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Express Resource Hash 99c8212649e5a569f6a19eb949058c88ce1bde5adbf6f2e4e0c26bdeb2dd8dc3 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://m.moneyweb.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Thu, 04 Aug 2022 13:19:24 GMT content-encoding gzip etag W/"4e-QRvhY4f3JJpw5FZ48bhzEw" server nginx x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
OPTIONS H2	200	reversegeocoder geo.airfind.com/ Frame	0 0	163ms 163ms	Preflight	107.170.213.60 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://geo.airfind.com/reversegeocoder?lat=51.221722&lng=6.77616&clientid=50459 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 107.170.213.60 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://m.moneyweb.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-length 0 date Thu, 04 Aug 2022 13:19:24 GMT server nginx x-powered-by Express
POST H2	200	store-location-session Show response m.moneyweb.io/	5 B 191 B	169ms 169ms	XHR text/plain	192.241.229.243 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://m.moneyweb.io/store-location-session Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/genericportal/public/js/global.min.js?cb=c52298f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.241.229.243 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Express Resource Hash d81c55f49c5bb0d36bc11e3966ec4efab66f8dfefbbc1761161ca9d230e5466a Request headers Accept */* Referer https://m.moneyweb.io/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Thu, 04 Aug 2022 13:19:24 GMT server nginx x-powered-by Express access-control-allow-headers Content-Type vary X-HTTP-Method-Override access-control-allow-methods GET,PUT,POST,DELETE

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| afRepClientId string| afClientId string| medianet_chnm object| afTemplate function| hj object| _hjSettings string| gaAnalyticsURL string| GoogleAnalyticsObject function| ga string| cdnCoreUrl string| cdnUrl string| apiUrl object| afScripts string| afPageViewId string| newsFailbackImage function| newsImageOnError function| loadDeferredImages function| loadAfDeferredStyles function| raf string| visitorId function| gotoDoNotSell function| stickToBottom function| loadLazyAds function| setupAppsCarousel undefined| loadingMoreCategoriesTriggered string| newsFeedProgressiveLoading string| newsFeedItemsLoadingMode number| newsFeedLazyLoadingOffsetIndex number| newsFeedPercentage function| loadNews function| lazyLoadNewsFeedCategories function| loadMoreNewsFromCategory function| sphereNewsCategory number| newsPage function| loadMoreNews function| loadCarusel function| showOpts function| showShare function| setInterest function| shareFacebook function| shareTwiter function| FastClick function| trackOutboundLink function| visibilityChanged boolean| searchPageViewSent function| LocationSettings function| supports_html5_storage undefined| isAdBlockDetected undefined| attachSlotRequestListener undefined| reportGAEvent function| $ function| jQuery function| _ object| rutil function| log object| settings function| Cookies function| refreshYieldMo function| BlockAdBlock object| blockAdBlock object| scrollTracker object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _YIELDMO_PUBLISHER_EXPORT

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.moneyweb.io/	1970-01-20 14:36:19	Name: visitorId Value: 33f657bf-a758-4130-8be7-3dbf9965c2e5
			m.moneyweb.io/	1970-01-20 13:45:55	Name: homepage-variantNo Value: 1
			m.moneyweb.io/	1970-01-20 13:45:55	Name: homepage-testDate Value: 2021-01-13T18%3A21%3A56Z
			m.moneyweb.io/	1970-01-20 13:45:55	Name: homepage-testVersion Value: 1
			m.moneyweb.io/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AMVmHrAvstFnMsQ0I7QN8C1yj-5csqYYK.Vo4MZ6z%2F0OfOwEPTW3vKz3fPOuQBo6QoSDk9hF1utVw
			m.moneyweb.io/	1970-01-20 14:36:19	Name: localStorageVisitorId Value: 33f657bf-a758-4130-8be7-3dbf9965c2e5
			.moneyweb.io/	1970-01-20 14:36:19	Name: _ga Value: GA1.2.1681838557.1659619161
			.moneyweb.io/	1970-01-20 05:01:45	Name: _gid Value: GA1.2.2121725743.1659619161
			.moneyweb.io/	1970-01-20 13:45:55	Name: _hjSessionUser_285355 Value: eyJpZCI6Ijc3OGM5ZjA0LWI3MTctNTgxZi1iNTg0LWUyNjljMzgxYmQzMCIsImNyZWF0ZWQiOjE2NTk2MTkxNjEzMDEsImV4aXN0aW5nIjpmYWxzZX0=
			.moneyweb.io/	1970-01-20 05:00:20	Name: _hjFirstSeen Value: 1
			m.moneyweb.io/	1970-01-20 05:00:19	Name: _hjIncludedInSessionSample Value: 0
			.moneyweb.io/	1970-01-20 05:00:20	Name: _hjSession_285355 Value: eyJpZCI6IjMxNGQyNzUwLTcwOTItNDhkNS1iNGQ3LTQ2OGU2ZGExYTQ2NiIsImNyZWF0ZWQiOjE2NTk2MTkxNjEzNDYsImluU2FtcGxlIjpmYWxzZX0=
			.moneyweb.io/	1970-01-20 05:00:20	Name: _hjAbsoluteSessionInProgress Value: 1
			api.airfind.com/	1970-01-20 14:36:19	Name: visitorId Value: 6003b321-0593-4197-9a86-f71916d885e7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.airfind.com
cdn.airfind.com
geo.airfind.com
m.moneyweb.io
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
107.170.213.60
13.225.78.105
18.66.139.28
18.66.97.53
192.241.229.243
198.199.108.22
23.111.11.113
2a00:1450:4001:809::200e
52.222.236.43
0c6865be20defee0352f4fcd7899c387e4724086aa814487c991714fe6a40c84
21af6a24312d174b0536ac91dd297ca9847ca9fc506a78717ed7b82b1ff59b3d
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e
7cda5ecc7f131c0951400f9ea3aa3100cdcc8ec06cb41b97d79ae273ab898ecc
88a708021b90f75aa8657ccb831bda85251f6df47636f32a6740a3823702c61c
90ad536b4e8a98c12c408363a74c1321f16f203e3c21f8c869429bf6f749e7e8
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9594ff4a7989d3edaad4239be043a1dec33d992b4e547cdeec5041e894548041
99c8212649e5a569f6a19eb949058c88ce1bde5adbf6f2e4e0c26bdeb2dd8dc3
9c8d8dc2ae2f5dd2409c34049d4493b1992c5a4f3b35b4f88d358fb6eb5fa3be
9d2bfd877d336c2a5fc51b1666ed27213c7b114f2e1d606011fd6e7ea0805972
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b22050b6ef3799688b650a1e9677986723087e07f53d0df9c2da7cb896624187
b31f2213d05096874eff738886029863d9d0fa4155f1b45bbf8fd365c79cb534
c2b27d8ff9aaea2f76265988c7663472dec9e7483f07ef0ffab11dee104ef2f8
d220d70c248276ac587f75614b9d15d9815491ffdfb091e1c2025c8cf26d66dd
d81c55f49c5bb0d36bc11e3966ec4efab66f8dfefbbc1761161ca9d230e5466a
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
e0b2ebd86a7f20f639930c73118b0188052f6d6e94ea24e3dc504a95f432c979
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2da3939f4311f120270db5e2902c07adf9695ef9850bb80c43bf4cce9855997
fb9ba19020412c12c3e9387c7a8ff8bb1d3fdbdc1d06007bdee5ee619a45933d