halfoffdeals.com
Open in
urlscan Pro
107.155.71.138
Public Scan
Submitted URL: https://wicked-deals.com/
Effective URL: https://halfoffdeals.com/
Submission Tags: phishingrod
Submission: On November 22 via api from DE — Scanned from DE
Effective URL: https://halfoffdeals.com/
Submission Tags: phishingrod
Submission: On November 22 via api from DE — Scanned from DE
Summary
This website contacted 22 IPs
in 3 countries
across 17 domains to perform 74 HTTP transactions.
The main IP is 107.155.71.138, located in
Dallas, United States and
belongs to HVC-AS, US.
The main domain is halfoffdeals.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 2nd 2023. Valid for: a year.
This is the only time halfoffdeals.com was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 2nd 2023. Valid for: a year.
This is the only time halfoffdeals.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
16
107.155.71.138
(Dallas, United States)
ASN29802 (HVC-AS, US)
PTR: web1.halfoffdeal.com
ASN29802 (HVC-AS, US)
PTR: web1.halfoffdeal.com
| wicked-deals.com | |
| www.halfoffdeals.com | |
| halfoffdeals.com | |
| shop.halfoffdeal.com | |
| shop.halfoffdeals.com |
6
2a00:1450:4001:80b::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
1
88.198.9.15
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-9-15.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-9-15.clients.your-server.de
| scripts.sirv.com |
26
176.9.4.235
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.235.4.9.176.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.235.4.9.176.clients.your-server.de
| spismovi.sirv.com |
2
2a00:1450:4001:813::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2600:9000:2156:a200:c:d51b:4400:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| dsms0mj1bbhn4.cloudfront.net |
1
18.245.86.39
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-39.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-39.fra60.r.cloudfront.net
| cdn.branch.io |
1
52.2.210.240
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-210-240.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-210-240.compute-1.amazonaws.com
| analytics.shareaholic.com |
1
54.197.98.98
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-98-98.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-98-98.compute-1.amazonaws.com
| www.shareaholic.net |
2
2a00:1450:4001:811::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
2
2a00:1450:4001:810::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
107.20.140.231
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-140-231.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-140-231.compute-1.amazonaws.com
| partner.shareaholic.com |
3
2a00:1450:4001:813::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
| Domain | Requested by | |
|---|---|---|
| 26 | spismovi.sirv.com |
halfoffdeals.com
scripts.sirv.com |
| 8 | halfoffdeals.com |
halfoffdeals.com
|
| 6 | pagead2.googlesyndication.com |
halfoffdeals.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
| 4 | shop.halfoffdeal.com |
halfoffdeals.com
|
| 3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 2 | www.google.com |
halfoffdeals.com
tpc.googlesyndication.com |
| 2 | api.branch.io |
cdn.branch.io
|
| 2 | www.google.de |
halfoffdeals.com
|
| 2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
| 2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | www.googletagmanager.com |
halfoffdeals.com
www.google-analytics.com |
| 2 | wicked-deals.com | 2 redirects |
| 1 | shop.halfoffdeals.com |
halfoffdeals.com
|
| 1 | partner.shareaholic.com |
dsms0mj1bbhn4.cloudfront.net
|
| 1 | region1.analytics.google.com |
www.googletagmanager.com
|
| 1 | app.link |
cdn.branch.io
|
| 1 | www.shareaholic.net |
cdn.shareaholic.net
|
| 1 | analytics.shareaholic.com |
dsms0mj1bbhn4.cloudfront.net
|
| 1 | cdn.branch.io |
halfoffdeals.com
|
| 1 | dsms0mj1bbhn4.cloudfront.net |
cdn.shareaholic.net
|
| 1 | fonts.googleapis.com |
halfoffdeals.com
|
| 1 | scripts.sirv.com |
halfoffdeals.com
|
| 1 | cdn.shareaholic.net |
halfoffdeals.com
|
| 1 | www.halfoffdeals.com | 1 redirects |
| 74 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| shop.halfoffdeal.com |
| www.halfoffdeal.com |
| www.facebook.com |
| twitter.com |
| www.pinterest.com |
| instagram.com |
| www.youtube.com |
| www.bbb.org |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| halfoffdeals.com Go Daddy Secure Certificate Authority - G2 |
2023-07-02 - 2024-08-02 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| shareaholic.com Amazon RSA 2048 M03 |
2023-11-22 - 2024-12-21 |
a year | crt.sh |
| *.sirv.com Sectigo RSA Domain Validation Secure Server CA |
2023-10-16 - 2024-11-15 |
a year | crt.sh |
| *.halfoffdeal.com Go Daddy Secure Certificate Authority - G2 |
2023-07-27 - 2024-08-27 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
| *.branch.io Amazon RSA 2048 M01 |
2023-09-11 - 2024-10-09 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| *.shareaholic.net R3 |
2023-10-30 - 2024-01-28 |
3 months | crt.sh |
| appipv4.link Amazon RSA 2048 M02 |
2023-04-25 - 2024-05-23 |
