urlscan.io logo urlscan.io
SecurityTrails logo

hamiltoncountyin.citydeals.online Open in urlscan Pro
67.227.186.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hamiltoncountyin.citydeals.online/
Effective URL: https://hamiltoncountyin.citydeals.online/
Submission: On January 30 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 37 HTTP transactions. The main IP is 67.227.186.188, located in Vancouver, Canada and belongs to LIQUIDWEB, US. The main domain is hamiltoncountyin.citydeals.online.
TLS certificate: Issued by R3 on November 30th 2021. Valid for: 3 months.
This is the only time hamiltoncountyin.citydeals.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 67.227.186.188 32244 (LIQUIDWEB)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:21e... 16509 (AMAZON-02)
8 209.240.109.146 40244 (TURNKEY-I...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
37 7
21    67.227.186.188 (Vancouver, Canada)

ASN32244 (LIQUIDWEB, US)
PTR: host.onlightenmedia.com
hamiltoncountyin.citydeals.online
middleware.ezleadz.app
ezleadz.app
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:21ec:da00:14:4e53:7680:21 (United States)

ASN16509 (AMAZON-02, US)
d37q3r06begyqi.cloudfront.net
8    209.240.109.146 (United States)

ASN40244 (TURNKEY-INTERNET, US)
PTR: 209-240-109-146.static.as40244.net
citydeals.online
1    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
19 ezleadz.app
middleware.ezleadz.app
ezleadz.app
1 MB
10 citydeals.online
hamiltoncountyin.citydeals.online
citydeals.online
69 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 47
36 KB
2 gstatic.com
fonts.gstatic.com
72 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
82 KB
1 cloudfront.net
d37q3r06begyqi.cloudfront.net
30 KB
37 6
Domain Requested by
18 middleware.ezleadz.app hamiltoncountyin.citydeals.online
middleware.ezleadz.app
8 citydeals.online hamiltoncountyin.citydeals.online
3 fonts.googleapis.com middleware.ezleadz.app
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com hamiltoncountyin.citydeals.online
cdnjs.cloudflare.com
2 hamiltoncountyin.citydeals.online 1 redirects
1 ajax.googleapis.com hamiltoncountyin.citydeals.online
1 d37q3r06begyqi.cloudfront.net hamiltoncountyin.citydeals.online
1 ezleadz.app hamiltoncountyin.citydeals.online
37 9

This site contains no links.

Subject Issuer Validity Valid
hamiltoncountyin.citydeals.online
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
southshore.ezleadz.app
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
mail.ezleadz.app
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
citydeals.online
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hamiltoncountyin.citydeals.online/
Frame ID: 468B5D34A3CF883BEF8AF2AF649F894C
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hamilton County IN Deals

Page URL History Show full URLs

  1. http://hamiltoncountyin.citydeals.online/ HTTP 301
    https://hamiltoncountyin.citydeals.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

