urlscan.io logo urlscan.io
SecurityTrails logo

g33windeal.com Open in urlscan Pro
13.225.223.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.magixlooa.us/
Effective URL: https://g33windeal.com/
Submission: On April 05 via manual from FR — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 11 domains to perform 28 HTTP transactions. The main IP is 13.225.223.18, located in United States and belongs to AMAZON-02, US. The main domain is g33windeal.com. The Cisco Umbrella rank of the primary domain is 994307.
TLS certificate: Issued by Amazon on December 28th 2021. Valid for: a year.
This is the only time g33windeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    40.79.130.129 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.magixlooa.us
1    2600:1f18:2448:f220:e07f:db3c:8c8b:cf33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cd-down.com
1    35.190.66.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.66.190.35.bc.googleusercontent.com
www.g33ktr4ck.com
19    13.225.223.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-18.jfk51.r.cloudfront.net
g33windeal.com
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3035::6815:3e94 (United States)

ASN13335 (CLOUDFLARENET, US)
flagcdn.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
19 g33windeal.com
g33windeal.com — Cisco Umbrella Rank: 994307
489 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 954
27 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
438 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
409 B
1 flagcdn.com
flagcdn.com — Cisco Umbrella Rank: 48940
768 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
1 KB
1 g33ktr4ck.com
www.g33ktr4ck.com
456 B
1 cd-down.com
cd-down.com
3 KB
1 magixlooa.us
www.magixlooa.us
308 B
28 11
Domain Requested by
19 g33windeal.com 1 redirects g33windeal.com
2 www.google-analytics.com g33windeal.com
www.google-analytics.com
2 use.fontawesome.com g33windeal.com
use.fontawesome.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com g33windeal.com
1 flagcdn.com g33windeal.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com g33windeal.com
1 www.g33ktr4ck.com 1 redirects
1 cd-down.com 1 redirects
1 www.magixlooa.us
28 11

This site contains no links.

Subject Issuer Validity Valid
www.magixlooa.us
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-05 -
2022-10-05		 6 months crt.sh
g33-windeals.com
Amazon		 2021-12-28 -
2023-01-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-12 -
2022-04-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://g33windeal.com/
Frame ID: 2929BEF86B4DC4EFB515B945B3AFDEDB
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Special offer | SUPER EFFICIENT LED BULB

Page URL History Show full URLs

  1. https://www.magixlooa.us/ Page URL
  2. https://cd-down.com/?a=122494&c=300509&mt=3 HTTP 302
    https://www.g33ktr4ck.com/8LJN3/6JHXF/?uid=2207&sub1=122494&sub2=&sub3=a2415a01e8c747458d6143fb60a87ed... HTTP 302
    https://g33windeal.com/o/39FC2383?clickid=e053e9b0c2eb4c57860a059e1029c07a&subid=122494&sourceid=&d... HTTP 302
    https://g33windeal.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

28
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

11
Subdomains

9
IPs

2
Countries

583 kB
Transfer

874 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.magixlooa.us/ Page URL
  2. https://cd-down.com/?a=122494&c=300509&mt=3 HTTP 302
    https://www.g33ktr4ck.com/8LJN3/6JHXF/?uid=2207&sub1=122494&sub2=&sub3=a2415a01e8c747458d6143fb60a87ed81c250 HTTP 302
    https://g33windeal.com/o/39FC2383?clickid=e053e9b0c2eb4c57860a059e1029c07a&subid=122494&sourceid=&data=199.48.45.35.181.234.1581.164.22.1846646254.1649144727.1586856147 HTTP 302
    https://g33windeal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.magixlooa.us/ 		230 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magixlooa.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.130.129 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
9054e9dc570ac622652a0298ed33ca7bcc08a5c39da0c248a5e78fb932e49de3

