urlscan.io logo urlscan.io
SecurityTrails logo

hgh.thetadrop.com Open in urlscan Pro
2606:4700:10::ac43:1f55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://battlepugs.thetadrop.com/a
Effective URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Submission: On February 14 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 2606:4700:10::ac43:1f55, located in United States and belongs to CLOUDFLARENET, US. The main domain is hgh.thetadrop.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 12th 2023. Valid for: a year.
This is the only time hgh.thetadrop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2606:4700:10::6816:215c (United States)

ASN13335 (CLOUDFLARENET, US)
battlepugs.thetadrop.com
api.thetadrop.com
services-api.thetadrop.com
assets.thetadrop.com
8    2606:4700:10::ac43:1f55 (United States)

ASN13335 (CLOUDFLARENET, US)
hgh.thetadrop.com
assets.thetadrop.com
api.thetadrop.com
services-api.thetadrop.com
1    2600:9000:2394:e400:1b:d8af:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1ktbyo67sh8fw.cloudfront.net
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:238d:5c00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    35.82.3.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-3-81.us-west-2.compute.amazonaws.com
m.stripe.com
1    2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)
user-assets-thetadrop.imgix.net
1    35.157.63.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-63-229.eu-central-1.compute.amazonaws.com
ps6.pndsn.com
Apex Domain
Subdomains		 Transfer
16 thetadrop.com
battlepugs.thetadrop.com
hgh.thetadrop.com
assets.thetadrop.com
api.thetadrop.com
services-api.thetadrop.com
3 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1255
q.stripe.com — Cisco Umbrella Rank: 8027
m.stripe.com — Cisco Umbrella Rank: 1235
121 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1317
16 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2213
300 B
1 pndsn.com
ps6.pndsn.com — Cisco Umbrella Rank: 18048
285 B
1 imgix.net
user-assets-thetadrop.imgix.net
2 MB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
77 KB
1 cloudfront.net
d1ktbyo67sh8fw.cloudfront.net
269 KB
31 8
Domain Requested by
6 api.thetadrop.com assets.thetadrop.com
6 assets.thetadrop.com hgh.thetadrop.com
assets.thetadrop.com
3 q.stripe.com hgh.thetadrop.com
3 js.stripe.com assets.thetadrop.com
js.stripe.com
2 services-api.thetadrop.com assets.thetadrop.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 region1.google-analytics.com www.googletagmanager.com
1 ps6.pndsn.com assets.thetadrop.com
1 user-assets-thetadrop.imgix.net
1 m.stripe.com m.stripe.network
1 www.googletagmanager.com hgh.thetadrop.com
1 d1ktbyo67sh8fw.cloudfront.net hgh.thetadrop.com
1 hgh.thetadrop.com
1 battlepugs.thetadrop.com 1 redirects
31 14

This site contains links to these domains. Also see Links.

Domain
www.thetadrop.com
support.thetadrop.com
medium.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-12 -
2024-02-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-02-06 -
2023-05-13		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-03-09		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-08 -
2023-04-08		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-01 -
2023-07-03		 a year crt.sh
*.pndsn.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-09-18		 7 months crt.sh

This page contains 3 frames:

Primary Page: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Frame ID: F2E8D168A5B95051451AC6931A124C62
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: F4E226A199A3895A4405B5094C22B8B5
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8C0482E619C4692EA91548BBAC43632C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ThetaDrop.com

Page URL History Show full URLs

  1. http://battlepugs.thetadrop.com/a HTTP 301
    https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

97 %
HTTPS

64 %
IPv6

8
Domains

14
Subdomains

12
IPs

2
Countries

5356 kB
Transfer

13092 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://battlepugs.thetadrop.com/a HTTP 301
    https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request a
hgh.thetadrop.com/
Redirect Chain
  • http://battlepugs.thetadrop.com/a
  • https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa3803892c6562608760ddf3b49ac6ed6f78af558c180c35cd1cd89e068558f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=10
cf-cache-status
DYNAMIC
cf-ray
7998d2b97fab5c5c-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 14 Feb 2023 21:16:08 GMT
expires
Tue, 14 Feb 2023 21:16:18 GMT
last-modified
Fri, 27 Jan 2023 01:52:58 GMT
server
cloudflare
x-goog-generation
1674784378407184
x-goog-hash
crc32c=2gGUQA== md5=awBvglWVrC/VqQljhpvEvw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1760
x-guploader-uploadid
ADPycdtrmriIHd-lx88p7Rxqk1Dfd-_mdbllt8yd5EmUeeiTBclMbj00jD3KJx4CuO2jjixXj45yLvVxIYRDx_XOIjRUxpvdgKBT

