www.safe2go.co.nz Open in urlscan Pro
104.21.34.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://safe2go.co.nz/
Effective URL:
http://www.safe2go.co.nz/
Submission: On February 03 via automatic, source certstream-suspicious (February 3rd 2023, 11:19:24 pm UTC) — Scanned from NZ

Summary HTTP 18 Redirects Links 3 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 104.21.34.220, located in and belongs to CLOUDFLARENET, US. The main domain is www.safe2go.co.nz.

This is the only time www.safe2go.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	172.67.209.190 172.67.209.190		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	104.21.34.220 104.21.34.220		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.4.95 142.250.4.95		15169 (GOOGLE) (GOOGLE)
1	142.251.10.97 142.251.10.97		15169 (GOOGLE) (GOOGLE)
3	172.217.194.94 172.217.194.94		15169 (GOOGLE) (GOOGLE)
18	4

1 172.67.209.190 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

safe2go.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.21.34.220 (None, )

ASN13335 (CLOUDFLARENET, US)

www.safe2go.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	safe2go.co.nz 1 redirects safe2go.co.nz www.safe2go.co.nz	107 KB
3	gstatic.com fonts.gstatic.com	93 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	37 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
18	4

	Domain	Requested by
13	www.safe2go.co.nz	www.safe2go.co.nz
3	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	www.safe2go.co.nz
1	fonts.googleapis.com	www.safe2go.co.nz
1	safe2go.co.nz	1 redirects
18	5

This site contains links to these domains. Also see Links.

Domain
1337x.org.uk
hot-maillogginn.se
hotmail-itaccedii.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.safe2go.co.nz/
Frame ID: 74B40C25577828D3E5CC987204DA3763
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Safe2go

Page URL History Show full URLs

https://safe2go.co.nz/ HTTP 301
http://www.safe2go.co.nz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

18
Requests

6 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

238 kB
Transfer

439 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://1337x.org.uk/
Title: 1337x

Search URL Search Domain Scan URL

URL: https://hot-maillogginn.se/
Title: hotmail inkorg

Search URL Search Domain Scan URL

URL: https://hotmail-itaccedii.com/
Title: hotmail

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://safe2go.co.nz/ HTTP 301
http://www.safe2go.co.nz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.safe2go.co.nz/
Redirect Chain

https://safe2go.co.nz/
http://www.safe2go.co.nz/

16 KB
6 KB

775ms
639ms

Document
text/html

104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28d2bca93c4612495ff6dce27a5690cd98cc46714b02ad7f0a2e316f1f4fae7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 793ee3fad8dd1c4e-AKL
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Feb 2023 23:19:17 GMT
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7S%2FHTDNr24gm64xXcXeLWVsWk2Vq5TI4k9YhAhj43m1WiK7eLqsvS4YJwXh4tKDMq8ik86NB8uLSfWF6IuWfAe3ppyrq5UiAoByDOdTp4ijvmfBu0UjZ8dauThG7sBDOXeuZg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Client-Verified: true
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 793ee3f93ffc1c50-AKL
date: Fri, 03 Feb 2023 23:19:16 GMT
expires: Sat, 04 Feb 2023 00:19:16 GMT
location: http://www.safe2go.co.nz/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okoiGVtFua9X7C0S%2BSpSZuOsvac%2F68RcV1tLN5%2FWj9fbfIZHxl3mOOItZKMscvlNdIximoJLQuwoXcTILi%2Bbjo9pIghhG3GbYgIdHrCb8wobhe65%2FOPYRfGeDsk0N%2Bmt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK style.css
www.safe2go.co.nz/wp-content/themes/beautiful-pro/ 27 KB
7 KB 883ms
882ms Stylesheet
text/css 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-content/themes/beautiful-pro/style.css?ver=1.1
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7d7addef33ca8a276f92697606e3cc8e6a1348201c54d232f788bef75d6849

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb2-6d53"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAXZ8UO2qIuHgnYh4RsAxQ9xQ5f373TeW87jdjERq65F9Qg7SCuGMb6FhjBZ3lV3iLirpUwV%2FdgiluOKbzI%2BR4SxT144IOM%2FEco9XxjY97YVf4iBb%2B6dxrKnW2S8Zevc7DlBvA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee3fee8131c4e-AKL

GET
H/1.1 200
OK style.min.css
www.safe2go.co.nz/wp-includes/css/dist/block-library/ 40 KB
7 KB 1017ms
897ms Stylesheet
text/css 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb3-a1fb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOa0%2Fi3XS4o2PZaBUChMZOOmsY913IQG2bjNm7vPoX4Ib9irES1haln5N5jtsElMhA6lNx8nRMG8jYiRU6gobQEtvQ8H6C4KQnYSCRh3%2BftcJdGTc%2FSehcULgLBJNCP92xuVng%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee3ffa8c61c4c-AKL

GET
H/1.1 200
OK kk-star-ratings.css
www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/css/ 3 KB
1 KB 764ms
644ms Stylesheet
text/css 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70211e8296c52b3feb952e99accc2d44101ab3f2d8d20d912a3f544113af17ac

