www.gocase.com Open in urlscan Pro
2606:4700:20::681a:77f  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request 50-percent-off. Show response www.gocase.com/	147 KB 40 KB	591ms 558ms	Document text/html	2606:4700:20::681a:77f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:77f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 120768a91be5cee8732eb1c767b36a193d831b23625a31e547206dcb44b72638 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sun, 28 Nov 2021 17:02:28 GMT content-type text/html; charset=utf-8 cache-control max-age=0, s-maxage=0, must-revalidate server-timing total;dur=77;desc="Nuxt Server Time" vary Accept-Encoding x-envoy-upstream-service-time 82 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLdkGbNz56%2FT6lTujIP2%2FC%2BNlsMRXgK8shLqsbRaxsOuaAhpzSHsUwh1Rqz9giNobPiEqG9Da5JfO%2FsLjtK4vwg5qWKMr7iX7jlfq02%2B2lyZsstvQXIsOLUqjcRp6ykC%2BNdsHdyR2EuAIDHi"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6b552a035abbdfcf-FRA content-encoding br
GET H2	200	lux.js Show response cdn.speedcurve.com/js/	281 B 484 B	37ms 6ms	Script application/javascript	151.101.194.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.speedcurve.com/js/lux.js?id=4160355276 Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Apache / Resource Hash e05b92dcf7ea25b8197df1845c56b8aa0e0c9dc63aa9de5c3c6b1c1965a02654 Request headers Referer https://www.gocase.com/ Origin https://www.gocase.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:28 GMT via 1.1 vegur, 1.1 varnish age 244 x-cache HIT x-cache-hits 1 content-encoding gzip content-length 195 x-served-by cache-fra19149-FRA last-modified Sun, 28 Nov 2021 16:58:25 GMT server Apache x-timer S1638118949.988513,VS0,VE1 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes timing-allow-origin * expires Sun, 05 Dec 2021 16:58:25 GMT
GET H2	200	legacy-798d97b-app.js Show response cdn.gocase.com.br/.nuxt/dist/client/	5 KB 3 KB	76ms 34ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-798d97b-app.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4d0c98947f243f3a11ae10c12e310d5cab0ba7fc8b524efc20adcf207dad443 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 787461 content-type application/javascript vary Accept-Encoding x-amz-request-id 4BSGE4NJZVGXZC4X x-amz-id-2 biEaAQvcN4TBBDzrhDPqedniVld7BS48rwyEsG0RymLtJb45VFg2pwL0wV3+O5ej3KhcCUoXh1s= last-modified Fri, 19 Nov 2021 14:13:26 GMT server cloudflare etag W/"a1f0e9e3cfd82bbfb0aafbd13701c1c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arL2RdaAA5XMK4ygBiAaxPO2YqCqVR2EFaX1fdrJMpqlPwPwLR3WJf%2Fz3gSnplhcJwY030rQrb1xfDd6uvLLV3iXYY2wEUQ%2BqC7yT%2BrWzsCLPAV8jU17Nt6IsXwB65tiQpDXp7FSONtCc6uFKdmy"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a073fc27031-FRA
GET H2	200	legacy-a9ea1e9-commons_app.js Show response cdn.gocase.com.br/.nuxt/dist/client/	225 KB 78 KB	81ms 39ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-a9ea1e9-commons_app.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 231aa032d82bbcdaf63d40a0fddaa96e1046e79c7ef3c7cc0ae740ce90046828 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2648327 content-type application/javascript vary Accept-Encoding x-amz-request-id EGDNJAM3FRH5CWN5 x-amz-id-2 J6k5fVXA3iS/sjZjp7X3bjwryJb7A4qgAqCX9+txl37ArE9IsHJ4zd2VBG0K+iHM8LW2X4I05vg= last-modified Tue, 26 Oct 2021 14:54:51 GMT server cloudflare etag W/"c9e515458164d9aa4c0aa59ffecd3a71" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vg46T4Q53nkei3ORbfFMtbe7CfFL2qUcFtUyKeMu3hKZykyN%2BbDmxdmhw8awvVHHf8rJXsVB69KmZBfRUL356XVUcHYBl0SXe4FctXy9%2FEBNTC2gYCsYEC%2FJej5lyS5zXuQfFniuVSzqcYrl7FcE"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a073fc57031-FRA
