URL: https://githowto.com/staging_changes
Submission: On March 24 via manual from US — Scanned from DE

Summary

This website contacted 15 IPs in 6 countries across 15 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3032::ac43:907a, located in United States and belongs to CLOUDFLARENET, US. The main domain is githowto.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.
This is the only time githowto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
159 KB
4 ban-dera.com
ban-dera.com
244 KB
4 gstatic.com
fonts.gstatic.com
118 KB
4 githowto.com
githowto.com
147 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1810
44 KB
2 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 13573
18 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 carbonads.net
srv.carbonads.net — Cisco Umbrella Rank: 29237
832 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
64 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
436 B
1 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 133
617 B
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 15816
926 B
1 servedby-buysellads.com
m.servedby-buysellads.com — Cisco Umbrella Rank: 22401
17 KB
1 carbonads.com
cdn.carbonads.com — Cisco Umbrella Rank: 32517
6 KB
32 15
Domain Requested by
4 cdn.jsdelivr.net ban-dera.com
cdn.jsdelivr.net
4 ban-dera.com githowto.com
ban-dera.com
4 fonts.gstatic.com fonts.googleapis.com
4 githowto.com githowto.com
2 www.paypalobjects.com ban-dera.com
2 cdn4.buysellads.net githowto.com
2 www.google-analytics.com githowto.com
www.google-analytics.com
2 fonts.googleapis.com githowto.com
ban-dera.com
1 srv.carbonads.net cdn.carbonads.com
1 www.googletagmanager.com ban-dera.com
1 stats.g.doubleclick.net www.google-analytics.com
1 graph.facebook.com githowto.com
1 srv.buysellads.com m.servedby-buysellads.com
1 m.servedby-buysellads.com githowto.com
1 cdn.carbonads.com githowto.com
32 15

This site contains links to these domains. Also see Links.

Domain
srv.carbonads.net
carbonads.net
srv.buysellads.com
github.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-14 -
2022-06-13
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.carbonads.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-03 -
2022-04-08
2 years crt.sh
*.servedby-buysellads.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-14 -
2023-01-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-18 -
2022-05-18
2 years crt.sh
www.ban-dera.com
R3
2022-03-02 -
2022-05-31
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-01-01 -
2022-04-01
3 months crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA
2021-08-03 -
2022-09-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2022-02-11 -
2023-03-14
a year crt.sh
*.carbonads.net
Sectigo RSA Domain Validation Secure Server CA
2021-09-22 -
2022-10-23
a year crt.sh

This page contains 2 frames:

Primary Page: https://githowto.com/staging_changes
Frame ID: 97B087A3D1BF4A5E715201697EE1732F
Requests: 20 HTTP requests in this frame

Frame: https://ban-dera.com/
Frame ID: AE3E6B593324DA5C5E4E51F3D91A67C0
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