a year | crt.sh |
| www.google.de GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
| *.shareaholic.com R3 |
2023-10-26 - 2024-01-24 |
3 months | crt.sh |
| shop.halfoffdeals.com R3 |
2023-11-09 - 2024-02-07 |
3 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://halfoffdeals.com/
Frame ID: 5C4B63F7FB897367EEDCAD75D65F0A54
Requests: 66 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 2823F0A2F58034C13C60B75BC5CF3F2A
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1849320143650400&output=html&adk=2961936960&adf=2418038063&lmt=1700642722&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhalfoffdeals.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700642722579&bpp=4&bdt=574&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3917218380797&frm=20&pv=2&ga_vid=733607368.1700642723&ga_sid=1700642723&ga_hid=2058725279&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079628%2C42532523%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=1553222304847261&tmod=60412591&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: 54B91DF8932727F70E543BC487465591
Requests: 1 HTTP requests in this frame
Frame:
https://shop.halfoffdeals.com/local/assets3/img/hod-app-logo-50x50.png
Frame ID: 4C75513E5B8AA356405BDCB07DB418C0
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 178D83D2435C112BFF6D33276829157E
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A992CA4286120CB7E50E5248CD8520D
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Serving up to 50% savings on your favorite local restaurants, spas, and more!Half Off DealPage URL History Show full URLs
-
https://wicked-deals.com/
HTTP 302
https://wicked-deals.com/station_dis.php HTTP 302
http://www.halfoffdeals.com/ HTTP 301
https://halfoffdeals.com/ Page URL
Detected technologies
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://shop.halfoffdeal.com/index.php
Search URL Search Domain Scan URL
URL: https://www.halfoffdeal.com/view-cart.php?%24%2CS%60T-%60%60%60%0A%60%0A
Title: View Cart
Title: View Cart
Search URL Search Domain Scan URL
URL: http://www.facebook.com/HalfOffDeals
Search URL Search Domain Scan URL
URL: https://twitter.com/halfoffdeals
Search URL Search Domain Scan URL
URL: http://www.pinterest.com/halfoffdeals/
Search URL Search Domain Scan URL
URL: http://instagram.com/halfoffdeals
Search URL Search Domain Scan URL
URL: http://www.youtube.com/user/HalfOffDealsTV
Search URL Search Domain Scan URL
URL: http://www.bbb.org/canton/business-reviews/fulfillment-services/neofill-llc-in-hartville-oh-92001103/#bbbonlineclick
Title: BBB
Title: BBB
Search URL Search Domain Scan URL
URL: https://shop.halfoffdeal.com/
Title: HalfOffDeal
Title: HalfOffDeal
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wicked-deals.com/
HTTP 302
https://wicked-deals.com/station_dis.php HTTP 302
http://www.halfoffdeals.com/ HTTP 301
https://halfoffdeals.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
74 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
halfoffdeals.com/ Redirect Chain
|
39 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hod-shop.css
halfoffdeals.com/includes/template_9/themes/three/2020/css/ |
295 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webfont.js
halfoffdeals.com/includes/template_9/themes/three/js/dist/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
150 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shareaholic.js
cdn.shareaholic.net/assets/pub/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sirv.js
scripts.sirv.com/sirvjs/v3/ |
540 KB 142 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hod-wordmark.svg
spismovi.sirv.com/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hod-logo.png
halfoffdeals.com/includes/template_9/themes/hod/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
284291.jpg
halfoffdeals.com/images/logos/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amex-icon.png
shop.halfoffdeal.com/includes/template_9/themes/three/images/ |
627 B 856 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
discover-icon.png
shop.halfoffdeal.com/includes/template_9/themes/three/images/ |
570 B 797 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mastcard-icon.png
shop.halfoffdeal.com/includes/template_9/themes/three/images/ |
711 B 938 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
visa-icon.png
shop.halfoffdeal.com/includes/template_9/themes/three/images/ |
527 B 754 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
192 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
15 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
dsms0mj1bbhn4.cloudfront.net/v2/3cef6467/ |
148 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
branch-v1.8.4.min.js
cdn.branch.io/ |
61 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shop-zip-search-cta-bg.png
spismovi.sirv.com/images/ |
23 KB 23 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-brands-400.woff2
halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/ |
76 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-solid-900.woff2
halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/ |