GET H2	200	legacy-bee357d-vendors_app.js Show response cdn.gocase.com.br/.nuxt/dist/client/	40 KB 14 KB	99ms 57ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-bee357d-vendors_app.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b316f713a3f8df37432487ef2c9e30bf52883a086d9a1d9f6b6e12aeac211729 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 448393 content-type application/javascript vary Accept-Encoding x-amz-request-id VMKT49RMWX7NZ2CZ x-amz-id-2 xk1dDeGNnQS/gZhorlklk88k/qXLYyuQ+ClOt5c3aReX8GsLW9rPxG/11oLDy5qvSP8lGjWO/H0= last-modified Thu, 22 Jul 2021 12:22:14 GMT server cloudflare etag W/"18db46a40e829a800a1ea800212349bd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC3zdk7API2cFUKdxUOt6tvEeaycm4273dtiV92hICkBiqrYw%2BNv0R82yL8ag5Dw41%2FDn9djathFPgjb4wpMzDfvE7%2BldCXau8KLj%2Bz9c0yrTLIYJAVGtMUCQQrERHWKeKWJZm%2BTZgdjsdnaMZjN"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a073fca7031-FRA
GET H2	200	legacy-71548ed-app.js Show response cdn.gocase.com.br/.nuxt/dist/client/	337 KB 93 KB	91ms 50ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-71548ed-app.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd19504fb95e3d81c76805d46effdeff0c89d194a72ff29e0f9ec732af1bf6a2 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 787461 content-type application/javascript vary Accept-Encoding x-amz-request-id 4BSH3ZN8XW2YRTVD x-amz-id-2 8j0HCL2fkeyNdq9kQEi5ghsH74oQom53tr9TKbJ4Xgr6igyF+93waPUihx/Hyq1FksFc/OyggMw= last-modified Fri, 19 Nov 2021 14:13:27 GMT server cloudflare etag W/"aceb2ae9f68bcc4c63a9f343a730b4ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvcrANNIH3lBII%2BY0arZXh9aQ6A3l0%2B6OWIjAoK0btDTqjLESRDbH1Dxo06%2B%2BBoguRMFRth%2Fkz9plbnU0Ba4mxm2eG2XIVe8vjGERkaAVk1TOdtF9Ry8A8Ayz0UWoxDLWdwLWB0MZEe2WwIvd%2FGg"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a073fc67031-FRA
GET H2	200	legacy-5e484ce-footer.js Show response cdn.gocase.com.br/.nuxt/dist/client/	271 KB 133 KB	99ms 58ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-5e484ce-footer.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96de4301842792f5eae804e74b4f91d7cb30be17044294c6058b1fc8cab4f1f9 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 787390 content-type application/javascript vary Accept-Encoding x-amz-request-id FX8HGGPXMBNEF3BS x-amz-id-2 SklLKxkDCQIHEhGpk4RwVyh8tVyg2xgbRg5U21qPA8znrDyfWxTVkEGrvhigi+YulW3CNnLwIC4= last-modified Fri, 19 Nov 2021 14:13:27 GMT server cloudflare etag W/"af380dfa56017bf7222a67d862f61f61" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hz0kM%2FEwxZkm97R9wiIoB2vtEINhEoSE9b8oO6s%2FcbWjFtSXMBtp0fAqlBaFLWPIZZr1CAiGGq1KarLiJzp6QrMnWz%2FLkoDESPUhMwmsKy7spNXPuVftFj%2BXghKjg48gr3nZXROz6L9ieB9lwwbC"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a073fc87031-FRA