Request headers

Accept-Language
en-US,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 05 Apr 2022 07:45:26 GMT
etag
W/"62468793-e6"
last-modified
Fri, 01 Apr 2022 05:03:15 GMT
server
nginx/1.14.2
Primary Request /
g33windeal.com/
Redirect Chain
  • https://cd-down.com/?a=122494&c=300509&mt=3
  • https://www.g33ktr4ck.com/8LJN3/6JHXF/?uid=2207&sub1=122494&sub2=&sub3=a2415a01e8c747458d6143fb60a87ed81c250
  • https://g33windeal.com/o/39FC2383?clickid=e053e9b0c2eb4c57860a059e1029c07a&subid=122494&sourceid=&data=199.48.45.35.181.234.1581.164.22.1846646254.1649144727.1586856147
  • https://g33windeal.com/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
958b4ed56b70832b5c22660e636d8297534776ab37587fc2afdb76b60eee41b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.magixlooa.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Apr 2022 07:45:28 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-amz-cf-id
7QajMGBiPm9sUCeMLFh3MUpzvCTxrRqleF2PX8x-bGt_P1cfxrjwvw==
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, must-revalidate, private
content-type
text/html; charset=UTF-8
date
Tue, 05 Apr 2022 07:45:27 GMT
location
/
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-amz-cf-id
bEccn4NeuMW7xFdGbzh66u5Oe9eBZ8I9uAywNv18qfhh3vL1RZ6sPg==
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
index.css
g33windeal.com/lp/template-led-bulb.src/ 		162 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g33windeal.com/lp/template-led-bulb.src/index.css?1649144727
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
6074c411a86ef080f592b66af458df54d835ef15843f88357455c5164b03ebfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Oct 2021 05:55:49 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
W/"617b8ce5-28868"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-amz-cf-id
XKfGw1gMqG4RjokLJ61x-DfPpYGx4gkCbHfSQe69aMhvWEe3xGU6lA==
x-xss-protection
1; mode=block
index.js
g33windeal.com/lp/template-led-bulb.src/ 		90 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g33windeal.com/lp/template-led-bulb.src/index.js?1649144727
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
74245d5f3f0ec24253c1924b44f200a9313b2c81669812f968565331784fff8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Oct 2021 05:55:49 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
W/"617b8ce5-16637"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-amz-cf-id
vaxmubCwOaV5_YX1j4D8zb8pLbmkL8u5i6xmCErkOgeFp2bCPd-aug==
x-xss-protection
1; mode=block
head1.png
g33windeal.com/lp/template-led-bulb.src/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/head1.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
5110ad16d7ca5c0eee29fcc7d3e828e0610e6dfde431be150ff23d34c5010a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-42c"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
1068
x-xss-protection
1; mode=block
x-amz-cf-id
ZqPrlOkIPa_anrlYyt99lOOlKxyCBqygVEW1APyTpfmK0MDqPIU9cw==
head2.png
g33windeal.com/lp/template-led-bulb.src/img/ 		982 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/head2.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
8c8ee19febc8b79281e58733bed14453ff0f666237991b12167ef9077f0f41de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-3d6"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
982
x-xss-protection
1; mode=block
x-amz-cf-id
A8SM_FMx41Qyc22dcWi1UC_F6iWfl8Qb18-R_EtfGDTi991PPwdsDQ==
head3.png
g33windeal.com/lp/template-led-bulb.src/img/ 		913 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/head3.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
ee57bb991736ef071270b69fd8720fc9046fcbeaa6533ef9ef0090a6ff4a4f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-391"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
913
x-xss-protection
1; mode=block
x-amz-cf-id
bjdAcclLFeCjBiY8VzRpiFscY9vi9KqvdqsK0hJgQCafy69fZwHzcQ==
head4.png
g33windeal.com/lp/template-led-bulb.src/img/ 		996 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/head4.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
e4a815e57a6e5242f86f07f5d3857167b3d6da38e9574e3512cba7e34fec992e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-3e4"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
996
x-xss-protection
1; mode=block
x-amz-cf-id
STckiWfUGR2FqFo716jnzfiowgNroU5dVOYharThJtGuGVLbd_UcRg==
product-main.png
g33windeal.com/lp/template-led-bulb.src/img/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/product-main.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
15169ca2c38b3d1d40c7ae6c81135238850018aa59445ac60c9713efcea7353b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-153b3"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
86963
x-xss-protection
1; mode=block
x-amz-cf-id