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb2-ba4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbwZaokW3Uv9HZxrJBXUpYTRHTG%2B0DAmCbMYbo%2BKXhET4Hg2Uc5SRuXsMw4JarVF%2F4urujQ1foRMb%2FCCJhJBIKA81NPReV%2BcqQ1D8gU2ctm%2FPlvhUVki9GAdxp035eJ8o63%2FHw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee3ffadcc1c5c-AKL

GET
H/1.1 200
OK dashicons.min.css
www.safe2go.co.nz/wp-includes/css/ 45 KB
29 KB 1015ms
895ms Stylesheet
text/css 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-includes/css/dashicons.min.css?ver=5.8
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb3-b518"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak0RbS2JKCoMYOfU0wkgDt0LJ9NTweXBTZzjN%2BFJ95uJu0zaa04A%2BHY3CPtGROXvO5qfwg%2B%2BghrJfymzvWw4sk4Ze3rdKcSMC%2BxMd%2Bot4sFFPWSEVLyx0VL6hhC9EGQrRZzjxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee3ffaab9eeaa-AKL

GET
H/1.1 200
OK css
fonts.googleapis.com/ 5 KB
1 KB 553ms
276ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:400,500&ver=1.1

Requested by

Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/

Protocol

HTTP/1.1

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

e1f5ad4580ed4186582f38f05ca52750f3c57aab042fab76f310dcfb9137dc33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Fri, 03 Feb 2023 23:19:17 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 03 Feb 2023 23:19:17 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.safe2go.co.nz/wp-includes/js/jquery/ 87 KB
31 KB 1265ms
1145ms Script
application/javascript 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb3-15d98"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMX6xKTjeXJyOHl3krigfTus1liYC6nyv%2F4YtAcvnHqYs%2F0BpEvFsrqsyVI3hxjxkhh%2Fk3%2BRF%2BWtTRGlxeXjZCKZdvEVj17BsReiaeUL4oxcuH1osTXMnRTFoU%2F2yj6gRv9Z9g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee3ffaf2b1c57-AKL

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.safe2go.co.nz/wp-includes/js/jquery/ 11 KB
5 KB 762ms
643ms Script
application/javascript 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb3-2bd8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F0qG9QnvGdj%2FTmt8GtEGhJ2W3xEb1OxcKBQbIMtTAdwzHfjsBmLlP%2B3WL6RWFw13Zp1I1mnsKi8MEhA3573jCg24gaV7tAlceeuv97nR6kBNtvnZWZn65sVTq4mEmwl4f95NA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee3ffaefb1c5d-AKL

GET
H/1.1 200
OK responsive-menu.js Show response
www.safe2go.co.nz/wp-content/themes/beautiful-pro/js/ 867 B
1 KB 1393ms
630ms Script
application/javascript 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-content/themes/beautiful-pro/js/responsive-menu.js?ver=1.0.0
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf820c2e5608b055b98402b2f885df349d9f9e605ff3fd7a4c03f1c49d5c8264

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb2-363"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuaywoMQ%2BpARhwkLlsw18tH%2Bg82M4RS5U7IV7yfCFKS1Tlfny0xOmJxleo5bkivcGEoFxpjx4MhpsU5tNyZwgyvdw6XOMny3X0TKbNx27xl9cKxvdfjU0a7aSSIJ4pSWhpbURQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee403ae771c5d-AKL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 830ms
278ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=__

Requested by

Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

159109ab083a756eea7c5c7fc1c64228811eafd4b3c6282cf6479e43a00576c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 23:19:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37767
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 23:02:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 23:19:19 GMT

GET
H/1.1 200
OK kk-star-ratings.js Show response
www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/js/ 2 KB
1 KB 1396ms
632ms Script
application/javascript 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/js/kk-star-ratings.js?ver=4.2.0
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c0ce32234af999076b48518b249d477718550593a782e170f159477e8b4265

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb2-77f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sr5Xxg7q5sKZA%2BP4Y67aIWd5fkPm0a%2BulxUhOMA2COJLZnGVo%2B%2F0A8m1w1JqgckIrOs5akx1BglfA7zZH4WTubPTX8ezRJAU1TuuIzAvvBM0VdIVvcejInZTEDH0osSEx84Img%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee403acd61c5c-AKL

GET
H/1.1 200
OK wp-embed.min.js Show response
www.safe2go.co.nz/wp-includes/js/ 1 KB
2 KB 1518ms
632ms Script
application/javascript 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.safe2go.co.nz/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ec2c2139c31c4b7f71e43a6069d860a12c6b7015f90e17b2755f7ea5178016

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:18 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb3-57b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3pzlNu5qKt2VhB6sQT0Zy9Iwl96NLgMex7Dz1Hqze8UgKO219AfhLyoIkRzQRW5KEGEu384dK4jicrXAa1oN0vqoeD5%2FwQ0h%2BGtCXdM%2FyVHjGeSiBCKdPzM3rV5klYjld0txg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee40469e31c4e-AKL