GET H2	200	subset-Averta-Regular.6eb08e3.woff2 cdn.gocase.com.br/.nuxt/dist/client/fonts/	21 KB 21 KB	60ms 28ms	Font font/woff2	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/fonts/subset-Averta-Regular.6eb08e3.woff2 Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab777f6fcc907dffc282f1ee145408e4ae3c222a66dfe30814a1fe755045700f Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.gocase.com/ Origin https://www.gocase.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT access-control-allow-methods GET, PUT, POST, DELETE, HEAD x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1026 cf-ray 6b552a073c7a7039-FRA content-length 21208 strict-transport-security max-age=0; includeSubDomains vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding x-amz-request-id 7NRMEBTJNWXDD5QQ x-amz-id-2 pUz8cOD900SE0sRhtVJZtnnS2sYxtbXmGDFGfoDjPUOC8XJL7gFfx15fNv/rFCHRG2wiC0WXf0A= last-modified Tue, 26 Oct 2021 14:54:51 GMT server cloudflare etag "a6b4659dad05bb39cc07bc06ed5e02f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 863400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cYodbYYl8x5Bd4ElvfnlobOOsp03XCiItzLwjT%2FPQ1lwhfCqiw%2FNCUfYUj3rG%2ByQpXFTT0Qka540fGjDKBip2ljO9zC7SghXsIS59zRsQqRpOne0K8aHtUD5c07kydmvrS0lGSP633FjfPZxN1N"}],"group":"cf-nel","max_age":604800} x-amz-version-id null access-control-allow-origin https://www.gocase.com access-control-expose-headers Cache-Control, Content-Language, Content-Length, Content-Type, Expires, Last-Modified, Pragma, ETag cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes content-type font/woff2
GET H2	200	subset-Averta-Bold.cd061e0.woff2 cdn.gocase.com.br/.nuxt/dist/client/fonts/	27 KB 28 KB	53ms 22ms	Font font/woff2	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/fonts/subset-Averta-Bold.cd061e0.woff2 Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e5d223977823bc9f0aed4332c6375098df05e74e73576ae98de76d026a7b3b9 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.gocase.com/ Origin https://www.gocase.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT access-control-allow-methods GET, PUT, POST, DELETE, HEAD x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 448428 cf-ray 6b552a073c7f7039-FRA content-length 27916 strict-transport-security max-age=0; includeSubDomains vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding x-amz-request-id 1XKHMK4SM526RPSC x-amz-id-2 wyoFiP+7nErYf+2RWeclnIUKFKd7YZqJwS0GUbfZIbbqSi4wx2hBChGyJuLuNtfn6jTRNXODLSY= last-modified Thu, 22 Jul 2021 12:22:14 GMT server cloudflare etag "505a2c3ee62708c781713f528b4011e1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 863400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVhlBkvncj5G%2BxSKoFgryfhGZlgK%2B06B9mxEGzFACXwpNBMCNZriePNaGlnOC4swdYAVDALWejM6QXQ8LVjjau%2BmCsqeDkrRSdf4VVdEP%2Fs67CR9CHcOaev0AWzGZKgpmAYKFmAqIbUlpPDKv326"}],"group":"cf-nel","max_age":604800} x-amz-version-id null access-control-allow-origin https://www.gocase.com access-control-expose-headers Cache-Control, Content-Language, Content-Length, Content-Type, Expires, Last-Modified, Pragma, ETag cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes content-type font/woff2
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	selo_100-seguro-retina.f759d97.png cdn.gocase.com.br/.nuxt/dist/client/img/	990 B 1 KB	32ms 32ms	Image image/webp	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.gocase.com.br/.nuxt/dist/client/img/selo_100-seguro-retina.f759d97.png Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 522f9b6588f4682d2adf9c3cb88499bfca4d91d0dacb0951c86c12349698d58f Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1720571 cf-polished origFmt=png, origSize=1209 cf-ray 6b552a074fd37031-FRA content-disposition inline; filename="selo_100-seguro-retina.webp" vary Accept content-length 990 x-amz-id-2 