TwLEtmwSRqhcuuPFNZzv0CqybrPngh4JFBNlQEBr8lQfm5IIeq6Rxg==
midimages.png
g33windeal.com/lp/template-led-bulb.src/img/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/midimages.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
611c9283c8e78fe32825713120a5b251cdc4af1e2d041f651e9f191d9da417ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-3a198"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
237976
x-xss-protection
1; mode=block
x-amz-cf-id
AoBEk4AhPb83ta3FKPD8bJr4RV2v6SQesM0V57toiw5kSYL4Q9lBQQ==
ic1.png
g33windeal.com/lp/template-led-bulb.src/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/ic1.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
ffb722848ac2830bde2963a51616683b535d648500e93ee28b11bf5aa7de14fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-5d2"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
1490
x-xss-protection
1; mode=block
x-amz-cf-id
aBunDv87PnhgtNcxVcPF5KyuRCvrp92f2nMjJKRRAIprwaUmAz2SNA==
ic2.png
g33windeal.com/lp/template-led-bulb.src/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/ic2.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
4befec109f41d7895165601f7a9a74fe3b20484a40e9cf168855b671bdb0b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-5e2"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
1506
x-xss-protection
1; mode=block
x-amz-cf-id
fuO_KnnO_5npWx3gMM4IaBfvhQV4HQHlxAPlOlcRzsqEHjHzoOwSlQ==
ic3.png
g33windeal.com/lp/template-led-bulb.src/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/ic3.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
7be3332c69a736617cbb9229a62c71c5f937105848db3cf537a1b47111ada775
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-5de"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
x-amz-cf-id
g-GWgKdHziCt5r6aXtyRU_kkSXo_rA4A0AZhpVqm2hs7U3yeFWBNAA==
ic4.png
g33windeal.com/lp/template-led-bulb.src/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/ic4.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
62585d0741d1ab378a375e19e22a6b96c1f5b4dcbfc1e0dba06ba26f2b7eca17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-5a8"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
1448
x-xss-protection
1; mode=block
x-amz-cf-id
VpfkwM27t7DdQj4AXiihNFJ4-Mbq85mK0ayjfcVx3SgErupAwnjjag==
ic5.png
g33windeal.com/lp/template-led-bulb.src/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/ic5.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
eabc89696374ac3f27774c6931c5b9ce3e63270d1f55a9f3e3c2abcd5fda603a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-771"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
1905
x-xss-protection
1; mode=block
x-amz-cf-id
sTXaf8poDBT2PDlGsrxiNL3wyCXO5iiLXwyFo14VlqPDHH3-3bLWOg==
ic6.png
g33windeal.com/lp/template-led-bulb.src/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/ic6.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
96b2e72bb9a3dca2506fbcfa09a4b538ca3970515a047a5369a0e519ce63eba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-6e0"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
1760
x-xss-protection
1; mode=block
x-amz-cf-id
EgJdX9PfxgcWH1QSZCrl_OmYphHjWuMWfI8_LehTuQf0seFCClFOow==
product.jpg
g33windeal.com/lp/template-led-bulb.src/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/product.jpg
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
e728220f7d3f777af859fb8125b90050dac10089cfcdb1e1bef78f2e4fff217f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-73ee"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
29678
x-xss-protection
1; mode=block
x-amz-cf-id
uuOFYrbU7QGzWf-YLI1LNAuxJW4YQ_bOr-BlZiwcrKCEE3tBlUHjQg==
paycards.png
g33windeal.com/lp/_global/img/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/_global/img/paycards.png
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 20:40:22 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"6109a9b6-9951"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
39249
x-xss-protection
1; mode=block
x-amz-cf-id
RJafx4oI0_SK-DgvAm6N2upjVICiXJvXbDJS3hbm48yRXatLSaLWUg==
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/lp/template-led-bulb.src/index.css?1649144727
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
03af162507e24b5bf9fbe3007f047167d43f907ec70e08c814a9a10ecd590f71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 07:45:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Apr 2022 07:45:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Apr 2022 07:45:28 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/lp/template-led-bulb.src/index.css?1649144727
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23542683
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K7K6NAMJXSDD0XBS
x-amz-id-2
