urlscan.io logo urlscan.io
SecurityTrails logo

signin.co Open in urlscan Pro
162.144.18.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://signin.co/
Submission: On August 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 45 HTTP transactions. The main IP is 162.144.18.65, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is signin.co.
TLS certificate: Issued by R11 on August 25th 2024. Valid for: 3 months.
This is the only time signin.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 162.144.18.65 46606 (UNIFIEDLA...)
5 3.160.150.33 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.28.249.216 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
45 9
18    162.144.18.65 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-18-65.unifiedlayer.com
signin.co
5    3.160.150.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-33.fra60.r.cloudfront.net
platform.illow.io
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    52.28.249.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-249-216.eu-central-1.compute.amazonaws.com
api.platform.illow.io
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
18 signin.co
signin.co
254 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
8 illow.io
platform.illow.io — Cisco Umbrella Rank: 111152
api.platform.illow.io — Cisco Umbrella Rank: 127853
104 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
263 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 4519
pixel.wp.com — Cisco Umbrella Rank: 4225
3 KB
45 7
Domain Requested by
18 signin.co signin.co
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 platform.illow.io signin.co
platform.illow.io
4 pagead2.googlesyndication.com signin.co
pagead2.googlesyndication.com
3 api.platform.illow.io platform.illow.io
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com signin.co
1 pixel.wp.com signin.co
1 stats.wp.com signin.co
45 9

This site contains links to these domains. Also see Links.

Domain
www.everfi.com
platform.everfi.net
info.everfi.com
Subject Issuer Validity Valid
*.signin.co
R11		 2024-08-25 -
2024-11-23		 3 months crt.sh
platform.illow.io
Amazon RSA 2048 M03		 2024-02-14 -
2025-03-15		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
api.platform.illow.io
Amazon RSA 2048 M02		 2023-11-27 -
2024-12-26		 a year crt.sh

This page contains 10 frames:

Primary Page: https://signin.co/
Frame ID: D2C6729B8A22275119754A69FA9C9805
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Frame ID: 2AFEE88845052CB3DF9442EF50748B31
Requests: 1 HTTP requests in this frame

Frame: https://platform.illow.io/banner.css
Frame ID: 85673EA1E0B41AC3DCFFF490D4171486
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7745563792247783&output=html&h=280&slotname=2942790958&adk=2459949521&adf=628985047&pi=t.ma~as.2942790958&w=790&abgtt=3&fwrn=4&fwrnh=100&lmt=1724620354&rafmt=1&format=790x280&url=https%3A%2F%2Fsignin.co%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724620354254&bpp=3&bdt=1682&idt=23&shv=r20240821&mjsv=m202408210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=4050785098926&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334829%2C95338228%2C31086467%2C95340284%2C95340253%2C95340255&oid=2&pvsid=4147395707538371&tmod=469972978&uas=0&nvt=1&fc=896&brdim=950%2C950%2C950%2C950%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=388
Frame ID: 9C834C58EF138B2976DCD312B7CA4949
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7745563792247783&output=html&h=280&slotname=2147448956&adk=3010216787&adf=3762937111&pi=t.ma~as.2147448956&w=336&lmt=1724620354&url=https%3A%2F%2Fsignin.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724620354254&bpp=348&bdt=1683&idt=30&shv=r20240821&mjsv=m202408210101&ptt=5&saldr=sd&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=790x280&correlator=4050785098926&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=497&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334829%2C95338228%2C31086467%2C95340284%2C95340253%2C95340255&oid=2&pvsid=4147395707538371&tmod=469972978&uas=0&nvt=1&fc=896&brdim=950%2C950%2C950%2C950%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=396
Frame ID: 15EA267BD94696DA8AD0439988C8707A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7745563792247783&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1724620354&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsignin.co%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_18~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724620354254&bpp=1&bdt=1682&idt=31&shv=r20240821&mjsv=m202408210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=790x280&prev_slotnames=2147448956&nras=1&correlator=4050785098926&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334829%2C95338228%2C31086467%2C95340284%2C95340253%2C95340255&oid=2&pvsid=4147395707538371&tmod=469972978&uas=0&nvt=1&fsapi=1&fc=896&brdim=950%2C950%2C950%2C950%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=398
Frame ID: 0136DC3805240A6AB4377CAD03722F0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Frame ID: DA32DBBA76DACF8A438FF006DF7693BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Frame ID: 92D58E66ABD448C1295EF0794C05F4A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Frame ID: A3153F73433DE459BC2582CFD1F64DD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Frame ID: BE9280A29D96825C8DF9439ED55B59C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In – Learn How to Access The Most Popular Sites and Services on The Web