rR8ZA3uM0kFDraGkRKlibqsgOU1AeL8Nl4Ue/z60LdVkPMMBa/PiCANhara8Loba3n84wF4NyDE= last-modified Wed, 03 Nov 2021 14:22:13 GMT server cloudflare etag "c66824972f4f2686241de4afe9159597" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7CatcLwpJXOse5O%2F0MOnNUxGsz%2FEImnSm4sglj9InQZr3TGxL23HWN9bFnZxwWGeoHlAoFeA%2B3Dvy%2BRrZ%2BZHI1UwE6jveiCYLl4fGdSNmy%2FsWuu51N1OoeKPf6A9aF4ZFyy4FbKZURnz4%2FR7ciA"}],"group":"cf-nel","max_age":604800} x-amz-request-id F2BM4BS21W6RWQ1R cache-control max-age=31536000 x-amz-version-id null accept-ranges bytes content-type image/webp cf-bgj imgq:85,h2pri
GET H2	200	_348cf6c8.js Show response cdn.gocase.com.br/.nuxt/dist/client/legacy-a2d3a27-vendors_pages/__pages/_slug/p/_case_device_pages/capinhas-para-celular/_slug_pages/cart/index_pages/	32 KB 10 KB	25ms 24ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-a2d3a27-vendors_pages/__pages/_slug/p/_case_device_pages/capinhas-para-celular/_slug_pages/cart/index_pages/_348cf6c8.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bdda446522fc2b4717a04b4c4c47ab6a724adb5ef503e9ceeb63889c2a1fc9a Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2169334 content-type application/javascript vary Accept-Encoding x-amz-request-id XKA8MT6MXDDR6E13 x-amz-id-2 hJniqQmstl33fZiH7h1Yw1rYUb3DO3GZJQ0/42RC1C4bwTl7uVwNigmPLlH+gu2y+WY7QGOPiHA= last-modified Wed, 03 Nov 2021 14:22:13 GMT server cloudflare etag W/"a53429acdb9919942dcc9a11ecc06393" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otFE1duAjBqF0vgo5T2Lk6DMQhrDDQ8It6TptolnPD1zyvwcjEETM6ZkuxPZSUvygoevObRna8ejhdV6wqIq2RxXuv82gyonSuPJ%2F3jhCNdcGPkqa7T%2BOh2L%2F9lsYY%2FuctX%2FXsR9qvCniO8yi%2FMW"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a07d9897031-FRA
GET H2	200	collecti_43cd1490.js Show response cdn.gocase.com.br/.nuxt/dist/client/legacy-9e97c40-pages/__pages/_slug/p/_case_device_pages/capinhas-para-celular/_slug_pages/cart/index_pages/	19 KB 6 KB	35ms 34ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-9e97c40-pages/__pages/_slug/p/_case_device_pages/capinhas-para-celular/_slug_pages/cart/index_pages/collecti_43cd1490.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61d3d892db1a51f9f36ee994a883880e91e0409ac07ce27edd9faffffa71505f Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2169334 content-type application/javascript vary Accept-Encoding x-amz-request-id XKAFX9XWD00XTMTB x-amz-id-2 D5jRZdcu+POqLkVt2Nz6hg7j+DBGF7C9QqsQ5KPNjWUPwlK7K7psU/bYPMMUm2OtFP1Zl6D2hW8= last-modified Wed, 03 Nov 2021 14:22:13 GMT server cloudflare etag W/"208b2873ec2b20c936cd78d4a24ca04e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKAI%2Fm9aHJYYOCK%2F5O8igIymzlCS%2FKy%2FSJxR35%2BHARUZUPsxO1XcBNnQzLge0%2FKz30ywF8TL2dxOmpcrWj3ET3GJPt0cFMfE2YHx6ihuVQ%2FDkzzmo2YQJ%2BJn86iCeRPzTmeXyszP0PlADNFzu4K3"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a07e98e7031-FRA
GET H2	200	_.js Show response cdn.gocase.com.br/.nuxt/dist/client/legacy-df71b12-pages/__pages/capinhas-para-celular/_slug_pages/search/index_pages/smartphone-cases/_slug_pages/t/	22 KB 8 KB	35ms 35ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-df71b12-pages/__pages/capinhas-para-celular/_slug_pages/search/index_pages/smartphone-cases/_slug_pages/t/_.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 458f988e4018167794e6c96c460f183c221b74fa2dbdc09e997a41cd642466cf Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2169084 content-type application/javascript vary Accept-Encoding x-amz-request-id 34H9QCASTQQ00QHH x-amz-id-2 hQOwj1wfKgxM4NK44rBqBaL/eRdRjTbpMACU90c0RqTt9SI/PCTUXF29by48X5B0ZZDQu8uu1pg= last-modified Wed, 03 Nov 2021 14:22:13 GMT server cloudflare etag W/"9596feb2ddf64534af821b7eca65079f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpOH8JJiewqIGZ9%2FMFm4IS2Smm1QFkQXfKqCsSpJ0zUmLwHmVjQ9uYlARP2Zgzlb2fVVdsHnVVDsoYaZC91moNvzHbAbCstqyBxD%2BtEd9g6O%2FA6VNkiDZC%2Bs2NvjUXUp0SSpAB9ylN4wJ0QupdxC"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a07e9937031-FRA