9
Subdomains

7
IPs

2
Countries

1600 kB
Transfer

1699 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hamiltoncountyin.citydeals.online/ HTTP 301
    https://hamiltoncountyin.citydeals.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hamiltoncountyin.citydeals.online/
Redirect Chain
  • http://hamiltoncountyin.citydeals.online/
  • https://hamiltoncountyin.citydeals.online/
30 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
fe747a08f395713fd55b6e4d1f1ad09e8964e51b341c56a984ff5293823bf629
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Server
Apache
Content-Security-Policy
upgrade-insecure-requests;
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Keep-Alive
timeout=3, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 30 Jan 2022 16:13:33 GMT
Server
Apache
Content-Security-Policy
upgrade-insecure-requests;
Location
https://hamiltoncountyin.citydeals.online/
Content-Length
250
Keep-Alive
timeout=3, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
bootstrap.min.css
middleware.ezleadz.app/assets/css/ 		141 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://middleware.ezleadz.app/assets/css/bootstrap.min.css
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
e8fc5214bf9bb8af5a1f1405558bc4b3e9c34023a90067c220d7d9687e3e5893
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Thu, 18 Jun 2020 14:58:14 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/css
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
144883
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 16:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1550575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BEkjgCVOofULo%2FQZs98Y%2B7gJ5t3%2FgOtMdw%2BD0irAWDn3YodPcjAnHKTnb1jc4Wq5Hfc%2BPh6oCdbbvh4xslKSyd6o%2BGAgBkWTcTBHH1hU7HFLlcXzU2f8HKDNVePSEbZXPZY0qn3%2Be7WQnzo7vQMSSmM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d5bfd036b14ca4f-YUL
expires
Fri, 20 Jan 2023 16:13:34 GMT
custom2.css
middleware.ezleadz.app/assets/css/ 		40 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://middleware.ezleadz.app/assets/css/custom2.css
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
14412d482d8d6eb42b640e5f0482ffd493ce72761783f005bb4d23d146d95c1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Mon, 03 Jan 2022 13:38:15 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/css
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
41060
loader.gif
ezleadz.app/assets/images/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ezleadz.app/assets/images/loader.gif
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
9c1436ecff36ff78f601a59fd37de5b96bcd1bc0630d0d4a8355104ab425d5a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Mon, 05 Jul 2021 12:05:48 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
51538
hamilton-county-in.png
d37q3r06begyqi.cloudfront.net/ezleadz/293/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d37q3r06begyqi.cloudfront.net/ezleadz/293/hamilton-county-in.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:da00:14:4e53:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9626eeaf863fca845b0df55f4c52db69ea17a0b9a798a7bb045893eb71b52b3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 16:13:28 GMT
via
1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
last-modified
Tue, 20 Jul 2021 07:09:39 GMT
server
AmazonS3
age
7
etag
"d11a59e57c6d763f51e6ee09e3ec3566"
x-cache
Hit from cloudfront
x-amz-version-id
JV2EtvbVnS.YIq_LV4UYNQAKlxyEGimI
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
30133
x-amz-cf-id
TyLibah6FtMcJJU0LwFPWRg_4KaYOIcmqXM72VZzReOzboo3v6mjOA==
slide1.jpg
middleware.ezleadz.app/assets/images/ 		532 KB
532 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/slide1.jpg
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
38658b74ded94f9f56cb7b2b8c92ce9366a3150f297920abee66aaa84b53c1a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sat, 12 Jun 2021 01:09:10 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
544312
arrow_down.png
middleware.ezleadz.app/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/arrow_down.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
77b0c47ddfc22f6b95483254836a0b66da05e890a02f8086f6063c9b53cdf90a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 00:44:26 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
3250
ToursNTravels45.png
citydeals.online/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citydeals.online/assets/ToursNTravels45.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.240.109.146 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
209-240-109-146.static.as40244.net
Software
Apache /
Resource Hash
de1bfea8401627547f8cfba10d65eef9b24b497c776a6051dea7e99b16640bfe

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Fri, 10 Sep 2021 04:28:28 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4761
DentalCare45.png
citydeals.online/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citydeals.online/assets/DentalCare45.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.240.109.146 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
209-240-109-146.static.as40244.net
Software
Apache /
Resource Hash
2d887876839131024f02f408ee0127dda69c55548d8ab3fa3a98b9e8c00725db

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Fri, 10 Sep 2021 04:28:27 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4433
Spa45.png
citydeals.online/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citydeals.online/assets/Spa45.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.240.109.146 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
209-240-109-146.static.as40244.net
Software
Apache /
Resource Hash
4bd82d09b7e1c5b4e3d60df54aa573fef481f1e746f8ff28a1cb3d857265aa72

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Fri, 10 Sep 2021 04:28:28 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4577
Food45.png
citydeals.online/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citydeals.online/assets/Food45.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.240.109.146 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
209-240-109-146.static.as40244.net
Software
Apache /
Resource Hash
03f7716d1c7e07868b400a8580834370add9950c2e17428ab02b0c7d65bdca2d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Fri, 10 Sep 2021 04:28:27 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4644
CarCleaning45.png
citydeals.online/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citydeals.online/assets/CarCleaning45.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.240.109.146 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
209-240-109-146.static.as40244.net
Software
Apache /
Resource Hash
a6d8a915d1437a9c8201303f330481812bd53d2246cd58036e36fc546457c0ff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Fri, 10 Sep 2021 04:28:27 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4873
Gym45.png
citydeals.online/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citydeals.online/assets/Gym45.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.240.109.146 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
209-240-109-146.static.as40244.net
Software
Apache /
Resource Hash
f377110d10b0026dca375c1dcd50943d08ac531b3677d6a6c7a8d6cf7f71b16f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Fri, 10 Sep 2021 04:28:27 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4174
Salon45.png
citydeals.online/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citydeals.online/assets/Salon45.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.240.109.146 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
209-240-109-146.static.as40244.net
Software
Apache /
Resource Hash
773fa23ad4f419abd668a63c048e6159b508ae8f5c9922b6831068429d8fe507