Redirect headers

CF-RAY
7998d2b8e95cbbfd-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 14 Feb 2023 21:16:08 GMT
Expires
Tue, 14 Feb 2023 22:16:08 GMT
Location
https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
styles.css
assets.thetadrop.com/0.7.721/css/ 		562 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.thetadrop.com/0.7.721/css/styles.css?0.7.721-d15d3b88306d
Requested by
Host: hgh.thetadrop.com
URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b897037ec18d5c91ab57c7056e6d2f101891a6dd983e1c112a4b4a4658bf1d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:08 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycduowaitcM_MQLZ5wJVr7WMbEbgo0e0nTpjRXjRGi-JAalUcXklOFo1gvmLxk5-G-InjkDtv1EqWADtFO9ViIj3SgQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 27 Jan 2023 01:53:00 GMT
server
cloudflare
etag
W/"d6d23c3ce9e3f010a90803c00094508a"
vary
Accept-Encoding
x-goog-hash
crc32c=tQzwfg==, md5=1tI8POnj8BCpCAPAAJRQig==
x-goog-generation
1674784380459960
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
575343
cf-ray
7998d2bb7a3c5c5c-FRA
expires
Tue, 14 Feb 2023 21:07:00 GMT
theta.umd.min.js
d1ktbyo67sh8fw.cloudfront.net/js/ 		268 KB
269 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ktbyo67sh8fw.cloudfront.net/js/theta.umd.min.js
Requested by
Host: hgh.thetadrop.com
URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:e400:1b:d8af:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cbdcde7ef6efad97558b22715b9c4c15e03882bd49592523d0649b10ce6f152

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id
I2ahyMlxdWzWqxcGAPtB6jUvHvNC46A2
date
Tue, 14 Feb 2023 07:56:59 GMT
via
1.1 b3ca057e9cdd89c43806ec06db3b4046.cloudfront.net (CloudFront)
last-modified
Fri, 19 Mar 2021 06:14:49 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
48136
etag
"87d3e8a83dafa4c7e040c8df90c1d691"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
274870
x-amz-cf-id
aWd5LJno_qmBLBL0AM98SNsiG62WDuP4o9ze7nFaLh6rpKcTxLrIjA==
js
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z7H50SR6YJ
Requested by
Host: hgh.thetadrop.com
URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8634d7df682f06a32faebb2220f3939315260cbf11329bd08057d8f16090d32e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78812
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Feb 2023 21:16:09 GMT
vendor.js
assets.thetadrop.com/0.7.721/js/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.thetadrop.com/0.7.721/js/vendor.js?0.7.721-d15d3b88306d
Requested by
Host: hgh.thetadrop.com
URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de661fce33b9373aef51aa4c0b0062364352d3457bd9c2a7d5b2bfc81e2e8059