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

671 kB
Transfer

1673 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
signin.co/ 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
2ae0ff1d42ca1d5e42127e7cc814e41159f44e440ad6a2e50f3b6589731e74bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
11259
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 25 Aug 2024 21:12:32 GMT
link
<https://signin.co/wp-json/>; rel="https://api.w.org/", <https://wp.me/3abmH>; rel=shortlink
server
Apache
vary
accept,content-type,Accept-Encoding
style.css
signin.co/wp-content/themes/mocha/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
7d6039cd992a42c8c7b3bd1c257378d314b008f66d52d77ed6931105a035438e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Thu, 23 Aug 2018 19:22:10 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8549
style.min.css
signin.co/wp-includes/css/dist/block-library/ 		110 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Tue, 23 Jul 2024 19:28:54 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
mediaelementplayer-legacy.min.css
signin.co/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Thu, 04 Mar 2021 00:03:54 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3239
wp-mediaelement.min.css
signin.co/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.1
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Thu, 12 Dec 2019 15:35:43 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1298
jetpack.css
signin.co/wp-content/plugins/jetpack/css/ 		106 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-content/plugins/jetpack/css/jetpack.css?ver=13.7
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
448c2c8f586e597e18732391de3038defacd4fc0e67f1ff0378d0a62e2949f7a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Fri, 16 Aug 2024 17:43:13 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
jquery.min.js
signin.co/wp-includes/js/jquery/ 		86 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Fri, 17 Nov 2023 19:28:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
jquery-migrate.min.js
signin.co/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Thu, 21 Sep 2023 21:28:06 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5422
banner.js
platform.illow.io/ 		191 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/banner.js?siteId=143e8c77-3cd7-433c-913c-6ee9b6d74471
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50d959e47d33ed728ef5f7832132638e76230288203cd34056acece550d6183e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:27:49 GMT
x-amz-version-id
dBdlpYgkboLCCdsJuAMu81P4KPswEBkp
content-encoding
br
content-security-policy
upgrade-insecure-requests;
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P7
age
24285
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Aug 2024 14:27:44 GMT
server
AmazonS3
etag
W/"3b915cde7e86752ca8d605e791efe0c6"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=UTF-8
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
ytvUtoaxO-jcI3uYiHBjuYyAlB_taq6cu8UnxfmljYWYcqo6HtAKPw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81fb80739a6afd0c1e7afeafccef7066f88f221c7a6af4190c42819e0a1b4979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 21:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52445
x-xss-protection
0
server
cafe
etag
9304925105614612178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 25 Aug 2024 21:12:33 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58c3652b2ffdce21048e41261259b58586bc37a88f8ca40d5c040f947370a1cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 21:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10019
x-xss-protection
0
server
cafe
etag
13569917862336501824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Aug 2024 21:12:32 GMT
hoverIntent.min.js
signin.co/wp-includes/js/ 		1 KB
780 B 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Thu, 24 Nov 2022 14:59:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
707
superfish.min.js
signin.co/wp-content/themes/genesis/lib/js/menu/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Thu, 12 Dec 2019 15:37:23 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2030
superfish.args.min.js
signin.co/wp-content/themes/genesis/lib/js/menu/ 		132 B
164 B 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.10.1
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:32 GMT
last-modified
Thu, 12 Dec 2019 15:37:23 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
132
superfish.compat.min.js
signin.co/wp-content/themes/genesis/lib/js/menu/ 		109 B
176 B 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-content/themes/genesis/lib/js/menu/superfish.compat.min.js?ver=2.10.1
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
6aad03dd3214113034d4d498ce288551aea85b38bd9b0e0dcda9d0b02230dbdd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:33 GMT
last-modified
Thu, 12 Dec 2019 15:37:23 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
121
e-202434.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202434.js
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Sun, 25 Aug 2024 21:12:34 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14421-1717166114261.106
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sat, 16 Aug 2025 19:30:52 GMT
4cf504c7-e4b5-4016-89b6-5718f7f8dd6c
https://signin.co/ Frame 		0
0
css
fonts.googleapis.com/ 		1 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dancing+Script