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Fri, 10 Sep 2021 04:28:28 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4864
Photography45.png
citydeals.online/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citydeals.online/assets/Photography45.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.240.109.146 , United States, ASN40244 (TURNKEY-INTERNET, US),
Reverse DNS
209-240-109-146.static.as40244.net
Software
Apache /
Resource Hash
205840b339a945ef28b6cf98fc21820156db0151d8d193a18b6e267f9826e03a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Fri, 10 Sep 2021 04:28:27 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4581
ic_1.png
middleware.ezleadz.app/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/ic_1.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
970e925709b9793269c22330e5e9dd942d6b55ac424b5e00d3d8ec0d928faba9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 11:47:52 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
1571
choose_category.png
middleware.ezleadz.app/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/choose_category.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
2fb9048c8a8970dd72cd1db3a779ee1e2b09ecefe39bc42e3707bc2d923b5735
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 11:44:54 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
5462
ic_2.png
middleware.ezleadz.app/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/ic_2.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
571fe634b72445866950653661bd1a942ed5fc48c99913c0ffa10eef189326a1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 11:48:20 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
1583
find_what.png
middleware.ezleadz.app/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/find_what.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
f60748376cbb7066d9d771dc8528c683425ea0afd2f8b53090ff8afa65042527
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 11:46:04 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
8019
ic_3.png
middleware.ezleadz.app/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/ic_3.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
211766f7fe85726bbdee29c06baea08c0d4c8a9de86a7a9fb5508f720bba5d50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 11:48:48 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
1573
go_out_explore.png
middleware.ezleadz.app/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/go_out_explore.png
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
247eb81ed3e2ba8cf52ce0fe0d5989e8ce5629c035410eb8b7f9d01e78cc1ae1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 11:47:18 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
6259
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 04:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Jan 2023 04:37:35 GMT
bootstrap.js
middleware.ezleadz.app/assets/js/ 		112 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://middleware.ezleadz.app/assets/js/bootstrap.js
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Thu, 18 Jan 2018 15:29:48 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
115048
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd2e5ade4908803195e54228b428b5509f258a0ebcdc96b412ddf2f39a1dfabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 15:56:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 16:13:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 16:13:34 GMT
css2
fonts.googleapis.com/ 		15 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73d0bf570843a89a7d895c6e311ec37db38055f3ba8ba6042fa9f5e0fc6e896c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 15:44:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 16:13:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 16:13:34 GMT
css2
fonts.googleapis.com/ 		4 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Dancing+Script:wght@400;500;600;700&display=swap
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4657fdb59673fd3da0b78b1c34f6a0e0c724b675da25fb2766c3d8827e3e2723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 Jan 2022 16:13:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jan 2022 16:13:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Jan 2022 16:13:34 GMT
Search-icon.png
middleware.ezleadz.app/assets/images/ 		366 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/Search-icon.png
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
7ef610712921282dfc5ffde5c6a5544ba47ca6413293bc0d78499ece8306f5bf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/assets/css/custom2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Thu, 01 Jul 2021 06:48:45 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
366
location.png
middleware.ezleadz.app/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/location.png
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
2362c38727fb4a72968829fc7bdfde9fe4dff836e64d147d39a20d9962719a9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/assets/css/custom2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sat, 12 Jun 2021 23:48:10 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
1303
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hamiltoncountyin.citydeals.online
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:32:28 GMT
x-content-type-options
nosniff
age
420067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 19:32:28 GMT
search_f.png
middleware.ezleadz.app/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/search_f.png
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
e7872f3b665d542b18a9ddae54e07cab899790809e6060985e0cf3537fa3bcc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/assets/css/custom2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sat, 12 Jun 2021 23:58:10 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
1167
pattern.png
middleware.ezleadz.app/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/pattern.png
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
18095c5fe9c20a3bcbf3c88be62048ba3d87dcfc5b2f446e29c98bb0e4c02775
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/assets/css/custom2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 12:29:06 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
8917
special_offer.jpg
middleware.ezleadz.app/assets/images/ 		384 KB
385 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/special_offer.jpg
Requested by
Host: hamiltoncountyin.citydeals.online
URL: https://hamiltoncountyin.citydeals.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
79732724ccaea7c201193d389c9f37615b515b7a07ec0587a3369eed53c70496
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://hamiltoncountyin.citydeals.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 13:22:14 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
393666
pattern2.png
middleware.ezleadz.app/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/pattern2.png
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
dcadf89585719967175f040ff10b7f5714df03806eb1e270246815293c0bc3e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/assets/css/custom2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 14:19:28 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
3682
email.png
middleware.ezleadz.app/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://middleware.ezleadz.app/assets/images/email.png
Requested by
Host: middleware.ezleadz.app
URL: https://middleware.ezleadz.app/assets/css/custom2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.186.188 Vancouver, Canada, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.onlightenmedia.com
Software
Apache /
Resource Hash
c7cde7b80f9894c14b728d847f148bb1671d22067862b08f3398c09083a9d815
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://middleware.ezleadz.app/assets/css/custom2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 16:13:34 GMT
Last-Modified
Sun, 13 Jun 2021 14:26:38 GMT
Server
Apache
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=96
Content-Length
1576
If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
fonts.gstatic.com/s/dancingscript/v19/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v19/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Dancing+Script:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9814588c27c110cb04d8cc3e5f1dc52e051c5d1592b7c8abaf817127a8c4d930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hamiltoncountyin.citydeals.online
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 06:30:54 GMT
x-content-type-options
nosniff
age
207761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 28 Jan 2023 06:30:54 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://hamiltoncountyin.citydeals.online
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 16:13:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1550885
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17UtedNKE9jicERleSQnaNjJY96ZQT7EIcBN%2FYrDe2Zz9OdH4xrOB%2FRqLau%2FSj6Vz44IIlgBiycGOhZN5uk%2B%2FU8kzY8dDcUVzMMQ0qwE88K1FcDu6LzTwsVkMN%2FQc5sDk91zyzmr%2Bz32RJFRqdj4OskW"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d5bfd051d9aca57-YUL
expires
Fri, 20 Jan 2023 16:13:34 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| jQuery111109087214026777637 string| ajax_main_URL