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycduGbKu5x3n0xjThlpq-3QuQ2c-EVS9b3x-fEyXMDuyZ55W1HCTf7UalN1ZLSsA-0VcVsRlZXThecjWqLHgesCLvmuiZ6Y89
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 27 Jan 2023 01:53:03 GMT
server
cloudflare
etag
W/"5a008368c9da049c7a3a269b3e6fcd05"
vary
Accept-Encoding
x-goog-hash
crc32c=yqHBJQ==, md5=WgCDaMnaBJx6OiabPm/NBQ==
x-goog-generation
1674784383033849
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
8213574
cf-ray
7998d2bb7a3e5c5c-FRA
expires
Tue, 14 Feb 2023 21:16:18 GMT
app.js
assets.thetadrop.com/0.7.721/js/ 		1 MB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.thetadrop.com/0.7.721/js/app.js?0.7.721-d15d3b88306d
Requested by
Host: hgh.thetadrop.com
URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d11953c4482552c138a07675acf61186f5dde88cc3f8ff1b8e211cfeb02d10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:09 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdva43XM9CEcfr_tf8qXl1RmbUrUqb8ApXbPkOW3J3JWBBDN7Qhcb1l85Skqlu6GwnXpFhCwZAbPhSbVybpB1yaJghS8cAOg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 27 Jan 2023 01:53:02 GMT
server
cloudflare
etag
W/"16c620d77bca0ed863d807231353399e"
vary
Accept-Encoding
x-goog-hash
crc32c=qCOq0A==, md5=FsYg13vKDthj2AcjE1M5ng==
x-goog-generation
1674784382782951
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
1285786
cf-ray
7998d2bb7a405c5c-FRA
expires
Tue, 14 Feb 2023 21:16:18 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z7H50SR6YJ&gtm=45je32d0&_p=1613859513&cid=1079085944.1676409369&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676409369&sct=1&seg=0&dl=https%3A%2F%2Fhgh.thetadrop.com%2Fa%3Futm_source%3Dhgh%26utm_medium%3Dsocial%26utm_campaign%3Dbattlepugs&dt=ThetaDrop.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z7H50SR6YJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 21:16:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hgh.thetadrop.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v3
js.stripe.com/ 		436 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/js/vendor.js?0.7.721-d15d3b88306d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5badbd7445df3e75d7453b8f317ce82b402868203345085dab97a175ce192f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 21:16:10 GMT
via
1.1 varnish
age
6
x-cache
HIT
content-length
119945
x-request-id
416ad566-5815-43e9-af79-d99dd1c8b3b0
x-served-by
cache-hhn-etou8220022-HHN
last-modified
Mon, 13 Feb 2023 20:34:10 GMT
server
Fastly
etag
"bddc7b025003060c0279cc3180de50fb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
truncated
/ 		286 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type
image/jpeg
session
api.thetadrop.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.thetadrop.com/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:215c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-language,x-platform
Access-Control-Request-Method
GET
Origin
https://hgh.thetadrop.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, content-type, Accept, Authorization, Content-Length, X-Requested-With, X-Platform, X-Language, X-Auth-Session, X-Auth-Token, X-Api-Key, X-Client-Id, X-Client-Secret, X-Forwarded-For, Access-Control-Allow-Credentials, Credentials, X-Website-Version, X-Client-Country
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://hgh.thetadrop.com
access-control-expose-headers
X-Auth-Session-Error, X-Auth-Session-Error-Code, Access-Control-Allow-Credentials, Credentials, X-Website_Update_Available, X-Client-Country
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
7998d2c51883906a-FRA
content-length
0
date
Tue, 14 Feb 2023 21:16:10 GMT
server
cloudflare
vary
Origin
via
1.1 google
x-powered-by
Express
session
api.thetadrop.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.thetadrop.com/session
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/js/vendor.js?0.7.721-d15d3b88306d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://hgh.thetadrop.com/
X-Language
en-US
accept-language
de-DE,de;q=0.9
X-Platform
web
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"20-NHg8R6TdkNy9kSxaUaql/qHPxC0"
vary
Origin
x-client-country
DE
access-control-allow-origin
https://hgh.thetadrop.com
access-control-expose-headers
X-Auth-Session-Error, X-Auth-Session-Error-Code, Access-Control-Allow-Credentials, Credentials, X-Website_Update_Available, X-Client-Country
cache-control
no-store
access-control-allow-credentials
true
cf-ray
7998d2c5ff075c5c-FRA
partner
api.thetadrop.com/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.thetadrop.com/partner?slug=hgh&expand=user_ids.tps_id&visibility=2
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/js/vendor.js?0.7.721-d15d3b88306d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
754c4b0c6a2dccb02eb6da1275a808278d5e70e496131a55b9e04a9901a2a093