Requested by
Host: signin.co
URL: https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
882060e986e2286852e9eb4f86e1e819cbbaefb8049ecc89d1b2d6434e7590cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 21:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Aug 2024 21:04:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Aug 2024 21:12:33 GMT
css
fonts.googleapis.com/ 		402 B
386 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif
Requested by
Host: signin.co
URL: https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0316c13c78215f53b18fc21e7f94789ed56484b5d964670a44ce6fca2f4c6fac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 21:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Aug 2024 19:21:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Aug 2024 21:12:33 GMT
bg.png
signin.co/wp-content/themes/mocha/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.co/wp-content/themes/mocha/images/bg.png
Requested by
Host: signin.co
URL: https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
84f440c3a9e50b16116f75fcdf938db5c0e075a37f7c834e9f3c1c8ef2669b3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Sun, 25 Aug 2024 21:12:33 GMT
last-modified
Thu, 23 Aug 2018 19:22:10 GMT
server
Apache
accept-ranges
bytes
content-length
4629
content-type
image/png
dark-bg.png
signin.co/wp-content/themes/mocha/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.co/wp-content/themes/mocha/images/dark-bg.png
Requested by
Host: signin.co
URL: https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
f31fdb46185464cebb7dc2cbb294235d3b9fc74fa8e1e2342032a0a3dfdc1c62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Sun, 25 Aug 2024 21:12:33 GMT
last-modified
Thu, 23 Aug 2018 19:22:10 GMT
server
Apache
accept-ranges
bytes
content-length
11715
content-type
image/png
content-bg.png
signin.co/wp-content/themes/mocha/images/ 		126 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.co/wp-content/themes/mocha/images/content-bg.png
Requested by
Host: signin.co
URL: https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
30e9790caee986138e4e523d0781012c575ab9b8c4cdd27db0f412920b28dfea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Sun, 25 Aug 2024 21:12:33 GMT
last-modified
Thu, 23 Aug 2018 19:22:10 GMT
server
Apache
accept-ranges
bytes
content-length
126
content-type
image/png
gradient.png
signin.co/wp-content/themes/mocha/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.co/wp-content/themes/mocha/images/gradient.png
Requested by
Host: signin.co
URL: https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
2efe179e3270fbb48f8beb9585b516df0f092f4065021cb641e401ce6a043ba2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Sun, 25 Aug 2024 21:12:33 GMT
last-modified
Thu, 23 Aug 2018 19:22:10 GMT
server
Apache
accept-ranges
bytes
content-length
2892
content-type
image/png
sidebar-bg.png
signin.co/wp-content/themes/mocha/images/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signin.co/wp-content/themes/mocha/images/sidebar-bg.png
Requested by
Host: signin.co
URL: https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
21608e5d6658053083ba4ff070754f38513ea11085dd2e13017a5a6866089ec0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/wp-content/themes/mocha/style.css?ver=2.0.1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Sun, 25 Aug 2024 21:12:33 GMT
last-modified
Thu, 23 Aug 2018 19:22:10 GMT
server
Apache
accept-ranges
bytes
content-length
113093
content-type
image/png
If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
fonts.gstatic.com/s/dancingscript/v25/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v25/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dancing+Script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3270680fc889eabfb9c410ee690161071f237679a90171a0a67b09142b8d382c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://signin.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:07:42 GMT
x-content-type-options
nosniff
age
457492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24016
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:07:42 GMT
tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://signin.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:08:04 GMT
x-content-type-options
nosniff
age
457470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22476
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:19:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:08:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/ 		431 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff5224d90637a62d2680ff7b9fe07d708a8920cfd6cd628e26616024364ec36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 21:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147408
x-xss-protection
0
server
cafe
etag
7719724783492413014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 25 Aug 2024 21:12:34 GMT
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=46755979&post=0&tz=0&srv=signin.co&j=1%3A13.7&host=signin.co&ref=&fcp=2511&rand=0.8358775152741749
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 25 Aug 2024 21:12:34 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
signin.co/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signin.co/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: signin.co
URL: https://signin.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.18.65 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-18-65.unifiedlayer.com
