sponsorships.cruxfinder.com Open in urlscan Pro
2606:4700:10::6816:4f55  Public Scan

URL: https://sponsorships.cruxfinder.com/
Submission: On June 27 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 53 HTTP transactions. The main IP is 2606:4700:10::6816:4f55, located in United States and belongs to CLOUDFLARENET, US. The main domain is sponsorships.cruxfinder.com.
TLS certificate: Issued by WR1 on June 26th 2024. Valid for: 3 months.
This is the only time sponsorships.cruxfinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.0.176 54113 (FASTLY)
10 2606:4700:310... 13335 (CLOUDFLAR...)
1 52.222.214.25 16509 (AMAZON-02)
26 18.66.107.101 16509 (AMAZON-02)
53 8
Apex Domain
Subdomains
Transfer
26 cloudfront.net
d3f1ztlxn3w8yp.cloudfront.net
122 KB
13 cruxfinder.com
sponsorships.cruxfinder.com
241 KB
10 paved.com
www.paved.com
12 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1638
150 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
21 KB
53 6
Domain Requested by
26 d3f1ztlxn3w8yp.cloudfront.net
13 sponsorships.cruxfinder.com sponsorships.cruxfinder.com
10 www.paved.com cdnjs.cloudflare.com
2 js.stripe.com sponsorships.cruxfinder.com
js.stripe.com
1 fonts.gstatic.com sponsorships.cruxfinder.com
1 cdnjs.cloudflare.com sponsorships.cruxfinder.com
53 6

This site contains links to these domains. Also see Links.

Domain
www.paved.com
Subject Issuer Validity Valid
sponsorships.cruxfinder.com
WR1
2024-06-26 -
2024-09-24
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
*.gstatic.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-06-21 -
2024-09-19
3 months crt.sh
paved.com
GTS CA 1P5
2024-05-11 -
2024-08-09
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh

This page contains 2 frames:

Primary Page: https://sponsorships.cruxfinder.com/
Frame ID: 37FBD79D6E145208906D8428DDAEF17C
Requests: 48 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: E3FC4981479613848E2BC33A33214E90
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Sponsor Cruxfinder Newsletter for Amazon Sellers