Request headers

Referer
https://hgh.thetadrop.com/
X-Language
en-US
accept-language
de-DE,de;q=0.9
X-Platform
web
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:10 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"9b3-iSDhxupVS4Or34aQKgOEvM6gr/4"
vary
Origin, Accept-Encoding
x-client-country
DE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hgh.thetadrop.com
access-control-expose-headers
X-Auth-Session-Error, X-Auth-Session-Error-Code, Access-Control-Allow-Credentials, Credentials, X-Website_Update_Available, X-Client-Country
cache-control
no-store
access-control-allow-credentials
true
cf-ray
7998d2c5ff055c5c-FRA
partner
api.thetadrop.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.thetadrop.com/partner?slug=hgh&expand=user_ids.tps_id&visibility=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:215c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-language,x-platform
Access-Control-Request-Method
GET
Origin
https://hgh.thetadrop.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, content-type, Accept, Authorization, Content-Length, X-Requested-With, X-Platform, X-Language, X-Auth-Session, X-Auth-Token, X-Api-Key, X-Client-Id, X-Client-Secret, X-Forwarded-For, Access-Control-Allow-Credentials, Credentials, X-Website-Version, X-Client-Country
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://hgh.thetadrop.com
access-control-expose-headers
X-Auth-Session-Error, X-Auth-Session-Error-Code, Access-Control-Allow-Credentials, Credentials, X-Website_Update_Available, X-Client-Country
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
7998d2c51884906a-FRA
content-length
0
date
Tue, 14 Feb 2023 21:16:10 GMT
server
cloudflare
vary
Origin
via
1.1 google
x-powered-by
Express
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame F4E2 		200 B
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hgh.thetadrop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5944267
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 21:16:10 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 07 Dec 2022 23:30:12 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1356060
x-content-type-options
nosniff
x-request-id
c6491d60-c62a-4883-aedd-482670eb345b
x-served-by
cache-hhn-etou8220022-HHN
csp-report
q.stripe.com/ Frame F4E2 		0
601 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: hgh.thetadrop.com
URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 14 Feb 2023 21:16:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame F4E2 		0
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: hgh.thetadrop.com
URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 14 Feb 2023 21:16:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame F4E2 		631 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 21:16:10 GMT
via
1.1 varnish
age
5944266
x-cache
HIT
content-length
332
x-request-id
32ab0610-acbb-4df5-90e2-7bebc14d99ae
x-served-by
cache-hhn-etou8220022-HHN
last-modified
Wed, 07 Dec 2022 23:30:11 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1196864
inner.html
m.stripe.network/ Frame 8C04 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:5c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
202
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 21:14:34 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
x-amz-cf-id
I1HoN-mXvIjM7qBLXsXXBSuQCBbWhoz90z9m269gYdZUMZS0v3_sZw==
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 8C04 		0
374 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: hgh.thetadrop.com
URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/csp-report

Response headers

x-stripe-bg-intended-route-color
green
pragma
no-cache
date
Tue, 14 Feb 2023 21:16:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 8C04 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:5c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 21:12:21 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
230
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
B-95SFhpf0TNfUSsWnGen7tiweN9wqC9Lc9y32eKwRPImGZwGcsOLQ==
6
m.stripe.com/ Frame 8C04 		156 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.3.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-3-81.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
74b1c20cfa56d09ab2f1f67d4bbd230cfaa939aef37cbb7c03b632134d276930
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 14 Feb 2023 21:16:11 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
session
services-api.thetadrop.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services-api.thetadrop.com/session
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/js/vendor.js?0.7.721-d15d3b88306d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://hgh.thetadrop.com/
X-Language
en-US
accept-language
de-DE,de;q=0.9
X-Platform
web
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:11 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"20-NHg8R6TdkNy9kSxaUaql/qHPxC0"
vary
Origin
access-control-allow-origin
https://hgh.thetadrop.com
access-control-expose-headers
X-Auth-Session-Error, X-Auth-Session-Error-Code, Credentials
cache-control
no-store
access-control-allow-credentials
true
cf-ray
7998d2c809de5c5c-FRA
session
services-api.thetadrop.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services-api.thetadrop.com/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:215c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-language,x-platform
Access-Control-Request-Method
GET
Origin
https://hgh.thetadrop.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, content-type, Accept, Authorization, Content-Length, X-Requested-With, X-Platform, X-Language, X-Auth-Session, X-Auth-Token, X-Api-Key, X-Client-Id, X-Client-Secret, X-Forwarded-For, Cf-Connecting-IP, Credentials
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://hgh.thetadrop.com
access-control-expose-headers
X-Auth-Session-Error, X-Auth-Session-Error-Code, Credentials
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
7998d2c72ae2906a-FRA
content-length
0
date
Tue, 14 Feb 2023 21:16:10 GMT
server
cloudflare
vary
Origin
via
1.1 google
x-powered-by
Express
list
api.thetadrop.com/token_price/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.thetadrop.com/token_price/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:215c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-language,x-platform
Access-Control-Request-Method
GET
Origin
https://hgh.thetadrop.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, content-type, Accept, Authorization, Content-Length, X-Requested-With, X-Platform, X-Language, X-Auth-Session, X-Auth-Token, X-Api-Key, X-Client-Id, X-Client-Secret, X-Forwarded-For, Access-Control-Allow-Credentials, Credentials, X-Website-Version, X-Client-Country
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://hgh.thetadrop.com
access-control-expose-headers
X-Auth-Session-Error, X-Auth-Session-Error-Code, Access-Control-Allow-Credentials, Credentials, X-Website_Update_Available, X-Client-Country
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
7998d2c8fc68906a-FRA
content-length
0
date
Tue, 14 Feb 2023 21:16:11 GMT
server
cloudflare
vary
Origin
via
1.1 google
x-powered-by
Express
list
api.thetadrop.com/token_price/ 		344 B
344 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.thetadrop.com/token_price/list
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/js/vendor.js?0.7.721-d15d3b88306d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f0c34710555c335e92fcbb2bb050871d147948639e21aa26faddfc06d3ae167f