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
citydeals.online
d37q3r06begyqi.cloudfront.net
ezleadz.app
fonts.googleapis.com
fonts.gstatic.com
hamiltoncountyin.citydeals.online
middleware.ezleadz.app
209.240.109.146
2600:9000:21ec:da00:14:4e53:7680:21
2606:4700::6810:135e
2607:f8b0:4006:817::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::200a
67.227.186.188
03f7716d1c7e07868b400a8580834370add9950c2e17428ab02b0c7d65bdca2d
14412d482d8d6eb42b640e5f0482ffd493ce72761783f005bb4d23d146d95c1c
18095c5fe9c20a3bcbf3c88be62048ba3d87dcfc5b2f446e29c98bb0e4c02775
205840b339a945ef28b6cf98fc21820156db0151d8d193a18b6e267f9826e03a
211766f7fe85726bbdee29c06baea08c0d4c8a9de86a7a9fb5508f720bba5d50
2362c38727fb4a72968829fc7bdfde9fe4dff836e64d147d39a20d9962719a9f
247eb81ed3e2ba8cf52ce0fe0d5989e8ce5629c035410eb8b7f9d01e78cc1ae1
2d887876839131024f02f408ee0127dda69c55548d8ab3fa3a98b9e8c00725db
2fb9048c8a8970dd72cd1db3a779ee1e2b09ecefe39bc42e3707bc2d923b5735
38658b74ded94f9f56cb7b2b8c92ce9366a3150f297920abee66aaa84b53c1a9
4657fdb59673fd3da0b78b1c34f6a0e0c724b675da25fb2766c3d8827e3e2723
4bd82d09b7e1c5b4e3d60df54aa573fef481f1e746f8ff28a1cb3d857265aa72
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
571fe634b72445866950653661bd1a942ed5fc48c99913c0ffa10eef189326a1
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757
73d0bf570843a89a7d895c6e311ec37db38055f3ba8ba6042fa9f5e0fc6e896c
773fa23ad4f419abd668a63c048e6159b508ae8f5c9922b6831068429d8fe507
77b0c47ddfc22f6b95483254836a0b66da05e890a02f8086f6063c9b53cdf90a
79732724ccaea7c201193d389c9f37615b515b7a07ec0587a3369eed53c70496
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ef610712921282dfc5ffde5c6a5544ba47ca6413293bc0d78499ece8306f5bf
970e925709b9793269c22330e5e9dd942d6b55ac424b5e00d3d8ec0d928faba9
9814588c27c110cb04d8cc3e5f1dc52e051c5d1592b7c8abaf817127a8c4d930
9c1436ecff36ff78f601a59fd37de5b96bcd1bc0630d0d4a8355104ab425d5a9
a6d8a915d1437a9c8201303f330481812bd53d2246cd58036e36fc546457c0ff
a9626eeaf863fca845b0df55f4c52db69ea17a0b9a798a7bb045893eb71b52b3
bd2e5ade4908803195e54228b428b5509f258a0ebcdc96b412ddf2f39a1dfabc
c7cde7b80f9894c14b728d847f148bb1671d22067862b08f3398c09083a9d815
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
dcadf89585719967175f040ff10b7f5714df03806eb1e270246815293c0bc3e1
de1bfea8401627547f8cfba10d65eef9b24b497c776a6051dea7e99b16640bfe
e7872f3b665d542b18a9ddae54e07cab899790809e6060985e0cf3537fa3bcc6
e8fc5214bf9bb8af5a1f1405558bc4b3e9c34023a90067c220d7d9687e3e5893
f377110d10b0026dca375c1dcd50943d08ac531b3677d6a6c7a8d6cf7f71b16f
f60748376cbb7066d9d771dc8528c683425ea0afd2f8b53090ff8afa65042527
fe747a08f395713fd55b6e4d1f1ad09e8964e51b341c56a984ff5293823bf629