6. Staging the changes

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js

Overall confidence: 100%
Detected patterns
  • carbonads\.com

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

32
Requests

97 %
HTTPS

64 %
IPv6

15
Domains

15
Subdomains

15
IPs

6
Countries

841 kB
Transfer

2640 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request staging_changes
githowto.com/
14 KB
5 KB
Document
General
Full URL
https://githowto.com/staging_changes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:907a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e08b57d7dba3d40f4f3fec959d40fec8ab91683ff752002c74fbb8e10b518e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 24 Mar 2022 19:44:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache no-cache, private
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
BYPASS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhHLVrUfG4NWIb8C3ChXs%2ByRa80Bd5HcUk1VE21sTHmX0DoYV57Qnkue%2FBY%2FJem2IoOJh089KmfF0UEefmotCfaOwvp69%2BDpOQOzB8k16j50bzQnCmtl%2BskvhXkSVBhA1RuTpyKw9hW5QZA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6f11e74f0d009130-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
2 KB
1009 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 18:05:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 24 Mar 2022 19:44:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Mar 2022 19:44:48 GMT
output.min.css
githowto.com/release/css/
205 KB
38 KB
Stylesheet
General
Full URL
https://githowto.com/release/css/output.min.css
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:907a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2366f019e0a823d4f48cf23cb845609d347612c66bb77d61fd67fcf6c9aff7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/staging_changes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5056408
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Nov 2021 11:20:02 GMT
server
cloudflare
etag
W/"618907e2-33471"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HC2PbaamVNMU69mCcP2pR%2Frn4mqnWaVomHp8FMsRm7U3MzaJYNlUF3Nrr4%2BfGe7Vt77rkwpeG1IpfPa60ew%2FWRznz5L45w%2BMyS7SRh9iKl3zjB%2FHAfmrhX5Pyyn6lQqVXLK8gG7NUCJKZLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public
cf-ray
6f11e74f8e579130-FRA
expires
Wed, 25 Jan 2023 07:02:05 GMT
carbon.js
cdn.carbonads.com/
14 KB
6 KB
Script
General
Full URL
https://cdn.carbonads.com/carbon.js?serve=CK7DTK3W&placement=githowtocom
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.10.140 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4e1b0ab4fa290233452f6a707e130e46e724a2f7799a5b4c732a86c7022d37ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 19:44:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Sep 2021 20:21:28 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
XM645XZ1DRGE8A3B
ETag
W/"5091eddcdeeda92db580f4108e1a96a2"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Connection
keep-alive
x-amz-id-2
m1ESP8oreuhUVZj2997ADsjOdz3pzQn4dn00k2dQ0II5rcSMIuqKdIMfFM49zd6HHhxS8cdoB0U=
monetization.js
m.servedby-buysellads.com/
64 KB
17 KB
Script
General
Full URL
https://m.servedby-buysellads.com/monetization.js
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.78 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
e3e4d924593914301bd60984ecc6845520bc5b168268b8bfe86e1547d1471473

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 19:44:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 17:47:40 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
TKAW4JQPKC79J0FZ
ETag
W/"db22853bb2e8616f35c350891dd906bd"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
x-amz-id-2
aKCQmxne4VhZH8ifKXR6Z6fOcbC0GcP1EZRhSOhsOxbp7/r3YbKFRBnUDYbYwJsA/jYoo0ewrys=
Expires
Fri, 25 Mar 2022 19:44:48 GMT
output.min.js
githowto.com/release/js/
114 KB
40 KB
Script
General
Full URL
https://githowto.com/release/js/output.min.js
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:907a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991a9106c6f47f2566253588a5fdb10613555c9abd0cfdecbc6ed26075e1aead

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/staging_changes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2091467
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Nov 2021 11:20:05 GMT
server
cloudflare
etag
W/"618907e5-1c6e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kd15KiWujnhWlMUmENVGAE0bvdpzILF4VSDuSCNYxN5CSFOmNGlOi0V88LQVtnWjAHZtCkPFLuQlZ2z%2B7iIny%2Bc3soa9eqR8X3dmbUJyb13mLEdwUxjc%2FV35UgWmSdJA%2FB%2FMRGuzejvXI3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
cf-ray
6f11e74f8e5a9130-FRA
expires
Fri, 24 Feb 2023 15:47:37 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6002
date
Thu, 24 Mar 2022 18:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 24 Mar 2022 20:04:46 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/
44 KB
45 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://githowto.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:33:58 GMT
x-content-type-options
nosniff
age
87050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:33:58 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://githowto.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:33:58 GMT
x-content-type-options
nosniff
age
87050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:33:58 GMT
fontawesome-webfont.woff
githowto.com/release/fonts/font-awesome/
64 KB
65 KB
Font
General
Full URL
https://githowto.com/release/fonts/font-awesome/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: githowto.com
URL: https://githowto.com/release/css/output.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:907a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://githowto.com/release/css/output.min.css
Origin
https://githowto.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Nov 2021 11:19:33 GMT
server
cloudflare
etag
W/"618907c5-ffac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e%2BjjLX8GxL8YfXUgAlN85Dh2muUPVBtPBHHo9L1urGEtcDvy4yIlHRji8kdMH9rt%2BSGKpJOrQgAdQ2FQqMcwvfIQ1NhJbLCcqpgUA1wKkCl3ivSTZUqjiUzuPG9hmJclodF0rcJrznOG9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=31536000, public
cf-ray
6f11e7506b4d8fe0-FRA
expires
Wed, 25 Jan 2023 07:04:57 GMT
CKYD623I.json
srv.buysellads.com/ads/
2 KB
926 B
XHR
General
Full URL
https://srv.buysellads.com/ads/CKYD623I.json?segment=placement:githowtocom
Requested by
Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.255.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-11.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
5233340b32419a3f9761c5007cf9e016f9f791743bfc460da062194d63f2edfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 24 Mar 2022 19:44:48 GMT
content-encoding
gzip
server
//srv.buysellads.com
content-length
813
vary
Accept-Encoding
content-type
application/json; charset=utf-8
/
ban-dera.com/ Frame AE3E
5 KB
2 KB
Document
General
Full URL
https://ban-dera.com/
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:10a6::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6e57af06575312291456853124bf6a14eee2146ee332b401275d1fc206be2708