Request headers

Referer
https://hgh.thetadrop.com/
X-Language
en-US
accept-language
de-DE,de;q=0.9
X-Platform
web
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:11 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"158-RmrsxcOdv1QYXAORYNG17RxJK0I"
vary
Origin, Accept-Encoding
x-client-country
DE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hgh.thetadrop.com
access-control-expose-headers
X-Auth-Session-Error, X-Auth-Session-Error-Code, Access-Control-Allow-Credentials, Credentials, X-Website_Update_Available, X-Client-Country
cache-control
no-store
access-control-allow-credentials
true
cf-ray
7998d2c9cc395c5c-FRA
Gilroy-Bold.woff2
assets.thetadrop.com/0.7.721/assets/fonts/Gilroy/Gilroy-Bold/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.thetadrop.com/0.7.721/assets/fonts/Gilroy/Gilroy-Bold/Gilroy-Bold.woff2
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/css/styles.css?0.7.721-d15d3b88306d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:215c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5b3018aeec1426f25c6588bcbae3986bd4b51dedbb7668fd9d9cee5f1469fe

Request headers

Referer
https://assets.thetadrop.com/0.7.721/css/styles.css?0.7.721-d15d3b88306d
Origin
https://hgh.thetadrop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:11 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvYObXgB8YMjvbg76vzWyKXGQoSeBEDkB58DjyJmSgwC4ImMP5gsdpGqWvXjfJldiAwCXCXE0GBsjcQcsgG939SWQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26432
last-modified
Fri, 27 Jan 2023 01:53:02 GMT
server
cloudflare
etag
"56bc3d8266ee51af23e8f1e5ed10d386"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1674784382461754
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=QGE47Q==, md5=Vrw9gmbuUa8j6PHl7RDThg==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800
x-goog-stored-content-length
26432
accept-ranges
bytes
cf-ray
7998d2c91c98906a-FRA
expires
Tue, 14 Feb 2023 21:09:52 GMT
Gilroy-SemiBold.woff2
assets.thetadrop.com/0.7.721/assets/fonts/Gilroy/Gilroy-SemiBold/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.thetadrop.com/0.7.721/assets/fonts/Gilroy/Gilroy-SemiBold/Gilroy-SemiBold.woff2
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/css/styles.css?0.7.721-d15d3b88306d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:215c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba9a0ba5a1f007c2e78f9df055879b247ae996cd51b50371b6f4ad536527033

Request headers

Referer
https://assets.thetadrop.com/0.7.721/css/styles.css?0.7.721-d15d3b88306d
Origin
https://hgh.thetadrop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:11 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtLGO1Esu1ZCg2U28LydHjPbqz6NicWwuFHTw9qeS7Jfw9HkNr1yKyWofa8OS7Nb75HWlL8lYEBgja6i0tBZOo1CLkVag2v
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26240
last-modified
Fri, 27 Jan 2023 01:53:02 GMT
server
cloudflare
etag
"3566fd73e9baf46ccf38dd7193d7d2ec"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1674784382639038
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=cXNorQ==, md5=NWb9c+m69GzPON1xk9fS7A==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800
x-goog-stored-content-length
26240
accept-ranges
bytes
cf-ray
7998d2c91c9a906a-FRA
expires
Tue, 14 Feb 2023 21:13:34 GMT
Gilroy-Regular.woff2
assets.thetadrop.com/0.7.721/assets/fonts/Gilroy/Gilroy-Regular/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.thetadrop.com/0.7.721/assets/fonts/Gilroy/Gilroy-Regular/Gilroy-Regular.woff2
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/css/styles.css?0.7.721-d15d3b88306d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:215c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77133a66d5feb9c2bfd682139d5915966783723235f0571995cb9479f31cf791