Detected technologies

Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

53
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

6
Subdomains

8
IPs

2
Countries

592 kB
Transfer

1699 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sponsorships.cruxfinder.com/
40 KB
8 KB
Document
General
Full URL
https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38ab0e207623270b68485f8980d9192c9046a2b9f91f93b4710f0344fd84d65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public
cf-cache-status
DYNAMIC
cf-ray
89a4f9518bfd900c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Jun 2024 11:07:34 GMT
etag
W/"d9ub3wy30uvh1"
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-gdpr-eligible
true
x-matched-path
/newsletter/[siteId]
x-vercel-cache
MISS
x-vercel-id
fra1::iad1::94fdd-1719486452006-164ced3ae27d
x-xss-protection
1; mode=block
41669402d1eea75f.css
sponsorships.cruxfinder.com/_next/static/css/
63 KB
12 KB
Stylesheet
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/css/41669402d1eea75f.css
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e541f7bcfe00e87cfabb730d3b39396c47d1bec01e83faf7a332e12df0724f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2939
x-gdpr-eligible
false
content-disposition
inline; filename="41669402d1eea75f.css"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::h5v9s-1719415736938-ab7f9dd48d7a
server
cloudflare
x-matched-path
/_next/static/css/41669402d1eea75f.css
etag
W/"d071a6cdd7f86b0b83abc2cb2258b174"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963ac4e900c-FRA
webpack-18e1e020f3fa96ee.js
sponsorships.cruxfinder.com/_next/static/chunks/
2 KB
1 KB
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/chunks/webpack-18e1e020f3fa96ee.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03e32307c555766104cf510163c799216b572f26c6032779ad50551b088c5c29
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2938
x-gdpr-eligible
false
content-disposition
inline; filename="webpack-18e1e020f3fa96ee.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::jjk44-1719415738224-e3197fe63b78
server
cloudflare
x-matched-path
/_next/static/chunks/webpack-18e1e020f3fa96ee.js
etag
W/"25c5f6911071ff65a929d3443ce2179e"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963ac51900c-FRA
framework-5429a50ba5373c56.js
sponsorships.cruxfinder.com/_next/static/chunks/
138 KB
45 KB
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/chunks/framework-5429a50ba5373c56.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a922d06946c153c130de6238a7d90e238f1341d19d42cee935017ad7495589e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2939
x-gdpr-eligible
false
content-disposition
inline; filename="framework-5429a50ba5373c56.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::9zp4h-1719415737167-1062bc66378f
server
cloudflare
x-matched-path
/_next/static/chunks/framework-5429a50ba5373c56.js
etag
W/"abba1ab5a91e57321e4e354dcf9e831a"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc7a900c-FRA
main-5f0e8c446675b718.js
sponsorships.cruxfinder.com/_next/static/chunks/
107 KB
32 KB
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/chunks/main-5f0e8c446675b718.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1064b8747232bf308d7f84b7f9959bed8ae04d131fc950d5d71cecb80a6957
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2939
x-gdpr-eligible
false
content-disposition
inline; filename="main-5f0e8c446675b718.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::d57s4-1719415737127-c300cbdf108a
server
cloudflare
x-matched-path
/_next/static/chunks/main-5f0e8c446675b718.js
etag
W/"7b60b8740e1915acd5ca6b34cac4d48d"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc7d900c-FRA
_app-fbc11ce39286ffad.js
sponsorships.cruxfinder.com/_next/static/chunks/pages/
121 KB
37 KB
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/chunks/pages/_app-fbc11ce39286ffad.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8849390f360f580b6da06ecdf21d19b3976d6fda6a0016ccd45a91173d06e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2939
x-gdpr-eligible
false
content-disposition
inline; filename="_app-fbc11ce39286ffad.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::cpf8n-1719415737081-89e680874a76
server
cloudflare
x-matched-path
/_next/static/chunks/pages/_app-fbc11ce39286ffad.js
etag
W/"3b8b5b0c02b3a81950f9d9dc8b061c6e"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc82900c-FRA
75fc9c18-5d7ef8be35b25812.js
sponsorships.cruxfinder.com/_next/static/chunks/
57 KB
20 KB
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/chunks/75fc9c18-5d7ef8be35b25812.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca5aaa50b471380f696aac869d51c694bf349e856bde62d5eddf2a061bdfd5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2938
x-gdpr-eligible
false
content-disposition
inline; filename="75fc9c18-5d7ef8be35b25812.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::8sghz-1719415736890-aaa91f22353c
server
cloudflare
x-matched-path
/_next/static/chunks/75fc9c18-5d7ef8be35b25812.js
etag
W/"778d83dccf93f9085b294a0fea844eea"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc87900c-FRA
865-a4c407c9ed340c61.js
sponsorships.cruxfinder.com/_next/static/chunks/
176 KB
54 KB
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/chunks/865-a4c407c9ed340c61.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947bc079731a715edc80c18d49c3f1915aa1340f274eb2f1dff81887b0285e9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2938
x-gdpr-eligible
false
content-disposition
inline; filename="865-a4c407c9ed340c61.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::zj85v-1719415737204-cea1ffb38b5f
server
cloudflare
x-matched-path
/_next/static/chunks/865-a4c407c9ed340c61.js
etag
W/"bffa55dd4f40a859d6c08addad426afd"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc8d900c-FRA
191-a2aa6cb3807745ba.js
sponsorships.cruxfinder.com/_next/static/chunks/
18 KB
7 KB
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/chunks/191-a2aa6cb3807745ba.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
251bb9118a6c14fb65201598057c68c5c4a4b91b85445ccf41b9c9bde139939e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2939
x-gdpr-eligible
false
content-disposition
inline; filename="191-a2aa6cb3807745ba.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::ztptw-1719415737840-b7664f6182a7
server
cloudflare
x-matched-path
/_next/static/chunks/191-a2aa6cb3807745ba.js
etag