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Sun, 25 Aug 2024 21:12:34 GMT
last-modified
Fri, 03 May 2024 21:14:52 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5365
de.json
platform.illow.io/translations/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/translations/de.json
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=143e8c77-3cd7-433c-913c-6ee9b6d74471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9575405528b7923f5ba1636d38db7555141aeb581989af97695f9b8e2fa37256
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
yutNNN05gkesjDskmLaxWBLdAo8zMAzh
content-encoding
gzip
via
1.1 6dcc6937cfa978a65f9d5d75296b24a6.cloudfront.net (CloudFront)
date
Sun, 25 Aug 2024 18:22:25 GMT
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
FRA60-P7
age
10210
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Aug 2024 14:27:47 GMT
server
AmazonS3
etag
W/"c6119cd2601e721bf15adf11d32a2e9e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
Z-DfoE9R1rSfjBXFAUmdl-MQm2hngdKPDImKIQuzdNRikGd7WlEYlQ==
143e8c77-3cd7-433c-913c-6ee9b6d74471
api.platform.illow.io/public/cookies/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/cookies/143e8c77-3cd7-433c-913c-6ee9b6d74471?lng=de
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=143e8c77-3cd7-433c-913c-6ee9b6d74471
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.249.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-249-216.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
91c254275b1759631ea74e19cc6646725baef01fe0ba1e3d46129449d802028a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 21:12:34 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
2525
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"9dd-xPQExNhbEyVvy2uo0G6/U1SFO8E"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
configurations
api.platform.illow.io/public/cookies/143e8c77-3cd7-433c-913c-6ee9b6d74471/ 		126 B
790 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/cookies/143e8c77-3cd7-433c-913c-6ee9b6d74471/configurations
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=143e8c77-3cd7-433c-913c-6ee9b6d74471
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.249.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-249-216.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2a43ed824a384bde6619148342373f8460ea3b1659354a2c83788d376c79e3c4
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 21:12:34 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
126
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"7e-CEMHoBytSkQh+rhc/HRv4o49sqw"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
143e8c77-3cd7-433c-913c-6ee9b6d74471
api.platform.illow.io/public/banner-customization/ 		522 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/banner-customization/143e8c77-3cd7-433c-913c-6ee9b6d74471?lng=de
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=143e8c77-3cd7-433c-913c-6ee9b6d74471
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.249.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-249-216.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
82176056945e5e48115212690e2fca931c2bccd8665d8a49de5609a2bf30790a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 21:12:34 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
522
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"20a-a8Sbyxdo4N8W2GPvcAvDhwwKwzg"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/ Frame 2AFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
35389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Aug 2024 11:22:45 GMT
etag
5947459844715414650
expires
Sun, 08 Sep 2024 11:22:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
banner.css
platform.illow.io/ Frame 8567 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/banner.css
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=143e8c77-3cd7-433c-913c-6ee9b6d74471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72db989c6bb03ad406ec0b2c8d3d94c3d70572fd2d78537c1ca58eb979eb6366
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
1JrqUa4c6zGVplfsb_znoXhP_DM_I_Ms
content-encoding
br
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
date
Sun, 25 Aug 2024 19:50:34 GMT
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
FRA60-P7
age
4921
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Aug 2024 14:27:42 GMT
server
AmazonS3
etag
W/"2ba028b69c45cf074dca939ebda11500"
vary
Accept-Encoding, Origin
content-type
text/css
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
EFR2GRT2KzRgnVRiCXetgnKnXAJk0M9vTvWJzjwONhj7IgLNl237NQ==
ads
googleads.g.doubleclick.net/pagead/ Frame 9C83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7745563792247783&output=html&h=280&slotname=2942790958&adk=2459949521&adf=628985047&pi=t.ma~as.2942790958&w=790&abgtt=3&fwrn=4&fwrnh=100&lmt=1724620354&rafmt=1&format=790x280&url=https%3A%2F%2Fsignin.co%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724620354254&bpp=3&bdt=1682&idt=23&shv=r20240821&mjsv=m202408210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=4050785098926&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334829%2C95338228%2C31086467%2C95340284%2C95340253%2C95340255&oid=2&pvsid=4147395707538371&tmod=469972978&uas=0&nvt=1&fc=896&brdim=950%2C950%2C950%2C950%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38587
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Aug 2024 21:12:35 GMT