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/

Response headers

server
nginx
date
Thu, 24 Mar 2022 19:44:48 GMT
content-type
text/html; charset=UTF-8
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
x-ray
p999:0.090/wn26930:0.080/wa26930:D=83462
content-encoding
br
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=434864693&t=pageview&_s=1&dl=https%3A%2F%2Fgithowto.com%2Fstaging_changes&ul=en-us&de=UTF-8&dt=6.%20Staging%20the%20changes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1426767112&gjid=1133384478&cid=1102897760.1648151089&tid=UA-521840-37&_gid=1109882503.1648151089&_r=1&_slc=1&z=1779496427
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://githowto.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 19:44:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://githowto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
163 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
407736d45081804e4033cb1a01e6a3e77973454ca3ec2eb9e73e460a02ac5d86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
328 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
625b1e6b0f190ee0c2a3f8c735ca2a5c6707e921137b0c2713c48036ab2dbb6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
301 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c04397d06de68ff41fa7497f2fd8baf02f98ecaafc362ca6724fbfb714320ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
/
graph.facebook.com/
202 B
617 B
XHR
General
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fgithowto.com%2F
Requested by
Host: githowto.com
URL: https://githowto.com/release/js/output.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec8272ca03afd9df9a644002a9db63550f2316dca9d52d01d9fd4b8adbebbe70
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://githowto.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1005239783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
150
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
O0hkg0uTebUkzjnK3W1nWMXLvpLSNtHFL4BALzXAtRFa+6V9bO4jojTMgz9I6q9IZTdJ+HIfafQSFYAC52oohw==
x-fb-trace-id
GiHc4+CcaLX
date
Thu, 24 Mar 2022 19:44:48 GMT
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-fb-request-id
A5z6uag9KLm9T37dYMHMBMM
cache-control
no-store
facebook-api-version
v6.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1635806040-retool-icon.png
cdn4.buysellads.net/uu/1/103855/
2 KB
3 KB
Image
General
Full URL
https://cdn4.buysellads.net/uu/1/103855/1635806040-retool-icon.png
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
09fff9a93a26a68a57b9bdf9718d911b49d28be379bf57f5812733060c699fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:48 GMT
last-modified
Mon, 01 Nov 2021 22:34:01 GMT
server
NetDNA-cache/2.2
x-amz-request-id
JNBNJVRBFJMCKPC1
etag
"d14085338b5e4e7a9300ecb286aee058"
x-cache
HIT
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
content-length
2295
x-amz-id-2
HNP0GGB2QXvzVxAutduR+nGlRvQXs62MT7Q1K6ZY79EUEDb4yUobhA9gw1Hwyi8jIxMka4fjX6Y=
expires
Sun, 19 Mar 2023 19:44:48 GMT
collect
stats.g.doubleclick.net/j/
1 B
436 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-521840-37&cid=1102897760.1648151089&jid=1426767112&gjid=1133384478&_gid=1109882503.1648151089&_u=IEBAAEAAAAAAAC~&z=2073002201
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://githowto.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 24 Mar 2022 19:44:48 GMT
content-type
text/plain
access-control-allow-origin
https://githowto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame AE3E
1 KB
439 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Anonymous+Pro&display=swap
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dba1a2b91b5ed0e155137d62925ae5f65d3fad10bc13b317add7fa5516b2acd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 19:44:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 24 Mar 2022 19:44:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Mar 2022 19:44:49 GMT
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ Frame AE3E
79 KB
11 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
296579
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19132-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6f11e75269726939-FRA
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ Frame AE3E
152 KB
24 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ban-dera.com/
Origin
https://ban-dera.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
296590
x-jsd-version
5.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19127-FRA, cache-hhn4078-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6f11e7524ac76928-FRA
js
www.googletagmanager.com/gtag/ Frame AE3E
172 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E2JP8HENB3
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2de1a962d4dd19a5aec8dc4e03ef6ab28c2c864b4017829d6a99e0b371b1dd9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64665
x-xss-protection
0
expires
Thu, 24 Mar 2022 19:44:49 GMT
donate-sdk.js
www.paypalobjects.com/donate/sdk/ Frame AE3E