GET H2	200	_.js Show response cdn.gocase.com.br/.nuxt/dist/client/legacy-0039669-pages/	45 KB 13 KB	25ms 25ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-0039669-pages/_.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0247417e512e9927e270e3d0240d5f2d84cef27b9799f417fcbd76505802080 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1477406 content-type application/javascript vary Accept-Encoding x-amz-request-id JGFTN4N9Q7EN2HYF x-amz-id-2 pKCrcnwbXJal/zUE5CFWPV4SACo7BjNcrPTz57PSl+vaflxbevmhbsqm35kwLVP4gfALt8yMGqw= last-modified Thu, 11 Nov 2021 14:32:19 GMT server cloudflare etag W/"cbe75faf18e5331a1b4b51663cf69b36" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hgG7jUV4JU%2Bu2J%2FinN%2F54KK0E4XvOHBkQI0ja%2BxM4UBNhepWa6sACZl9HPKlLMpVH7AgJRG5OmFuoPZlKPLKGe4nfSyNSYyzIVQieJnwESEM6fAOniYca7v4FGQ3Vaoy66LLvC%2FoAyZRJp6okGR"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a07e9967031-FRA
GET H2	200	legacy-7b69bee-vendors_sentry.js Show response cdn.gocase.com.br/.nuxt/dist/client/	123 KB 35 KB	37ms 36ms	Script application/javascript	2606:4700:20::681a:f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gocase.com.br/.nuxt/dist/client/legacy-7b69bee-vendors_sentry.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4fe8c54b5a42ee8d999f4e5de85c943bc91c6ebc0c278bf33fc9cfc6940a483 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 17:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2169332 content-type application/javascript vary Accept-Encoding x-amz-request-id KDH2PYZ8F7PNXZZV x-amz-id-2 hAe9hDy5UoCWpxEpce6m8NNeIrfxhLfANz52xFf00zICAyWryj7RbtKdv9otEjAN1p0TX7+QI7w= last-modified Wed, 03 Nov 2021 14:22:13 GMT server cloudflare etag W/"7d8ae90ad61d10434da8f076ee466aa4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKCGhfocv09YA9PRfHODoS09GDQLog1x%2FBG1Xo7EC8f2fDiVn3GJIPR5%2FDQ07TMoC3PEcCA5jFLmD4gSHylPwOqxXjvQifPF3DvCx7sPB3hOkVlrP5wTkq5p2n3Xz4boXYMwOtPWrUePP11d%2FDeA"}],"group":"cf-nel","max_age":604800} x-amz-version-id null cache-control max-age=31536000 cf-ray 6b552a087b657031-FRA
GET H2	200	nr-spa-1212.min.js Show response js-agent.newrelic.com/	44 KB 17 KB	39ms 8ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1212.min.js Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-version-id wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4 content-encoding gzip etag "8bd93bf0ecb2f4e971a2055a41402bb6" x-amz-request-id VG6YBKXNYMJ05RRS x-cache HIT cross-origin-resource-policy cross-origin content-length 16636 x-amz-id-2 CN/OtP3A9z0ShcwSC84Dp2716OPSVqHtXjTa3tL4kDFfrY9FTweTMDz1ynWsKHz8NETzizCEpEw= x-served-by cache-fra19162-FRA last-modified Thu, 04 Nov 2021 21:16:16 GMT server AmazonS3 x-timer S1638118949.294063,VS0,VE0 date Sun, 28 Nov 2021 17:02:29 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 6986