78 KB 78 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-regular-400.woff2
halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/ |
13 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294852.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 791 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294857.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 792 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294859.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 792 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294850.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 791 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294844.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 792 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294843.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 791 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294848.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 791 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294861.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 791 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294853.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 792 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294846.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 792 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294847.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 791 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294855.jpg
spismovi.sirv.com/images/promo_logo/ |
826 B 791 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
e
analytics.shareaholic.com/ |
43 B 380 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
97618602b2de2de87d4683f4dc4b6551.json
www.shareaholic.net/config/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_r
app.link/ |
91 B 630 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294846.jpg
spismovi.sirv.com/images/promo_logo/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294844.jpg
spismovi.sirv.com/images/promo_logo/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294843.jpg
spismovi.sirv.com/images/promo_logo/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294847.jpg
spismovi.sirv.com/images/promo_logo/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294853.jpg
spismovi.sirv.com/images/promo_logo/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294852.jpg
spismovi.sirv.com/images/promo_logo/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294855.jpg
spismovi.sirv.com/images/promo_logo/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294861.jpg
spismovi.sirv.com/images/promo_logo/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294848.jpg
spismovi.sirv.com/images/promo_logo/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294850.jpg
spismovi.sirv.com/images/promo_logo/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294859.jpg
spismovi.sirv.com/images/promo_logo/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
294857.jpg
spismovi.sirv.com/images/promo_logo/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ |
400 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 2823 |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 222 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 349 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
247 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 54B9 |
603 B 245 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
open
api.branch.io/v1/ |
277 B 652 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
partners.js
partner.shareaholic.com/ |
0 265 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
event
api.branch.io/v1/ |
206 B 581 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hod-app-logo-50x50.png
shop.halfoffdeals.com/local/assets3/img/ Frame 4C75 |
102 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 178D |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 5A99 |
829 B 995 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 178D |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 5A99 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 178D |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| dataLayer boolean| Ba object| webfont object| WebFont object| Sirv object| webpackChunkpublisher_sdk function| Shareaholic object| branch object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| googletag function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| publisherConfigLoaded function| __shrTracker object| GoogleGcLKhOms object| google_image_requests13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| halfoffdeals.com/ | Name: station_city Value: Hartville |
|
| halfoffdeals.com/ | Name: station_state Value: Ohio |
|
| .halfoffdeals.com/ | Name: last_visit Value: shop |
|
| halfoffdeals.com/ | Name: layout Value: thumbs |
|
| halfoffdeals.com/ | Name: perpage Value: 200 |
|
| halfoffdeals.com/ | Name: counter Value: 1 |
|
| halfoffdeals.com/ | Name: Index Value: 1 |
|
| .halfoffdeals.com/ | Name: _ga Value: GA1.2.733607368.1700642723 |
|