Rxyl1+aJaQg3DdjkTyfV5CV8aZUhUKc+Sw1+1eBiOo4h92yorRzCbPpx6lR4FXqZtbtabQjt6cs=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGGKtdzthIFo2p96uqi1RlwBR3RYKpmlk1zR7QR5chsXSr%2FKhFl4XVFk3rwLp7vvjzbvaOo%2FnFMoOeId8YTafsFrUbm1hRKoMYayyDwtLlTAE7d3PibnCEuJDTrtMdjYpZbwpyX6e%2BqRNeEDC2FtNFYW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6f70aa181fd21921-EWR
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3692
date
Tue, 05 Apr 2022 06:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 08:43:56 GMT
bg.jpg
g33windeal.com/lp/template-led-bulb.src/img/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g33windeal.com/lp/template-led-bulb.src/img/bg.jpg
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/lp/template-led-bulb.src/index.css?1649144727
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-18.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
8d665608b4150f798d8c8593b95972669fe48b29e59e3998b466a5797c8f2f17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/lp/template-led-bulb.src/index.css?1649144727
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:45:39 GMT
server
nginx
x-amz-cf-pop
JFK51-C1
etag
"61165b63-8b6a"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubdomains;
accept-ranges
bytes
content-length
35690
x-xss-protection
1; mode=block
x-amz-cf-id
GVcgrZkKPLlzAsnyDNpWXIN40W5iMZ7YbXVlnW_kYcuHGwwhLO_mYw==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://g33windeal.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:45:59 GMT
x-content-type-options
nosniff
age
550769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:45:59 GMT
fr.svg
flagcdn.com/ 		194 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flagcdn.com/fr.svg
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
562a4c9c6601bfbd1c4a3209c47f2b840650a431041f6616b8af9a0eaa888489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2056971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 19 Nov 2020 12:03:17 GMT
server
cloudflare
etag
W/"5fb65f05-c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bemjkehaC6TjkmzJcrg5m%2F%2FweRfT6pS39%2Bf6Mh5ZLlfXa8DdP4QWOdp%2BI7yOByjrKY8QaxdWaVa7ASywLrgVRfBvBUuy2aF4QPO01ZOR%2BSqn20F0TBDl26oqR9DXYIhMF3ArbGXjQah6vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-maxage=2678400
cf-ray
6f70aa18aac48ce6-EWR
fa-regular-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://g33windeal.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75364
cf-ray
6f70aa18985f8ce2-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13552
x-amz-id-2
GRp19AYZR0gkKJUhDYqJ3+xr1k61G4Jvn7aIBkml3ZMgbBZN5vpyORowUuBV1ZKCKpXx39KmuU4=
last-modified
Wed, 30 Jun 2021 15:47:00 GMT
server
cloudflare
etag
"e6257a726a0cf6ec8c6fec22821c055f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyiPY6Z8%2BXelUzsd2hhvzp0bL1M246J1YL1KDF1yrx1ftREiaJI8zyVTROkl6sCvEKICjs4JAzOD2z9kDBfxxE9YqNJpZxCK5zv1e%2BORZGAzJs6YXI4j1J%2Bvw2Z1I1%2FevYE6rJhaln83VUaustHZdCSQ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
W1C9KY2XG3C6HRN4
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
tr
www.facebook.com/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=&ev=PageView&noscript=1
Requested by
Host: g33windeal.com
URL: https://g33windeal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://g33windeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:45:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 05 Apr 2022 07:45:28 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1929205905&t=pageview&_s=1&dl=https%3A%2F%2Fg33windeal.com%2F&dr=https%3A%2F%2Fwww.magixlooa.us%2F&ul=en-us&de=UTF-8&dt=Special%20offer%20%7C%20SUPER%20EFFICIENT%20LED%20BULB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1666949700&gjid=1899469504&cid=95917393.1649144728&tid=UA-103066933-1&_gid=1072784846.1649144728&_r=1&_slc=1&z=1946103131
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://g33windeal.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 07:45:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://g33windeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-103066933-1&cid=95917393.1649144728&jid=1666949700&gjid=1899469504&_gid=1072784846.1649144728&_u=IEBAAEAAAAAAAC~&z=1798737906
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://g33windeal.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Apr 2022 07:45:28 GMT
content-type
text/plain
access-control-allow-origin
https://g33windeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| inline_url_params string| url_server string| site_slug string| ga_token string| GoogleAnalyticsObject function| ga function| _createClass function| _typeof function| _toConsumableArray function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Payment function| Card object| App object| google_tag_data object| gaplugins object| gaGlobal object| gaData