Request headers

Referer
https://assets.thetadrop.com/0.7.721/css/styles.css?0.7.721-d15d3b88306d
Origin
https://hgh.thetadrop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:11 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsgdtJQiGxAZ516MH62j9Gpwy_DZSV5slB8x5hofvTEnSNliRPC3URTw6zQDNoLBmnpqpXz-gPQDRLMBD0WmbR2w5HDMoWr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25164
last-modified
Fri, 27 Jan 2023 01:53:02 GMT
server
cloudflare
etag
"667d554b091ff459f7df901ef9eb147d"
vary
Accept-Encoding
x-goog-generation
1674784382694837
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=FTPUUw==, md5=Zn1VSwkf9Fn335Ae+esUfQ==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800
x-goog-stored-content-length
25164
accept-ranges
bytes
cf-ray
7998d2c92cab906a-FRA
expires
Tue, 14 Feb 2023 21:16:21 GMT
hgh_logo2.png
user-assets-thetadrop.imgix.net/user_c6vckj1zg2qcb3i8bsi2q2w3i88/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets-thetadrop.imgix.net/user_c6vckj1zg2qcb3i8bsi2q2w3i88/hgh_logo2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c0b9e7b41dd2cb610866a90ef3f630bb23899b4f57561788937b961beffdf6bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:16:12 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS
x-imgix-id
b5ecbb998bd4477220ce9d810f9f4fd9e8c01a58
cross-origin-resource-policy
cross-origin
content-length
2210859
x-served-by
cache-sjc10043-SJC, cache-hhn-etou8220036-HHN
x-imgix-render-farm
01.0
last-modified
Tue, 18 Oct 2022 19:26:27 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
0
ps6.pndsn.com/v2/subscribe/sub-c-be4c5d9e-ae08-11eb-8772-0a8f76eab11b/public.global/ 		45 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ps6.pndsn.com/v2/subscribe/sub-c-be4c5d9e-ae08-11eb-8772-0a8f76eab11b/public.global/0?heartbeat=300&uuid=8d0c679e-1b99-4f4d-87e9-dfd3c343040d&pnsdk=PubNub-JS-Web%2F4.32.1
Requested by
Host: assets.thetadrop.com
URL: https://assets.thetadrop.com/0.7.721/js/vendor.js?0.7.721-d15d3b88306d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.63.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-63-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ecfcb417453a65c3f371651840422cc15c16a6e5431b8fed201720aff75eb96c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Feb 2023 21:16:11 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Length
45
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset="UTF-8"
0
ps6.pndsn.com/v2/subscribe/sub-c-be4c5d9e-ae08-11eb-8772-0a8f76eab11b/public.global/ 		0
0
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z7H50SR6YJ&gtm=45je32d0&_p=1613859513&cid=1079085944.1676409369&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676409369&sct=1&seg=0&dl=https%3A%2F%2Fhgh.thetadrop.com%2Fa%3Futm_source%3Dhgh%26utm_medium%3Dsocial%26utm_campaign%3Dbattlepugs&dt=ThetaDrop.com&en=scroll&epn.percent_scrolled=90&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z7H50SR6YJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hgh.thetadrop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 21:16:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hgh.thetadrop.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ps6.pndsn.com
URL
https://ps6.pndsn.com/v2/subscribe/sub-c-be4c5d9e-ae08-11eb-8772-0a8f76eab11b/public.global/0?heartbeat=300&tt=16764093515597578&tr=43&uuid=8d0c679e-1b99-4f4d-87e9-dfd3c343040d&pnsdk=PubNub-JS-Web%2F4.32.1