134 KB
40 KB
Script
General
Full URL
https://www.paypalobjects.com/donate/sdk/donate-sdk.js
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54866fbff058a2812fdec10b71d17d987db3616525a7c915688f18e63a2f0891
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
483ae094e5c2f
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
41002
x-served-by
cache-sjc10036-SJC, cache-hhn4078-HHN
last-modified
Mon, 11 Oct 2021 17:21:16 GMT
x-timer
S1648151089.023345,VS0,VE0
etag
W/"6164728c-21635"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
135, 2
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ Frame AE3E
77 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ban-dera.com/
Origin
https://ban-dera.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
296585
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19168-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6f11e7525aca6928-FRA
app.js
ban-dera.com/js/ Frame AE3E
1 MB
233 KB
Script
General
Full URL
https://ban-dera.com/js/app.js
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:10a6::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
06d64f8ee3a7f62c28feb80adab5517da71de0b99d40054153b0a5838d50aaf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p999:0.050/wn26930:0.010/wa26930:D=8864
content-encoding
br
date
Thu, 24 Mar 2022 19:44:49 GMT
last-modified
Sat, 19 Mar 2022 16:11:00 GMT
server
nginx
etag
W/"1322a4-5da9482524d00"
content-type
application/javascript
CK7DTK3W.json
srv.carbonads.net/ads/
1 KB
832 B
Script
General
Full URL
https://srv.carbonads.net/ads/CK7DTK3W.json?segment=placement:githowtocom&callback=_carbonads_go
Requested by
Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CK7DTK3W&placement=githowtocom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.255.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-11.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
4c1a3933dc768ef2094c2bb2ba53cec7d4415a6313d564901d0735548f03583e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 24 Mar 2022 19:44:49 GMT
content-encoding
gzip
server
//srv.buysellads.com
content-length
715
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
1644005735-Carbon_260x200_V2.png
cdn4.buysellads.net/uu/1/110638/
15 KB
15 KB
Image
General
Full URL
https://cdn4.buysellads.net/uu/1/110638/1644005735-Carbon_260x200_V2.png
Requested by
Host: githowto.com
URL: https://githowto.com/staging_changes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
aece42e1f14e5d5e384236be0a2ea1eea12bb41894547a54a9f25d5f74f3fb2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://githowto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:49 GMT
last-modified
Fri, 04 Feb 2022 20:15:37 GMT
server
NetDNA-cache/2.2
x-amz-request-id
RYAP1QYBZXDJYT62
etag
"6a94e683131f28b5005541da3fe1b468"
x-cache
HIT
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
content-length
15362
x-amz-id-2
vTOEzq9/0qQALf+obLUQHnptmFKKq7ihpYFPzfp/EQ7kY5Q5TIjUklIIDZjxTRTRHM1mfxJWgJo=
expires
Sun, 19 Mar 2023 19:44:49 GMT
ban-dera-logo.svg
ban-dera.com/img/ Frame AE3E
22 KB
6 KB
Image
General
Full URL
https://ban-dera.com/img/ban-dera-logo.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:10a6::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
a4396fda6d1437cdf8555a5b42ec0c91ecfb81e8056038706afaacd50c7a28a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p999:0.010/wn26930:0.010/wa26930:D=8692
content-encoding
br
date
Thu, 24 Mar 2022 19:44:49 GMT
last-modified
Wed, 16 Mar 2022 17:15:12 GMT
server
nginx
etag
W/"58af-5da590e650800"
content-type
image/svg+xml
monobank-logo.svg
ban-dera.com/img/ Frame AE3E
7 KB
3 KB
Image
General
Full URL
https://ban-dera.com/img/monobank-logo.svg
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:10a6::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
af345977ec335526e192f4954e83515bb447f98a56a0e27053774c284d316c5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p999:0.010/wn26930:0.010/wa26930:D=8238
content-encoding
br
date
Thu, 24 Mar 2022 19:44:49 GMT
last-modified
Wed, 16 Mar 2022 17:15:12 GMT
server
nginx
etag
W/"1a67-5da590e650800"
content-type
image/svg+xml
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ Frame AE3E
3 KB
3 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: ban-dera.com
URL: https://ban-dera.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee1c4cfd1b1818743cf6930452dee0e56aa4709359e06ded6052d1e7abb14474
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ban-dera.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:49 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=3099 idim=147x47 ifmt=gif ofsz=3098 odim=147x47 ofmt=gif
paypal-debug-id
4968af7b330f9
fastly-stats
io=1
dc
phx-origin-www-3.paypal.com
content-length
3098
x-served-by
cache-sjc10056-SJC, cache-hhn4078-HHN
x-timer
S1648151089.345243,VS0,VE0
etag
"W+Pu/C7SAaVROD4yxJfYhtmfI4zA8n2pGKd1zdw5nBA"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
864, 28
targets
ban-dera.com/api/ Frame AE3E
0
0