W/"d610e72568967e0e3bc7f4a93ea17ac2"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc92900c-FRA
%5BsiteId%5D-d049099c095ab858.js
sponsorships.cruxfinder.com/_next/static/chunks/pages/newsletter/
68 KB
20 KB
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/chunks/pages/newsletter/%5BsiteId%5D-d049099c095ab858.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915c50de80d7414c1297cad234e4c8677a31265d7f06d192ad2a6b8feef4ccf1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2939
x-gdpr-eligible
false
content-disposition
inline; filename="[siteId]-d049099c095ab858.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::tqptr-1719415736936-aa3e1055f466
server
cloudflare
x-matched-path
/_next/static/chunks/pages/newsletter/%5BsiteId%5D-d049099c095ab858.js
etag
W/"09993e292395ec565a269aa257b51e6d"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc95900c-FRA
_buildManifest.js
sponsorships.cruxfinder.com/_next/static/Hr2VNHE7fWSzpKev5HcxD/
541 B
735 B
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/Hr2VNHE7fWSzpKev5HcxD/_buildManifest.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145bb4ad1d6bd9a41a9d8cd6282d87178dd74c5c9fd226c8a179342fbf971829
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2938
x-gdpr-eligible
false
content-disposition
inline; filename="_buildManifest.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::76gps-1719415736992-f5ae19ceb02f
server
cloudflare
x-matched-path
/_next/static/Hr2VNHE7fWSzpKev5HcxD/_buildManifest.js
etag
W/"eaba997786cf4cbb81207cc2214e750f"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc97900c-FRA
_ssgManifest.js
sponsorships.cruxfinder.com/_next/static/Hr2VNHE7fWSzpKev5HcxD/
77 B
487 B
Script
General
Full URL
https://sponsorships.cruxfinder.com/_next/static/Hr2VNHE7fWSzpKev5HcxD/_ssgManifest.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2938
x-gdpr-eligible
false
content-disposition
inline; filename="_ssgManifest.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::rnngz-1719415737024-6fb9ce992112
server
cloudflare
x-matched-path
/_next/static/Hr2VNHE7fWSzpKev5HcxD/_ssgManifest.js
etag
W/"b6652df95db52feb4daf4eca35380933"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=31536000, immutable
cf-ray
89a4f963dc99900c-FRA
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.26.2/
78 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.26.2/rollbar.min.js
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d300b9ab92d40783cab239d68a9bc35dfab6480cadd8cb5ff8aed97b0eccf41
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://sponsorships.cruxfinder.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
886398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21246
last-modified
Thu, 29 Jun 2023 20:05:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649de401-52fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5aVEE%2B5%2BIXj4zoDkB7tDZQHjKuXAGMbSQNMnissbPvrKyLlL%2BnEoH6hOwI0Bj%2BYF5CKZfAKOdHql4KCNLasAZtzKxh7136JrUYBtnhrYlHWKkAI4%2B%2FnwNVxQi0qrr1tePqU%2FNOVl3R2%2BpGtPs4dG%2F2m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89a4f9640bb72bd2-FRA
expires
Tue, 17 Jun 2025 11:07:34 GMT
truncated
/
1015 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c99651880161ba6df7972521a1d92e660cc75200766b0920801ed710719f0e4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/
45 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Origin
https://sponsorships.cruxfinder.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 01:28:58 GMT
x-content-type-options
nosniff
age
34716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46552
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 01:28:58 GMT
v3
js.stripe.com/
614 KB
150 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: sponsorships.cruxfinder.com
URL: https://sponsorships.cruxfinder.com/_next/static/chunks/865-a4c407c9ed340c61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
39119ba1d2ba23cac80eafcf1629f281e1f359e2865a885577525caf874125e4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 11:07:34 GMT
via
1.1 varnish
age
17
x-cache
HIT
content-length
152789
x-request-id
44e167aa-a91e-44c4-80bb-f2dc4fcf5f78
x-served-by
cache-fra-etou8220045-FRA
last-modified
Wed, 26 Jun 2024 18:55:36 GMT
server
Fastly
etag
"03a5597088d45f5ed3305d6d654992d9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
booker_sessions
www.paved.com/api/booker/ Frame
0
0
Preflight
General
Full URL
https://www.paved.com/api/booker/booker_sessions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sponsorships.cruxfinder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89a4f9679cb58ec5-FRA
date
Thu, 27 Jun 2024 11:07:35 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
server
cloudflare
vary
Accept-Encoding
via
1.1 vegur
70848448-6fb7-4dea-9346-616dee3f3073
www.paved.com/api/booker/sites/ Frame
0
0
Preflight
General
Full URL
https://www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sponsorships.cruxfinder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89a4f9679cce8ec5-FRA
date
Thu, 27 Jun 2024 11:07:35 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
server
cloudflare
vary
Accept-Encoding
via
1.1 vegur
sample
www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073/ Frame
0
0
Preflight
General
Full URL
https://www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073/sample
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sponsorships.cruxfinder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89a4f9679cbc8ec5-FRA
date
Thu, 27 Jun 2024 11:07:35 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
server
cloudflare
vary
Accept-Encoding
via
1.1 vegur
sponsorship_options
www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073/ Frame
0
0
Preflight
General
Full URL
https://www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073/sponsorship_options
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sponsorships.cruxfinder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89a4f9679cc48ec5-FRA
date
Thu, 27 Jun 2024 11:07:35 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
server
cloudflare
vary
Accept-Encoding
via
1.1 vegur
booker_sessions
www.paved.com/api/booker/
45 B
850 B
Fetch
General
Full URL
https://www.paved.com/api/booker/booker_sessions
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.26.2/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1c0a36631041a53f0ad9d7103112d564268febf1a7e48fabd3448089b0015ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 11:07:35 GMT