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| regeneratorRuntime object| peerjs function| Peer function| parcelRequire function| Theta function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackJsonp object| __SENTRY__ function| _ function| setImmediate function| clearImmediate object| _ethers object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| SCPEAK object| LiveLike function| ProgramDateTimeSyncStrategy function| HlsJsSyncStrategy function| html function| property function| LiveLikeWidgetElement function| LiveLikeWidget function| LiveLikeWidgetMixin function| LiveLikePoll function| LiveLikeQuiz function| LiveLikePrediction function| LiveLikeFollowUp function| LiveLikeAlert function| LiveLikeEmojiSlider function| LiveLikeSocialEmbed function| LiveLikeRichPost function| LiveLikeCheerMeter function| LiveLikeVideoAlert function| LiveLikeDescription function| LiveLikeDismissButton function| LiveLikeImage function| LiveLikeOption function| LiveLikePercentage function| LiveLikeProgress function| LiveLikeSelect function| LiveLikeTimer function| LiveLikeTitle function| LiveLikeVoteCount function| LiveLikeWidgetBody function| LiveLikeWidgetBylines function| LiveLikeWidgetFooter function| LiveLikeWidgetHeader function| LiveLikeWidgetRoot function| LiveLikeDuelingProgress function| LiveLikeTextAsk function| LiveLikeVideo function| LiveLikeNumberPrediction function| LiveLikeNumberFollowUp object| core object| vttjs function| WebVTT object| webpackChunkStripeJSouter function| noop function| Stripe

5 Cookies

Domain/Path Name / Value
.thetadrop.com/ Name: _ga
Value: GA1.1.1079085944.1676409369
.thetadrop.com/ Name: _ga_Z7H50SR6YJ
Value: GS1.1.1676409369.1.0.1676409369.0.0.0
m.stripe.com/ Name: m
Value: 578175f7-055d-4124-8ad4-a321e9ed52d1efc420
.hgh.thetadrop.com/ Name: __stripe_mid
Value: b3fbb72a-8079-4342-bfb1-bbe2b67f2ef47063d6
.hgh.thetadrop.com/ Name: __stripe_sid
Value: 13ba34b1-8043-414b-9353-fcb10c460b41dcab35

2 Console Messages

Source Level URL
Text
network error URL: https://hgh.thetadrop.com/a?utm_source=hgh&utm_medium=social&utm_campaign=battlepugs
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.thetadrop.com
assets.thetadrop.com
battlepugs.thetadrop.com
d1ktbyo67sh8fw.cloudfront.net
hgh.thetadrop.com
js.stripe.com
m.stripe.com
m.stripe.network
ps6.pndsn.com
q.stripe.com
region1.google-analytics.com
services-api.thetadrop.com
user-assets-thetadrop.imgix.net
www.googletagmanager.com
ps6.pndsn.com
151.101.192.176
2001:4860:4802:32::36
2600:9000:238d:5c00:19:7d10:bd80:93a1
2600:9000:2394:e400:1b:d8af:3f00:93a1
2606:4700:10::6816:215c
2606:4700:10::ac43:1f55
2a00:1450:4001:812::2008
2a04:4e42:8e::720
35.157.63.229
35.82.3.81
54.186.23.98
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2cbdcde7ef6efad97558b22715b9c4c15e03882bd49592523d0649b10ce6f152
47d11953c4482552c138a07675acf61186f5dde88cc3f8ff1b8e211cfeb02d10
5badbd7445df3e75d7453b8f317ce82b402868203345085dab97a175ce192f7c
74b1c20cfa56d09ab2f1f67d4bbd230cfaa939aef37cbb7c03b632134d276930
754c4b0c6a2dccb02eb6da1275a808278d5e70e496131a55b9e04a9901a2a093
77133a66d5feb9c2bfd682139d5915966783723235f0571995cb9479f31cf791
8634d7df682f06a32faebb2220f3939315260cbf11329bd08057d8f16090d32e
8ba9a0ba5a1f007c2e78f9df055879b247ae996cd51b50371b6f4ad536527033
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b897037ec18d5c91ab57c7056e6d2f101891a6dd983e1c112a4b4a4658bf1d11
bd5b3018aeec1426f25c6588bcbae3986bd4b51dedbb7668fd9d9cee5f1469fe
c0b9e7b41dd2cb610866a90ef3f630bb23899b4f57561788937b961beffdf6bf
daa3803892c6562608760ddf3b49ac6ed6f78af558c180c35cd1cd89e068558f
de661fce33b9373aef51aa4c0b0062364352d3457bd9c2a7d5b2bfc81e2e8059
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecfcb417453a65c3f371651840422cc15c16a6e5431b8fed201720aff75eb96c
f0c34710555c335e92fcbb2bb050871d147948639e21aa26faddfc06d3ae167f
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083