| .halfoffdeals.com/ | Name: _gid Value: GA1.2.19851681.1700642723 |
|
| .halfoffdeals.com/ | Name: _gat_UA-12186087-1 Value: 1 |
|
| .app.link/ | Name: _s Value: 3hw42YbjeildlrT5Ez7RG3Xd9XzIEBpL6TT3OVBBvQ8Kp2g2sxi7schlW5JtjUAp |
|
| .halfoffdeals.com/ | Name: _ga_6BZJXM3FQ9 Value: GS1.2.1700642722.1.0.1700642722.60.0.0 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.shareaholic.com
api.branch.io
app.link
cdn.branch.io
cdn.shareaholic.net
dsms0mj1bbhn4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
halfoffdeals.com
pagead2.googlesyndication.com
partner.shareaholic.com
region1.analytics.google.com
scripts.sirv.com
shop.halfoffdeal.com
shop.halfoffdeals.com
spismovi.sirv.com
stats.g.doubleclick.net
tpc.googlesyndication.com
wicked-deals.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.halfoffdeals.com
www.shareaholic.net
107.155.71.138
107.20.140.231
176.9.4.235
18.245.86.39
2001:4860:4802:34::36
2600:9000:2057:400:19:9934:6a80:93a1
2600:9000:2156:600:c:d51b:4400:93a1
2600:9000:2156:a200:c:d51b:4400:93a1
2600:9000:225e:9800:10:557c:b540:93a1
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::9d
52.2.210.240
54.197.98.98
88.198.9.15
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04adfc84bedcbac475002baf2e14cad38589206c97039ee4268fbbb3f1e582ed
07c7c710f368384c763bebd5870fa90add6ee4561aa6cc3555bfc901ff7ae730
08593708e69f34206ddee3e53c58791852f3250985cbb3f4912980e23c958072
086ed4aff54fc66770633c665577e22edcd10bf90ef648cc721e186449d44127
10b36631a9ecb0ef4b4807553742abe4742d3456edcb6e20a27e1ab8202df9ca
1640a660cc2a3667ed45c277ab2aa41cb01792feabae6d7d90f5a6f767572a1f
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
219040f9827388293bb6dc4c90adb33bb54e6ba3e391044c522c685e14669891
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91
26e1abc671498dbdb03f251f1455d012cf3db86881dab338cce8c5b9f0deb0f4
3a051871f56e34188bc13ecb7d79464663d64296fb9cf931bd0846265e9b4e53
3bf68072f901386910ab372bbafa63dfac5fcab065d8ad0c283dc9399c878a49
4a27dc34cb3f5f7428db6484af5b9aec3ed65f6f240f086dd7613257e974d129
4b9d24fff644d023c7646e8f7bb0d7687884bd64dc59264c5c1f8cbf1551224c
4bc8f8f14ea4eb53c771106278b5b1a6e891ac7fa56cda3f5d6de0d542005876
4c55098fa5ad7a344809859ce4c0b8f058ee736f0e239c71fe36427654423e0d
4d1f8469c77f3e509e9e402a7d5d8219415ac0d0ea8e24b2a11762a6cdbdcfc0
4dbe9a65bac303874f5057a4429d670f6c9615a0fb8e5491152e04bbb230db4d
4ffd45813ab1c07628a3d8b9b7e255140800000fcac4c840c8366f18607949b4
50ac146f884eadf16dd0b5a2b3a178525fd430818674308b5f6e9f401027c4a3
5325bde0be833368517c950983e053401ad56296910e1981c0186cdc6dc71a8d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3153652e8b78a20277720f47d62bec99878b1b53b84698cd6a9fe0c2c2b1e3
5ad7e7eaeaaa520ad151ee00a964052914f3a97bfa29c2f0bbf7e4e14577bb01
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
66cc3b327efee8acbc7b147c1e671dceb351a9aa5e81ef9f9568096471f28c1d
673167fe1ca5df6d6cafb4f0b2e812bb158e1369059e7f63a2ae45991c0f67ae
695a0fe8777f47d0e2569c7fece6104c82a4101ca35049c013fb2e23969ab75f
69d1554169d02998d4fd752647fe2df56e6ffffb507e5512ca5043e3b459e455
76c0b3d150a4d050b10e7d5d8aa8f8ac659a48c0a646cbe2f5a4896e8a6118c9
76d6e84086c74543be9a2552c844b228f70e4c9203206348a8db3adceb2ee4a0
80aae1954b5cf1b33ec90ec38a7f1d7c28c327cd76a8802c6fe8d1ba2000b9ab
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a2b86a44715f80bfa1722e05704088aae86d2bc4c8fc0944e6cd568b060d0ff
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a45e3249068840ddfd35ce58ec32d8da697f195a37d9e4a662ab75242e7c26ae
a872c2f924b57271951628b7051a095202183e9abe11bd91cc1f1861fc2a3671
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
b49568f806c70ad3042fcd89703f5b1d9e3a9bb5b7e7cd33b62773e41aa00b9a
b788285c5dd7b64633f72101d015c92824cb31fb90d7d0d6f35faf8344038ff8
b834a3988577acb26c605fa79838998d425f0a617eda2d32b526ff31fc2f6f19
bd7221537e032eab622face4e2a9c99f290f0a5e87039a2b3d7762f0469b1006
beacae3ecdd35703fabb1444d2b90e13749ceba013033c82d77c855d14634bc0
c332392b45256ab6c8e605787568c591e6aabfe2866b56a8d568e3901f95bc0c
c346363cfcaf37bc782e0df71b944f8d14b6794761071c542c489072a4db4ae0
c3f203fefd3197d0964d9b4872e7dca2c8f0d3fefe6690c5682d200edc34ee25
c7c8ad084add56b6612e42aba710c1e620dc161818a2c939b7279e3dbdac30f6
c980ffa3512f7665fd31046784812f7ac59f63fc74d9f822242b66bb13c60f50
cef8a09fcc1ad83ee5668f1e5b4ab2a85b9f151ecbce1691752608f6b1485cb9
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
d1c5084229e9ea54bedd13a063ccc24b5e32e486472d04b4fc42388aa2a4e64a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1173f117692720898aea4d1772a8da67331087411cc6820a119cf261eebce90
e1456476de5a35f7f8eab6e3711c9758b2b455115a2ee8cc02d7872ead085ad3
e2c3967cb6f41975785683f781b3fcc7cd3a8ec7fa1de7ecdbfe70c974563bca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f68a14ddae0a0b6804c340165d44de7b012809879739a178f316a554ff8777
e8a661108f54f98ea5561835883cf004e7c6d18f97376b7f67d2156233822b90
ea20700a16ed1157e6ebe11a02f874952e01449577b5ff170a745ae51874e6ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f666977e4288dbcfcca446afbd63964167d384a419faec41f9228ecd182ac906
f865f1d2b09275de8e0d21cba57a2c1123baca9987e52c00c1f814896981b926