content-encoding
gzip
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
x-request-id
d6700e34-555c-42cb-9c7b-4874cda211f6
x-runtime
0.025521
server
cloudflare
etag
W/"e1c0a36631041a53f0ad9d7103112d56"
vary
Accept, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-max-age
7200
cf-ray
89a4f968de9d8ec5-FRA
x-frame-options
ALLOWALL
70848448-6fb7-4dea-9346-616dee3f3073
www.paved.com/api/booker/sites/
6 KB
2 KB
Fetch
General
Full URL
https://www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.26.2/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4597788a44df133888391d3add93d5d61d1c05d67d2f2663cc8f97c696176d33
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 11:07:35 GMT
content-encoding
gzip
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
x-request-id
2ed3e2be-4c59-4a1d-b86b-2511bff0ceeb
x-runtime
0.505930
server
cloudflare
etag
W/"4597788a44df133888391d3add93d5d6"
vary
Accept, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-max-age
7200
cf-ray
89a4f968de9a8ec5-FRA
x-frame-options
ALLOWALL
sample
www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073/
35 KB
8 KB
Fetch
General
Full URL
https://www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073/sample
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.26.2/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35bdbe60d1280527d17c1080bed7c4e0571a8ceab2bf20301caedb58df1c2340
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 11:07:35 GMT
content-encoding
gzip
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
x-request-id
2e966228-0049-4d0a-8de5-27d5605fa53a
x-runtime
0.244304
server
cloudflare
etag
W/"35bdbe60d1280527d17c1080bed7c4e0"
vary
Accept, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-max-age
7200
cf-ray
89a4f968de8f8ec5-FRA
x-frame-options
ALLOWALL
sponsorship_options
www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073/
1 KB
1 KB
Fetch
General
Full URL
https://www.paved.com/api/booker/sites/70848448-6fb7-4dea-9346-616dee3f3073/sponsorship_options
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.26.2/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f461a1d990c456c69b03972ec2b5b504b29fa41d80c4292a4bc1aa25689f88
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 11:07:35 GMT
content-encoding
gzip
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
x-request-id
35a14f5d-f644-4691-9865-b3199071db46
x-runtime
0.120237
server
cloudflare
etag
W/"d5f461a1d990c456c69b03972ec2b5b5"
vary
Accept, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-max-age
7200
cf-ray
89a4f968de928ec5-FRA
x-frame-options
ALLOWALL
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame E3FC
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-25.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2939
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 27 Jun 2024 10:18:37 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 14 Jun 2024 20:01:05 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-id
ogs184qnc3swYmMwx-pS4SEsyOfvmLh4skluBCaI_OOm4IyaF4B4gQ==
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
booker_session_actions
www.paved.com/api/booker/booker_sessions/9b9e33f1-d3a3-44c5-bec2-fc0ea0d005f5/
0
0
Fetch
General
Full URL
https://www.paved.com/api/booker/booker_sessions/9b9e33f1-d3a3-44c5-bec2-fc0ea0d005f5/booker_session_actions
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.26.2/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jun 2024 11:07:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
x-request-id
9b43f497-6b54-4ba2-9308-80b7fba2154d
x-runtime
0.023133
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
content-type
text/html
access-control-allow-origin
*
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
access-control-expose-headers
cache-control
no-cache
access-control-max-age
7200
cf-ray
89a4f96b8b078ec5-FRA
x-frame-options
ALLOWALL
booker_session_actions
www.paved.com/api/booker/booker_sessions/9b9e33f1-d3a3-44c5-bec2-fc0ea0d005f5/ Frame
0
0
Preflight
General
Full URL
https://www.paved.com/api/booker/booker_sessions/9b9e33f1-d3a3-44c5-bec2-fc0ea0d005f5/booker_session_actions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sponsorships.cruxfinder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89a4f96a593b8ec5-FRA
date
Thu, 27 Jun 2024 11:07:35 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1719486455&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=UgFCaw64HZb0sOwcDN%2FAGUJH7IYVEqm5xvw5XSFBh7s%3D
server
cloudflare
vary
Accept-Encoding
via
1.1 vegur
favicon.ico
sponsorships.cruxfinder.com/
15 KB
4 KB
Other
General
Full URL
https://sponsorships.cruxfinder.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b93ac32f0ffb4e21319bf5ca23349c34ce8238663c1f7aa4e078062769a71e75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sponsorships.cruxfinder.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:07:36 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-gdpr-eligible
false
content-disposition
inline; filename="favicon.ico"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-vercel-id
iad1::5vp6x-1719415740299-01643ff15928
server
cloudflare
x-matched-path
/favicon.ico
etag
W/"9b43c01093106f29d091e69657c130de"
x-vercel-cache
HIT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
expect-ct
max-age=86400, enforce
cache-control
public, max-age=300, must-revalidate
cf-ray
89a4f96a4d39900c-FRA
remote_logo_1693232943_c9bdf535-2e5d-45b4-8348-60d203b0144e-image.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site/logo/4828/
28 KB
29 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site/logo/4828/remote_logo_1693232943_c9bdf535-2e5d-45b4-8348-60d203b0144e-image.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcf5648c6fd3a508cef4d5717cb0da607b6fff1804e2f2da6c9f0c3d22359bea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:38 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:29:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
83843
x-amz-server-side-encryption
AES256
etag
"5d9ae94d61d8a8eb432bef4b6c4bde65"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
28854
x-amz-cf-id
DTKU_UtaXbzLS5vfZXgXOlYD33HDcmWzN86-kjPp99YssPX6tGq_8A==
latonas_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10477/
1 KB
2 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10477/latonas_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23b75271226761c7351412bbdda956fcf865f1bdc6c7d125eb0c4f9a4f531b46