truncated
/ Frame AE3E
108 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AE3E
273 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
rP2Bp2a15UIB7Un-bOeISG3pHl829RH9.woff2
fonts.gstatic.com/s/anonymouspro/v19/ Frame AE3E
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/anonymouspro/v19/rP2Bp2a15UIB7Un-bOeISG3pHl829RH9.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anonymous+Pro&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476607c776c9e8cabc7e1489125be12b17477e1ddaf6b874d2af57182e0989b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ban-dera.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 05:53:50 GMT
x-content-type-options
nosniff
age
222659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9696
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 05:53:50 GMT
rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
fonts.gstatic.com/s/anonymouspro/v19/ Frame AE3E
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/anonymouspro/v19/rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anonymous+Pro&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ban-dera.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:53:00 GMT
x-content-type-options
nosniff
age
229909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17528
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:46:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 03:53:00 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/ Frame AE3E
100 KB
101 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Origin
https://ban-dera.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:44:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
296590
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102536
x-served-by
cache-fra19171-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"19088-HKXox9L7jp1grRof6ypG6Ywkij0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
6f11e7549f5c91e4-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ban-dera.com
URL
https://ban-dera.com/api/targets

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored object| _bsa function| _bsa_go function| _bsa_serving_callback object| _bsa_queue string| ignoretargeting object| socialLikesButtons function| FastClick boolean| deviceIsAndroid boolean| deviceIsIOS boolean| deviceIsIOS4 boolean| deviceIsIOSWithBadTarget function| $ function| jQuery object| smoothScroll function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _carbonads function| _carbonads_go object| _carbon_where function| _bsap_serving_callback object| bgcolor