17 Cookies

Domain/Path Name / Value
cd-down.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
cd-down.com/ Name: gdm_click_freq_v1_1_001
Value: Shc/YqpJjNuR01159N5zdvRphB6y0fw0R/maQPzQ3hmie2tcXS5QASPT6/Puq5av
cd-down.com/ Name: gdm_sid_v1_3_001
Value: 5wVy61mc1QVfNVHytRDi2h0pwtUBCiuW9DuSwlafLRMhht1mlTz5tjlSGJwhtlbhMUOHloz2SW56sjvv98XCjnJVratwo10T6cmtjSriMCd4eMlZ/mLfJCIo48F67zWlDDhqhLCzGHekV8dSZUS8YUNvxPQoKttSJz3xuJ1s03o3vjOYbzD8E30vx9yDPUunEX5H1YP0waqi1u73NP5Mm6/IFea8wVe74aTrG7ZkTasOzp8E0tu03Ly3dFO4A1k8V8XNOnh3jOBtpFz7Aq835pYpCOzTuN5dReT7SmGEABcNV/O8PsweQEXjGeZw88Ne9AEU1sHlVxw3v683gnqFAqbfB0smBJIynKsxGh+ZGlXq3BCuNaJMaPVuvUoaGNujhlCHgFW+nDe5T2IgyRZzi8JgxVR2M3+wXmEilSRLlTLEexgSdOwYTZ3cKimHzbQDPRaqKHEigrSZCnDZQmK87uM+d5vXI7va6+vlJzdu4VUBaDR7BaWUMoVjmTckvKQ3TwthNqB6uJjPeZYqz2DRhJ3kQm0OqK/Zhi9EMQHle0ExpJtPo8xMkh5p1/CX7C/0ohQHx6XCsSlmGYHqff37XGk5OA3NxGgM5rqr6JP4qNOvqyzHpkuZpf6ZJu2GhIhl+eaeroseAqlPTRb1rR4n07RepS24Y3XZMbkDJPQ8EQP9jGmkAtAMQBBEKrMRa9Ad7pM0KiDyZKsczIuJu1f1OxABvdiq/UTmCNLSuUVOLp/cp/worh7sS/6AXU3g8IHqbkYw5Lgfv6tcwGVOf6LvTBYPdnpICn3q+ep/uPTsVZUTT5iNoDic9bbKoQJwLenx4r4wm8Rous8+1mMwv1V+9o+c3lGODrl4K42IF6QyCB5w2L41Rdi5qMKg9dnbkyWN2HxIYHNH8dHGpKmeA2hd1X/ZebWoKAhqqJfKtd139h8DUPSjk2BfVe/eVmAGvkBvSejY4OOTXDOldyWFopFRzBdC+tXjVO3+3l43kHG2xrwcQ89+FoJwFd8tvjpvuATA6mMf+L/rOfXCiBCKwEtKv8lSHK+rnYgk2Fhw7z5xOFZYwEUfB7O/dhuaHMhsTNWF8kIz36GrW2NhEttGB7FtxOJ5Y/mf4iGsem7YSNvMkN4=
cd-down.com/ Name: gdm_uid_v1_1_001
Value: BzxUDc6ZvXrg839rUPVFHiXxL4xH+JUuIiiTEq4FY2N/zzvzTCy/Mn3jJcKbMJTf
cd-down.com/ Name: gdm_click_adv_freq_v2_1_001
Value: HSUfoXMu3hf0403QIr/sBGB//O726iFUc5rCty7386rce13LsadK3sfVhp2s2imX
cd-down.com/ Name: gdm_sid_v2_3_001