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:29:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"6980f56b525f51d088074ac6ad15e154"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1462
x-amz-cf-id
ALDWIaZ3V2glPV2IuPg0J3BMLmcZ7O3dEayn__s9rGYDsOpavkQBaw==
joinjuno_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10478/
3 KB
3 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10478/joinjuno_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13b0c5b3b855b57c67a3514b3ff920d5c5625737d99c8d14dab041550419dce1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:29:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"8d5ffafe98e165d511015a662ddaab76"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3099
x-amz-cf-id
gSFtj4dhfDkwrYqdhUGnzrn9KCKXI2J-_sO2jbYytN4ZD_tnyd3EQg==
cahoot_ai.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10479/
8 KB
8 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10479/cahoot_ai.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:29:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"48cf25cf9e3bed8f7f98757dcb8d3103"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8651
x-amz-cf-id
x_l7DlAB2i9R0pHI8-OE5e3LBDLngMVgiMAEdgH_MMhoOE1y-uYeGg==
brightdata_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10480/
3 KB
3 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10480/brightdata_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
486c098caf03dbba30b286907d61da4980dccd7c038e1d21e76cc08e81a6d92a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:29:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"7d7de7e4ac04139e4abd9a9f6ffeb835"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2837
x-amz-cf-id
-Ckaf7HMdViMCZVBCqTb_yOXHMRMH1c_TkIpf4NbY8jk_v4rcUVTDA==
sellcord_co.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10481/
4 KB
4 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10481/sellcord_co.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc6192116c64f5eaadd8152f7acb15923dd324bd62d774be5a3cfe52f75bd15b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:29:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"0c40c6ef822ba3e299da31a042685d23"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3801
x-amz-cf-id
dGB1xI8x-zgPw1zv4RK4U9RyIBUVs-BVCg0mHutxvU1Fu2BviMF5fQ==
meliopayments_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10482/
3 KB
3 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10482/meliopayments_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7be96b3b3ea407c00fd286c351cb26bd74c8e7fbdfbbb4a446b671732cd070d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:29:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"f5b4af2a689bfebe8926a326dba196f3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2964
x-amz-cf-id
7uojPeSldEEmRfp_N-34z4EM_UugHm7NwWz-WZQDK9vkM3dQzkm3Pw==
insense_pro.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10483/
5 KB
5 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10483/insense_pro.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
476a5ee7e40b62a67a739239619b12be4803bbb122f06c7e5c36fb154079259a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:29:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"6d8dec14bd39b9effd577f9aaad13463"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4687
x-amz-cf-id
z-q_X_G58O0Cx5pjdtWHBxb7rvH6VaRjfO5_Yp8aAlhXHqEf-IJ7Vg==
stackinfluence_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10484/
4 KB
4 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10484/stackinfluence_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70337fc6a4bd7e0e5f752782cb718ef3c1a22075ab529bd7b58e0e231d2ae141