expires
Sun, 25 Aug 2024 21:12:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 15EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7745563792247783&output=html&h=280&slotname=2147448956&adk=3010216787&adf=3762937111&pi=t.ma~as.2147448956&w=336&lmt=1724620354&url=https%3A%2F%2Fsignin.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724620354254&bpp=348&bdt=1683&idt=30&shv=r20240821&mjsv=m202408210101&ptt=5&saldr=sd&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=790x280&correlator=4050785098926&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=497&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334829%2C95338228%2C31086467%2C95340284%2C95340253%2C95340255&oid=2&pvsid=4147395707538371&tmod=469972978&uas=0&nvt=1&fc=896&brdim=950%2C950%2C950%2C950%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=396
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38460
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Aug 2024 21:12:35 GMT
expires
Sun, 25 Aug 2024 21:12:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0136 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7745563792247783&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1724620354&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsignin.co%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_18~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724620354254&bpp=1&bdt=1682&idt=31&shv=r20240821&mjsv=m202408210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=790x280&prev_slotnames=2147448956&nras=1&correlator=4050785098926&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95334829%2C95338228%2C31086467%2C95340284%2C95340253%2C95340255&oid=2&pvsid=4147395707538371&tmod=469972978&uas=0&nvt=1&fsapi=1&fc=896&brdim=950%2C950%2C950%2C950%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=398
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
73885
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Aug 2024 21:12:35 GMT
expires
Sun, 25 Aug 2024 21:12:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
inter-1ZL7W0Q5nw.269fabf1.woff2
platform.illow.io/ Frame 8567 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/inter-1ZL7W0Q5nw.269fabf1.woff2
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.illow.io/banner.css
Origin
https://signin.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 19:51:39 GMT
x-amz-version-id
oDD437cZl4fcET5xgjgkHLfcc59Y29yt
via
1.1 6dcc6937cfa978a65f9d5d75296b24a6.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P7
age
4857
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37780
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Aug 2024 14:27:42 GMT
server
AmazonS3
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
accept-ranges
bytes
x-amz-cf-id
57B2qOQ7l_5RiudhEI_FpBj0PUzYl4Jih_P-U0SjK3oZGkOmYeEijA==
inter-1ZL7W0Q5nw.269fabf1.woff2
platform.illow.io/ Frame 8567 		37 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/inter-1ZL7W0Q5nw.269fabf1.woff2
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.illow.io/banner.css
Origin
https://signin.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 19:51:39 GMT
x-amz-version-id
oDD437cZl4fcET5xgjgkHLfcc59Y29yt
via
1.1 6dcc6937cfa978a65f9d5d75296b24a6.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P7
age
4857
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37780
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Aug 2024 14:27:42 GMT
server
AmazonS3
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
accept-ranges
bytes
x-amz-cf-id
57B2qOQ7l_5RiudhEI_FpBj0PUzYl4Jih_P-U0SjK3oZGkOmYeEijA==
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/ 		171 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/reactive_library_fy2021.js?bust=31086467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90796f9c9f18d21767535c19726098c6fdce4411d65ef9ce58a8da2e5e86f795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 21:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58965
x-xss-protection
0
server
cafe
etag
6691401814334183798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Aug 2024 21:12:35 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/ Frame DA32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
35389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Aug 2024 11:22:45 GMT
etag
5947459844715414650
expires
Sun, 08 Sep 2024 11:22:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/ Frame 92D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
35389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Aug 2024 11:22:45 GMT
etag
5947459844715414650
expires
Sun, 08 Sep 2024 11:22:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/ Frame A315 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
35389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Aug 2024 11:22:45 GMT
etag
5947459844715414650
expires
Sun, 08 Sep 2024 11:22:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/ Frame BE92 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7745563792247783&plah=signin.co&bust=31086467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://signin.co/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
35389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Aug 2024 11:22:45 GMT
etag
5947459844715414650
expires
Sun, 08 Sep 2024 11:22:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
signin.co
URL
blob:https://signin.co/4cf504c7-e4b5-4016-89b6-5718f7f8dd6c