Value: 5wVy61mc1QVfNVHytRDi2h0pwtUBCiuW9DuSwlafLRMhht1mlTz5tjlSGJwhtlbhMUOHloz2SW56sjvv98XCjnJVratwo10T6cmtjSriMCd4eMlZ/mLfJCIo48F67zWlDDhqhLCzGHekV8dSZUS8YUNvxPQoKttSJz3xuJ1s03o3vjOYbzD8E30vx9yDPUunEX5H1YP0waqi1u73NP5Mm6/IFea8wVe74aTrG7ZkTasOzp8E0tu03Ly3dFO4A1k8V8XNOnh3jOBtpFz7Aq835pYpCOzTuN5dReT7SmGEABcNV/O8PsweQEXjGeZw88Ne9AEU1sHlVxw3v683gnqFAqbfB0smBJIynKsxGh+ZGlXq3BCuNaJMaPVuvUoaGNujhlCHgFW+nDe5T2IgyRZzi8JgxVR2M3+wXmEilSRLlTLEexgSdOwYTZ3cKimHzbQDPRaqKHEigrSZCnDZQmK87uM+d5vXI7va6+vlJzdu4VUBaDR7BaWUMoVjmTckvKQ3TwthNqB6uJjPeZYqz2DRhJ3kQm0OqK/Zhi9EMQHle0ExpJtPo8xMkh5p1/CX7C/0ohQHx6XCsSlmGYHqff37XGk5OA3NxGgM5rqr6JP4qNOvqyzHpkuZpf6ZJu2GhIhl+eaeroseAqlPTRb1rR4n07RepS24Y3XZMbkDJPQ8EQP9jGmkAtAMQBBEKrMRa9Ad7pM0KiDyZKsczIuJu1f1OxABvdiq/UTmCNLSuUVOLp/cp/worh7sS/6AXU3g8IHqbkYw5Lgfv6tcwGVOf6LvTBYPdnpICn3q+ep/uPTsVZUTT5iNoDic9bbKoQJwLenx4r4wm8Rous8+1mMwv1V+9o+c3lGODrl4K42IF6QyCB5w2L41Rdi5qMKg9dnbkyWN2HxIYHNH8dHGpKmeA2hd1X/ZebWoKAhqqJfKtd139h8DUPSjk2BfVe/eVmAGvkBvSejY4OOTXDOldyWFopFRzBdC+tXjVO3+3l43kHG2xrwcQ89+FoJwFd8tvjpvuATA6mMf+L/rOfXCiBCKwEtKv8lSHK+rnYgk2Fhw7z5xOFZYwEUfB7O/dhuaHMhsTNWF8kIz36GrW2NhEttGB7FtxOJ5Y/mf4iGsem7YSNvMkN4=
cd-down.com/ Name: gdm_click_freq_v2_1_001
Value: Shc/YqpJjNuR01159N5zdvRphB6y0fw0R/maQPzQ3hmie2tcXS5QASPT6/Puq5av
cd-down.com/ Name: gdm_click_adv_freq_v1_1_001
Value: HSUfoXMu3hf0403QIr/sBGB//O726iFUc5rCty7386rce13LsadK3sfVhp2s2imX
cd-down.com/ Name: gdm_uid_v2_1_001
Value: BzxUDc6ZvXrg839rUPVFHiXxL4xH+JUuIiiTEq4FY2N/zzvzTCy/Mn3jJcKbMJTf
cd-down.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
www.g33ktr4ck.com/ Name: uniqueClick_6JHXF
Value: 0e62799d-d6ba-42b5-8cb9-6fe87ca3f2df:1649144727
www.g33ktr4ck.com/ Name: transaction_id
Value: e053e9b0c2eb4c57860a059e1029c07a
g33windeal.com/ Name: PHPSESSID
Value: 5srjbqt0v2hafo550n4d2bd146
.g33windeal.com/ Name: _ga
Value: GA1.2.95917393.1649144728
.g33windeal.com/ Name: _gid
Value: GA1.2.1072784846.1649144728
.g33windeal.com/ Name: _gat
Value: 1
.facebook.com/ Name: fr
Value: 0hrliQFmyPPFVCnpn..BiS_OY...1.0.BiS_OY.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cd-down.com
flagcdn.com
fonts.googleapis.com
fonts.gstatic.com
g33windeal.com