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"88b472bf45c9d9bbbf421d4f4857d250"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3902
x-amz-cf-id
iVTTGQE1JOU8F6R2iuwZ0wqk6ieJQqRa6vs0Bf-RiLW06R1ZVhtKzw==
shipnetwork_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10485/
4 KB
4 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10485/shipnetwork_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1dd187226648eaa2443596e4d4ebc63bf7d59f32df3271876d472c9ba74681f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"2b923b562cb642f4009318ff11f71ade"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3847
x-amz-cf-id
cACdGrx8fmiqizIpj8V94qpGwU0SjBtB9eH1UOSEpMekJMUq_qagmQ==
thrasio_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10486/
1 KB
2 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10486/thrasio_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa47f7ee127ccf2fc13bc199c57c66104d6430d26f43fcfea9a945f2857512ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"e15f8a18779680af938a6e6babdc2b44"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1470
x-amz-cf-id
u-wYt2ilk-ZlxVedGMI5sXExt_HXZ_YkC-Qx56P57XKARBCXVFtX7g==
brex_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10487/
2 KB
3 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10487/brex_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffc33b6c5350b7874fb2b016b001f1d4c420db03a58625736880dd87b53cb894

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"deb8117b7c30ab27a7eac34dca7c8a50"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2458
x-amz-cf-id
0sy2tbzoxoAuEr829Ld3775o93Yx242ZeSaDcM4sE4kgwb-JrfF2vQ==
sellerboard_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10488/
565 B
918 B
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10488/sellerboard_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
186f23e267fe9650a34e15d446851218d055110e55579ded97938f34b0eab7d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"d14b73708fee08367133657704b5f427"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
565
x-amz-cf-id
bSeakU-WU6EWdUHVW1TY6S55jA51LU85dlSfkDVSeYftX1InYWDO4g==
sellerrocket_io.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10489/
5 KB
5 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10489/sellerrocket_io.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f6b6c09d2a48a41703ea38ca626761b23c76993b5d9b487d7b10c6e98e92963

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"d19ab9db5f128e69c18781ab7ff726b0"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5181
x-amz-cf-id
XPLEzPzahZoqrC_TbCC76Diskb0bvT6f9FTfhEYTMTiPmtkKyYXtLw==
teikametrics_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10490/
5 KB
5 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10490/teikametrics_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bbe07bc23769385a732cc91f616d71b0a61af9540824ba804fe9dcf0b413da3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"ae9dd48412993582e103e1092732d1e8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5015
x-amz-cf-id
jZCU8PPmA4pFPvy5FrpSXaJQ5YbfrDbEP-3QlKaWbWW9PoFw5NRV8A==
junglescout_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10491/
3 KB
3 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10491/junglescout_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e364e1156cb9a6d3edd10c7065d0fc27991480ba794057ad55ef94d202ae8d9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"5acdd606415d06dd97c0aa9b3e942ab2"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2991
x-amz-cf-id
ILQxzDpzIrXPpORdwmSiIEm6a0eZCnK9r7OGjDa-hQ3KXM2ah-MjrQ==
helium10_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10492/
2 KB
2 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10492/helium10_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c90797f783f4fb318c860b4544a064a209249317204731a60494127191d28d6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"1eee9ed1549f5b865ad67342659dbf43"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2109
x-amz-cf-id
nvrvDbCfh-dB1_x5bs6u1x8DENFzmFvOgp3uLP_9TQ4UajQVS42APw==
boostedcommerce_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10493/
2 KB
2 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10493/boostedcommerce_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ef65fdc19097a88e005f247b46329a35d0efe069192aa047a4dd0dd923dbd29

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"711a42315beabc28e0e412748c03e47e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2039
x-amz-cf-id
lbV8E6Z1CTP7VpBdenYisqvd8ia8egFTTB0ivpDdE8Y5SBnsQbHkUQ==
connectbooks_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10494/
6 KB
7 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10494/connectbooks_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7830f781afefd944d024ef30b64e69b82eae8cada8f5a0c98d9044ac2db080f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:30:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"897dc96867679a1bca67147099757b32"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6552
x-amz-cf-id
7RcIK6L4doyzOuXqb7GV1OJk19iCgyQwLMbI43qgkISl5pGsuRbsHQ==
elevatebrands_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10495/
4 KB
5 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10495/elevatebrands_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cf8e70ec696c4a1639f8b0323c844c8af10482cf5f38b1221cb77a308b6f432