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| _wpemojiSettings function| jQuery object| illow object| __tcfapiQueue function| __tcfapi object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| st_go function| linktracker_init object| wpcom object| _stq object| google_ama_state number| google_rum_task_id_counter object| wibson function| google_sa_impl object| dataLayer function| gtag number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| google_llp object| googletag

13 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUntf3zcbY8RthNmUxjfnFbtb9ETBBxp4n62mdqwbkfGFTtayhCHx6LLOKFsmQk
.signin.co/ Name: __gads
Value: ID=0f81db8ce2c7fba3:T=1724620354:RT=1724620354:S=ALNI_MZGIagzgQp8nsLcWngEJHk91KyGHg
.signin.co/ Name: __gpi
Value: UID=00000ea5e74ee002:T=1724620354:RT=1724620354:S=ALNI_MZ4DFPxgtnmipktzWGdEbIJuRwYbA
.signin.co/ Name: __eoi
Value: ID=0dac68c8c770c377:T=1724620354:RT=1724620354:S=AA-AfjaYsmjq5mELNJQV2RQav9hy
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZsueRLmqPYMAAAHrAZiDqwAA
.casalemedia.com/ Name: CMPS
Value: 3230
.casalemedia.com/ Name: CMPRO
Value: 3230
.doubleclick.net/ Name: APC
Value: AfxxVi4H6uDZMxEIt5eOgavo1yrQgo6JyJCZXztSw8WTEcafOE5i5Q
.googleadservices.com/ Name: ar_debug
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.platform.illow.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.com
platform.illow.io
signin.co
stats.wp.com
signin.co
162.144.18.65
192.0.76.3
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::200a
3.160.150.33
52.28.249.216
0316c13c78215f53b18fc21e7f94789ed56484b5d964670a44ce6fca2f4c6fac
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
21608e5d6658053083ba4ff070754f38513ea11085dd2e13017a5a6866089ec0
2a43ed824a384bde6619148342373f8460ea3b1659354a2c83788d376c79e3c4
2ae0ff1d42ca1d5e42127e7cc814e41159f44e440ad6a2e50f3b6589731e74bb
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2efe179e3270fbb48f8beb9585b516df0f092f4065021cb641e401ce6a043ba2
30e9790caee986138e4e523d0781012c575ab9b8c4cdd27db0f412920b28dfea
3270680fc889eabfb9c410ee690161071f237679a90171a0a67b09142b8d382c
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
448c2c8f586e597e18732391de3038defacd4fc0e67f1ff0378d0a62e2949f7a
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50d959e47d33ed728ef5f7832132638e76230288203cd34056acece550d6183e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58c3652b2ffdce21048e41261259b58586bc37a88f8ca40d5c040f947370a1cc
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
6aad03dd3214113034d4d498ce288551aea85b38bd9b0e0dcda9d0b02230dbdd
72db989c6bb03ad406ec0b2c8d3d94c3d70572fd2d78537c1ca58eb979eb6366
7d6039cd992a42c8c7b3bd1c257378d314b008f66d52d77ed6931105a035438e
81fb80739a6afd0c1e7afeafccef7066f88f221c7a6af4190c42819e0a1b4979
82176056945e5e48115212690e2fca931c2bccd8665d8a49de5609a2bf30790a
84f440c3a9e50b16116f75fcdf938db5c0e075a37f7c834e9f3c1c8ef2669b3f
882060e986e2286852e9eb4f86e1e819cbbaefb8049ecc89d1b2d6434e7590cd
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
90796f9c9f18d21767535c19726098c6fdce4411d65ef9ce58a8da2e5e86f795
91c254275b1759631ea74e19cc6646725baef01fe0ba1e3d46129449d802028a
9575405528b7923f5ba1636d38db7555141aeb581989af97695f9b8e2fa37256
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f31fdb46185464cebb7dc2cbb294235d3b9fc74fa8e1e2342032a0a3dfdc1c62
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
ff5224d90637a62d2680ff7b9fe07d708a8920cfd6cd628e26616024364ec36b