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.g33ktr4ck.com
www.google-analytics.com
www.magixlooa.us
13.225.223.18
2600:1f18:2448:f220:e07f:db3c:8c8b:cf33
2606:4700:3032::ac43:a9f7
2606:4700:3035::6815:3e94
2607:f8b0:4004:c07::9c
2607:f8b0:4006:816::200e
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2003
2a03:2880:f112:83:face:b00c:0:25de
35.190.66.152
40.79.130.129
03af162507e24b5bf9fbe3007f047167d43f907ec70e08c814a9a10ecd590f71
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15169ca2c38b3d1d40c7ae6c81135238850018aa59445ac60c9713efcea7353b
4befec109f41d7895165601f7a9a74fe3b20484a40e9cf168855b671bdb0b743
5110ad16d7ca5c0eee29fcc7d3e828e0610e6dfde431be150ff23d34c5010a48
562a4c9c6601bfbd1c4a3209c47f2b840650a431041f6616b8af9a0eaa888489
6074c411a86ef080f592b66af458df54d835ef15843f88357455c5164b03ebfe
611c9283c8e78fe32825713120a5b251cdc4af1e2d041f651e9f191d9da417ec
62585d0741d1ab378a375e19e22a6b96c1f5b4dcbfc1e0dba06ba26f2b7eca17
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74245d5f3f0ec24253c1924b44f200a9313b2c81669812f968565331784fff8e
7be3332c69a736617cbb9229a62c71c5f937105848db3cf537a1b47111ada775
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c8ee19febc8b79281e58733bed14453ff0f666237991b12167ef9077f0f41de
8d665608b4150f798d8c8593b95972669fe48b29e59e3998b466a5797c8f2f17
9054e9dc570ac622652a0298ed33ca7bcc08a5c39da0c248a5e78fb932e49de3
958b4ed56b70832b5c22660e636d8297534776ab37587fc2afdb76b60eee41b9
96b2e72bb9a3dca2506fbcfa09a4b538ca3970515a047a5369a0e519ce63eba6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
e4a815e57a6e5242f86f07f5d3857167b3d6da38e9574e3512cba7e34fec992e
e728220f7d3f777af859fb8125b90050dac10089cfcdb1e1bef78f2e4fff217f
eabc89696374ac3f27774c6931c5b9ce3e63270d1f55a9f3e3c2abcd5fda603a
ee57bb991736ef071270b69fd8720fc9046fcbeaa6533ef9ef0090a6ff4a4f88
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ffb722848ac2830bde2963a51616683b535d648500e93ee28b11bf5aa7de14fc