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:31:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"7ccc9df2cd39002483b371fd84dc626a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4268
x-amz-cf-id
u2bnQyHv0At-v45jliOqWEKQx9lABaDCBq04wEwTvqkVDoLmP0k1Ow==
onrampfunds_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10496/
5 KB
6 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10496/onrampfunds_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
523f1388f20a1e525185b7e99e81cf58f73774d4432a70e3ab106133193a270b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:31:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"84e1dbb4a015a5dffa88814f25bb5539"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5569
x-amz-cf-id
4Md6iRsGKbZLZFjwmOQlWN9nUtywwrtSAjcXZ_AhPdcMSyvD38s5Ig==
flippa_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10497/
3 KB
3 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10497/flippa_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e72fe340a9a49a3d819fd0a28a08f7d2e38a19db525f1227da4ed362ae1c43f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:31:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"d20d9d85c111614bdc45d6bd401270d3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2738
x-amz-cf-id
yYO08lOs6AvvZX2tzWDtC-iOkNjyHHTRyhdilOnUt-uWiW9OSljgCg==
feedvisor_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10498/
3 KB
3 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10498/feedvisor_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa1b9c186120f101137729b04af8a32be994de48d8364515b7bfebcb5736ec71

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:31:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"dff3bc1cb37d2653c86af685740c9658"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2588
x-amz-cf-id
otK_1tjVDbyRMBclC3G-ZUTlAP-MhcOLqqEPnB5O8sZz4G-SI3XZwA==
payability_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10499/
2 KB
2 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10499/payability_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b037d1141fcc93c03d6f140e9cafe36aae1606b41f8b40bb787899a40a64b02

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:31:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2936
etag
"4c968c840b379b0706bfa016c3b56776"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1966
x-amz-cf-id
PJqNDT9_4CMUcT33vflJVjQXlsY518cwU7UIrKONps0X3RVwB4Yopw==
edesk_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10500/
3 KB
3 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/10500/edesk_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a1faca49b060db538a3403097eece729b5c71a0cef17e888ce06163e0bf59bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 28 Aug 2023 14:31:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2937
etag
"8a1492208faa39d5a8c1d59f9df458f8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2787
x-amz-cf-id
fvot36vHolvKV1KpL7S1lFMmcFP-ah-2tlMPZGRaBVe0u7A_uqYn1A==
babbel_com.png
d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/16469/
4 KB
4 KB
Image
General
Full URL
https://d3f1ztlxn3w8yp.cloudfront.net/uploads/site_previous_advertiser/image/16469/babbel_com.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4c9d1a66e225d8a141330ae8c09a95dd2d02fd6300a9e9e26fabb2d182a8d3c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:18:39 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2024 22:19:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2937
etag
"bbe65538d6903186fc8b9831f19f4865"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4056
x-amz-cf-id
zD1CmVStNY_faFVxE74JyvVaacHs_EX73kHRXcVKoXd1ul_U27XVCA==

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| applyFocusVisiblePolyfill object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| webpackChunkStripeJSouter function| noop function| Stripe boolean| __REACH_DISABLE_TOOLTIPS

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 0af4e181-01d2-4a11-b181-f0c5b1da1ae1958440
.sponsorships.cruxfinder.com/ Name: __stripe_mid
Value: 01d77089-ae95-4e28-8f10-69bb40acea5e210c24
.sponsorships.cruxfinder.com/ Name: __stripe_sid
Value: d826f108-6c04-402c-bf82-091c04d7f262649a08