5 Cookies

Domain/Path Name / Value
githowto.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik81M2hqYUFwSnhNdEpSS2FPSTA2NVE9PSIsInZhbHVlIjoib0h3SFwvZ3VPcG9Nc01heDdEMWZyTzVkV3UrZ0dNV3FLbXpNR25tc09KMTdHbWZ3V0dLbkh5dU5ZaXlSTlpaY0hRUGIwSm9WU2hwZWl3Y0xSMjlhQjV3PT0iLCJtYWMiOiI5Mjk0MTk1MzI5ZGIzYjZkOWM2Yjg0YjBjMzM3MWM3YjNiOTFlYzhjMjk5MjNhZTcwMGQ4ZTBjNGUwMDJjNzk0In0%3D
githowto.com/ Name: laravel_session
Value: eyJpdiI6ImNURFNTa2NPSG4wMkxtK1wvM0RRVmtBPT0iLCJ2YWx1ZSI6IkRYNWpRSUZcL1lvQW9YMW9OeXpsTWRvVkZRXC91MzhVcWpoOGVzdHgzc2pFMlgxb1dDalNrQ1wveDhxc1p1b3FhUXlPbmxyNThZWVFqVmVsUnNRQVpON1pRPT0iLCJtYWMiOiJiNmFkM2VlODFiNTIxZjM0NWRhNjRlNGZmMDRmZDMwMDlmYmMyNDQzMjIwY2RmZDk5M2JhNjkzZDRiOGMyNDc1In0%3D
.githowto.com/ Name: _ga
Value: GA1.2.1102897760.1648151089
.githowto.com/ Name: _gid
Value: GA1.2.1109882503.1648151089
.githowto.com/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://graph.facebook.com/?id=http%3A%2F%2Fgithowto.com%2F
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ban-dera.com
cdn.carbonads.com
cdn.jsdelivr.net
cdn4.buysellads.net
fonts.googleapis.com
fonts.gstatic.com
githowto.com
graph.facebook.com
m.servedby-buysellads.com
srv.buysellads.com
srv.carbonads.net
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.paypalobjects.com
ban-dera.com
108.161.189.78
151.101.194.133
178.128.255.150
23.111.10.140
2606:4700:3032::ac43:907a
2606:4700::6810:5814
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c06::9b
2a00:7a60:0:10a6::1
2a03:2880:f01c:800e:face:b00c:0:2
94.31.29.32
06d64f8ee3a7f62c28feb80adab5517da71de0b99d40054153b0a5838d50aaf9
09fff9a93a26a68a57b9bdf9718d911b49d28be379bf57f5812733060c699fa7
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1e08b57d7dba3d40f4f3fec959d40fec8ab91683ff752002c74fbb8e10b518e0
2de1a962d4dd19a5aec8dc4e03ef6ab28c2c864b4017829d6a99e0b371b1dd9b
3c2366f019e0a823d4f48cf23cb845609d347612c66bb77d61fd67fcf6c9aff7
407736d45081804e4033cb1a01e6a3e77973454ca3ec2eb9e73e460a02ac5d86
476607c776c9e8cabc7e1489125be12b17477e1ddaf6b874d2af57182e0989b8
4c1a3933dc768ef2094c2bb2ba53cec7d4415a6313d564901d0735548f03583e
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
4e1b0ab4fa290233452f6a707e130e46e724a2f7799a5b4c732a86c7022d37ee
5233340b32419a3f9761c5007cf9e016f9f791743bfc460da062194d63f2edfb
54866fbff058a2812fdec10b71d17d987db3616525a7c915688f18e63a2f0891
625b1e6b0f190ee0c2a3f8c735ca2a5c6707e921137b0c2713c48036ab2dbb6e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c04397d06de68ff41fa7497f2fd8baf02f98ecaafc362ca6724fbfb714320ac
6e57af06575312291456853124bf6a14eee2146ee332b401275d1fc206be2708
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2
991a9106c6f47f2566253588a5fdb10613555c9abd0cfdecbc6ed26075e1aead
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4396fda6d1437cdf8555a5b42ec0c91ecfb81e8056038706afaacd50c7a28a6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aece42e1f14e5d5e384236be0a2ea1eea12bb41894547a54a9f25d5f74f3fb2a
af345977ec335526e192f4954e83515bb447f98a56a0e27053774c284d316c5b
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
dba1a2b91b5ed0e155137d62925ae5f65d3fad10bc13b317add7fa5516b2acd5
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3e4d924593914301bd60984ecc6845520bc5b168268b8bfe86e1547d1471473
ec8272ca03afd9df9a644002a9db63550f2316dca9d52d01d9fd4b8adbebbe70
ee1c4cfd1b1818743cf6930452dee0e56aa4709359e06ded6052d1e7abb14474