GET
H/1.1 200
OK inactive.svg
www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/svg/ 223 B
1 KB 377ms
376ms Image
image/svg+xml 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/svg/inactive.svg
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d06a8516d69db767242f13cc35e99194cf0d263fd5221673ac5aef02723e3c0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:19 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb2-df"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7Nly%2BUd2GpLpcYSL9Ol%2FQkjvarY4vGpWmg1nx8ahrzO4EEPVSfRn89VnITvMzEr1fhZf1kgX4jfipRjywxX9h0MEgyEXuhHtkjBo5HSyl6unhmAa%2B0n3PA4GX7nzvx8pvS2TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Referer: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee407ad4e1c5c-AKL

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 545ms
272ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:400,500&ver=1.1

Protocol

HTTP/1.1

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.safe2go.co.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 28 Jan 2023 09:09:26 GMT
X-Content-Type-Options: nosniff
Age: 569393
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 46524
X-XSS-Protection: 0
Last-Modified: Mon, 18 Jul 2022 19:58:01 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 28 Jan 2024 09:09:26 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 546ms
273ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:400,500&ver=1.1

Protocol

HTTP/1.1

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.safe2go.co.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:25:58 GMT
X-Content-Type-Options: nosniff
Age: 39201
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23236
X-XSS-Protection: 0
Last-Modified: Tue, 26 Apr 2022 16:04:12 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 03 Feb 2024 12:25:58 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 546ms
274ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:400,500&ver=1.1

Protocol

HTTP/1.1

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.safe2go.co.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 23:20:57 GMT
X-Content-Type-Options: nosniff
Age: 604702
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23040
X-XSS-Protection: 0
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 27 Jan 2024 23:20:57 GMT

GET
H/1.1 200
OK Tutu-Helper-Not-Working-Fix.jpg
www.safe2go.co.nz/wp-content/uploads/2018/04/ 14 KB
15 KB 883ms
882ms Image
image/jpeg 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.safe2go.co.nz/wp-content/uploads/2018/04/Tutu-Helper-Not-Working-Fix.jpg
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d33a46c7a67658a556bc52da824f9ea2c381999d4ee695d60a730c2c6e3f8d70

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:19 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14626
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: "63dc2cb2-3922"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qyk9pigDCxe5g%2F0vN5DMwQxoRuo6xxI4lBP8gPgUbxmxV9d9vvcpbI3x3XZpG2iiqegeFFXSHpfV4sE9M%2BYXmrBygh9V9YfFTgmrrA0izgD1utbiWpAtHNJ6pyNydRJcytz4Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
X-Client-Verified: true
Accept-Ranges: bytes
CF-RAY: 793ee407ce2a1c5d-AKL

GET
H/1.1 200
OK selected.svg
www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/svg/ 241 B
1 KB 630ms
629ms Image
image/svg+xml 104.21.34.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/svg/selected.svg
Requested by: Host: www.safe2go.co.nz
URL: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
Protocol: HTTP/1.1
Server: 104.21.34.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1306429d2b410360b1179c5d441febb39602e66f7fef56751cd26fa63b12b4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 23:19:20 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 02 Feb 2023 21:35:46 GMT
Server: cloudflare
ETag: W/"63dc2cb2-f1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1YyPW2nXrcVK4HtN7NBLb647dHg%2FXoeNme0yYxv83Z2OL1Wqj%2B3GfHIUJY%2BInADJUNPFvM33H9FtCMLy0ESGrg8a5LdH2nS64IwDJxiZgLkTzQ8Q%2Bh73LoLBs%2Bm8gmXWiL3iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Referer: http://www.safe2go.co.nz/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
Cache-Control: max-age=14400
X-Client-Verified: true
CF-RAY: 793ee40d3fda1c5c-AKL

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange undefined| $ function| jQuery function| gtag object| dataLayer object| kk_star_ratings object| wp object| google_tag_manager

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
safe2go.co.nz
www.googletagmanager.com
www.safe2go.co.nz
104.21.34.220
142.250.4.95
142.251.10.97
172.217.194.94
172.67.209.190
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0d06a8516d69db767242f13cc35e99194cf0d263fd5221673ac5aef02723e3c0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
159109ab083a756eea7c5c7fc1c64228811eafd4b3c6282cf6479e43a00576c3
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
66ec2c2139c31c4b7f71e43a6069d860a12c6b7015f90e17b2755f7ea5178016
70211e8296c52b3feb952e99accc2d44101ab3f2d8d20d912a3f544113af17ac
b8c0ce32234af999076b48518b249d477718550593a782e170f159477e8b4265
bf820c2e5608b055b98402b2f885df349d9f9e605ff3fd7a4c03f1c49d5c8264
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
d33a46c7a67658a556bc52da824f9ea2c381999d4ee695d60a730c2c6e3f8d70
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dc7d7addef33ca8a276f92697606e3cc8e6a1348201c54d232f788bef75d6849
e1f5ad4580ed4186582f38f05ca52750f3c57aab042fab76f310dcfb9137dc33
e28d2bca93c4612495ff6dce27a5690cd98cc46714b02ad7f0a2e316f1f4fae7
ff1306429d2b410360b1179c5d441febb39602e66f7fef56751cd26fa63b12b4