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d3f1ztlxn3w8yp.cloudfront.net
fonts.gstatic.com
js.stripe.com
sponsorships.cruxfinder.com
www.paved.com
151.101.0.176
18.66.107.101
2606:4700:10::6816:4f55
2606:4700:3108::ac42:2bb0
2606:4700::6811:190e
2a00:1450:4001:829::2003
52.222.214.25
03e32307c555766104cf510163c799216b572f26c6032779ad50551b088c5c29
0b037d1141fcc93c03d6f140e9cafe36aae1606b41f8b40bb787899a40a64b02
0cf8e70ec696c4a1639f8b0323c844c8af10482cf5f38b1221cb77a308b6f432
13b0c5b3b855b57c67a3514b3ff920d5c5625737d99c8d14dab041550419dce1
145bb4ad1d6bd9a41a9d8cd6282d87178dd74c5c9fd226c8a179342fbf971829
186f23e267fe9650a34e15d446851218d055110e55579ded97938f34b0eab7d2
1c99651880161ba6df7972521a1d92e660cc75200766b0920801ed710719f0e4
1dd187226648eaa2443596e4d4ebc63bf7d59f32df3271876d472c9ba74681f7
23b75271226761c7351412bbdda956fcf865f1bdc6c7d125eb0c4f9a4f531b46
251bb9118a6c14fb65201598057c68c5c4a4b91b85445ccf41b9c9bde139939e
35bdbe60d1280527d17c1080bed7c4e0571a8ceab2bf20301caedb58df1c2340
39119ba1d2ba23cac80eafcf1629f281e1f359e2865a885577525caf874125e4
3a1faca49b060db538a3403097eece729b5c71a0cef17e888ce06163e0bf59bf
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3c90797f783f4fb318c860b4544a064a209249317204731a60494127191d28d6
3ef65fdc19097a88e005f247b46329a35d0efe069192aa047a4dd0dd923dbd29
4597788a44df133888391d3add93d5d61d1c05d67d2f2663cc8f97c696176d33
476a5ee7e40b62a67a739239619b12be4803bbb122f06c7e5c36fb154079259a
486c098caf03dbba30b286907d61da4980dccd7c038e1d21e76cc08e81a6d92a
4e1064b8747232bf308d7f84b7f9959bed8ae04d131fc950d5d71cecb80a6957
4e541f7bcfe00e87cfabb730d3b39396c47d1bec01e83faf7a332e12df0724f9
523f1388f20a1e525185b7e99e81cf58f73774d4432a70e3ab106133193a270b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f6b6c09d2a48a41703ea38ca626761b23c76993b5d9b487d7b10c6e98e92963
70337fc6a4bd7e0e5f752782cb718ef3c1a22075ab529bd7b58e0e231d2ae141
7bbe07bc23769385a732cc91f616d71b0a61af9540824ba804fe9dcf0b413da3
7be96b3b3ea407c00fd286c351cb26bd74c8e7fbdfbbb4a446b671732cd070d8
7ca5aaa50b471380f696aac869d51c694bf349e856bde62d5eddf2a061bdfd5b
8d300b9ab92d40783cab239d68a9bc35dfab6480cadd8cb5ff8aed97b0eccf41
915c50de80d7414c1297cad234e4c8677a31265d7f06d192ad2a6b8feef4ccf1
947bc079731a715edc80c18d49c3f1915aa1340f274eb2f1dff81887b0285e9c
a38ab0e207623270b68485f8980d9192c9046a2b9f91f93b4710f0344fd84d65
a922d06946c153c130de6238a7d90e238f1341d19d42cee935017ad7495589e5
aa1b9c186120f101137729b04af8a32be994de48d8364515b7bfebcb5736ec71
b93ac32f0ffb4e21319bf5ca23349c34ce8238663c1f7aa4e078062769a71e75
bcf5648c6fd3a508cef4d5717cb0da607b6fff1804e2f2da6c9f0c3d22359bea
c7830f781afefd944d024ef30b64e69b82eae8cada8f5a0c98d9044ac2db080f
d5f461a1d990c456c69b03972ec2b5b504b29fa41d80c4292a4bc1aa25689f88
dd8849390f360f580b6da06ecdf21d19b3976d6fda6a0016ccd45a91173d06e7
e1c0a36631041a53f0ad9d7103112d564268febf1a7e48fabd3448089b0015ef
e364e1156cb9a6d3edd10c7065d0fc27991480ba794057ad55ef94d202ae8d9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c9d1a66e225d8a141330ae8c09a95dd2d02fd6300a9e9e26fabb2d182a8d3c
e72fe340a9a49a3d819fd0a28a08f7d2e38a19db525f1227da4ed362ae1c43f4
fa47f7ee127ccf2fc13bc199c57c66104d6430d26f43fcfea9a945f2857512ef
fc6192116c64f5eaadd8152f7acb15923dd324bd62d774be5a3cfe52f75bd15b
ffc33b6c5350b7874fb2b016b001f1d4c420db03a58625736880dd87b53cb894