GET H/1.1	200 OK	3a0d021b7f Show response bam.nr-data.net/1/	57 B 322 B	495ms 123ms	Script text/javascript	162.247.242.21 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/3a0d021b7f?a=1016672824&v=1212.e95d35c&to=Z1BaYkRRWhZXB0RYV14ae0NFRFsIGU4QGVlcWRE%3D&rst=968&ck=1&ref=https://www.gocase.com/50-percent-off.&qt=1&ap=2.509174&be=620&fe=919&dc=760&tt=c2a3de98d459c743&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1638118948339,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:11,%22c%22:11,%22s%22:16,%22ce%22:33,%22rq%22:34,%22rp%22:592,%22rpe%22:605,%22dl%22:595,%22di%22:669,%22ds%22:760,%22de%22:760,%22dc%22:919,%22l%22:919,%22le%22:919%7D,%22navigation%22:%7B%7D%7D&fp=651&fcp=651&jsonp=NREUM.setToken Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS bam-9.nr-data.net Software / Resource Hash 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gocase.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Cross-Origin-Resource-Policy cross-origin Content-Type text/javascript;charset=iso-8859-1 Content-Length 57 Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	200 OK	3a0d021b7f Show response bam.nr-data.net/events/1/	24 B 181 B	123ms 123ms	XHR image/gif	162.247.242.21 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/3a0d021b7f?a=1016672824&v=1212.e95d35c&to=Z1BaYkRRWhZXB0RYV14ae0NFRFsIGU4QGVlcWRE%3D&rst=1472&ck=1&ref=https://www.gocase.com/50-percent-off. Requested by Host: www.gocase.com URL: https://www.gocase.com/50-percent-off. Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS bam-9.nr-data.net Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://www.gocase.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 content-type text/plain Response headers Access-Control-Allow-Origin https://www.gocase.com Access-Control-Allow-Credentials true Content-Length 24 Content-Type image/gif

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| NREUM object| newrelic function| __nr_require object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| dataLayer object| $nuxt object| __SENTRY__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 300105b225d76a01

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gocase.com/50-percent-off. Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.gocase.com.br
cdn.speedcurve.com
js-agent.newrelic.com
www.gocase.com
151.101.194.217
151.101.2.137
162.247.242.21
2606:4700:20::681a:77f
2606:4700:20::681a:f8e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
120768a91be5cee8732eb1c767b36a193d831b23625a31e547206dcb44b72638
231aa032d82bbcdaf63d40a0fddaa96e1046e79c7ef3c7cc0ae740ce90046828
2bdda446522fc2b4717a04b4c4c47ab6a724adb5ef503e9ceeb63889c2a1fc9a
458f988e4018167794e6c96c460f183c221b74fa2dbdc09e997a41cd642466cf
522f9b6588f4682d2adf9c3cb88499bfca4d91d0dacb0951c86c12349698d58f
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61d3d892db1a51f9f36ee994a883880e91e0409ac07ce27edd9faffffa71505f
8e5d223977823bc9f0aed4332c6375098df05e74e73576ae98de76d026a7b3b9
96de4301842792f5eae804e74b4f91d7cb30be17044294c6058b1fc8cab4f1f9
ab777f6fcc907dffc282f1ee145408e4ae3c222a66dfe30814a1fe755045700f
b316f713a3f8df37432487ef2c9e30bf52883a086d9a1d9f6b6e12aeac211729
b4d0c98947f243f3a11ae10c12e310d5cab0ba7fc8b524efc20adcf207dad443
e0247417e512e9927e270e3d0240d5f2d84cef27b9799f417fcbd76505802080
e05b92dcf7ea25b8197df1845c56b8aa0e0c9dc63aa9de5c3c6b1c1965a02654
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fe8c54b5a42ee8d999f4e5de85c943bc91c6ebc0c278bf33fc9cfc6940a483
fd19504fb95e3d81c76805d46effdeff0c89d194a72ff29e0f9ec732af1bf6a2