urlscan.io logo urlscan.io
SecurityTrails logo

go.dealsforme.club Open in urlscan Pro
2606:4700:3030::681b:9311  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1mz.link/eaSFx
Effective URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_a...
Submission: On October 21 via api from CZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3030::681b:9311, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.dealsforme.club.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 1st 2020. Valid for: a year.
This is the only time go.dealsforme.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.212.131.234 200313 (INTERNET-IT)
1 1 138.197.180.42 14061 (DIGITALOC...)
14 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
18 4
1    185.212.131.234 (Netherlands)

ASN200313 (INTERNET-IT, NL)
PTR: timkosica.ptr1.ru
1mz.link
1    138.197.180.42 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
go.clck.space
14    2606:4700:3030::681b:9311 (United States)

ASN13335 (CLOUDFLARENET, US)
go.dealsforme.club
2    2606:4700::6812:1baf (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
14 go.dealsforme.club go.dealsforme.club
2 cdnjs.cloudflare.com go.dealsforme.club
cdnjs.cloudflare.com
1 fonts.googleapis.com go.dealsforme.club
1 cdn.onesignal.com go.dealsforme.club
1 go.clck.space 1 redirects
1 1mz.link 1 redirects
18 6

This site contains links to these domains. Also see Links.

Domain
go.clck.space
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-01 -
2021-10-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Frame ID: ABBDE629E3428CA41063F66179446F4C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1mz.link/eaSFx HTTP 302
    https://go.clck.space/click.php?key=3yu3xqzk206i09spfkr0 HTTP 302
    https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_nam... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

2152 kB
Transfer

2413 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1mz.link/eaSFx HTTP 302
    https://go.clck.space/click.php?key=3yu3xqzk206i09spfkr0 HTTP 302
    https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
go.dealsforme.club/BM/RJ/BLK/CH-LP9/
Redirect Chain
  • http://1mz.link/eaSFx
  • https://go.clck.space/click.php?key=3yu3xqzk206i09spfkr0
  • https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWe...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f053ed7915505034dcc29e8618a09e9c63bed6a4df06cd7849a4a79de6741695

Request headers

:method
GET
:authority
go.dealsforme.club
:scheme
https
:path
/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 21 Oct 2020 20:48:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d242df9ec5976cfe645fb2aeb3b7665741603313318; expires=Fri, 20-Nov-20 20:48:38 GMT; path=/; domain=.dealsforme.club; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
05ee84d0770000c29a6b3b2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e5dd72d8962c29a-FRA
content-encoding
br

Redirect headers

status
302
server
nginx/1.18.0
date
Wed, 21 Oct 2020 20:48:37 GMT
content-type
text/html; charset=UTF-8
location
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
set-cookie
uclick=5my9fe; expires=Thu, 22-Oct-2020 20:48:37 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602; expires=Thu, 22-Oct-2020 20:48:37 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security
max-age=31536000
jquery-1.12.4.min.js
go.dealsforme.club/BM/RJ/BLK/CH-LP9/js/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/js/jquery-1.12.4.min.js
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
cf-request-id
05ee84d0aa0000c29a08bc1000000001
last-modified
Fri, 16 Oct 2020 13:20:44 GMT
server
cloudflare
etag
W/"17b8b-5b1c9a1ce480c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5e5dd72dd9f4c29a-FRA
icofont.min.css
go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/ 		90 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/icofont.min.css
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
cf-request-id
05ee84d0a80000c29a31b35000000001
last-modified
Fri, 16 Oct 2020 13:20:43 GMT
server
cloudflare
etag
W/"16830-5b1c9a1b495e6-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5e5dd72dd9eac29a-FRA
normalize.min.css
go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/ 		2 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/normalize.min.css
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
cf-request-id
05ee84d0a90000c29a0b142000000001
last-modified
Fri, 16 Oct 2020 13:20:43 GMT
server
cloudflare
etag
W/"745-5b1c9a1b48646-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5e5dd72dd9eec29a-FRA
styles.css
go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/styles.css
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd0b2a5de7b40ec620392565f68e9b120ecd8443effb8c294c6869e32644813

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
cf-polished
origSize=7339
status
200
cf-request-id
05ee84d0a90000c29aea26e000000001
last-modified
Fri, 16 Oct 2020 13:20:43 GMT
server
cloudflare
etag
W/"1cab-5b1c9a1b4f3a6-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5e5dd72dd9efc29a-FRA
cf-bgj
minify
animate.css
go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/ 		55 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/animate.css
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5722c797d4acfeca70bb10bf202cfc1321f017dca1f8a8a2bd4ea7be7cb27

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3551
cf-polished
origSize=72259
status
200
cf-request-id
05ee84d0aa0000c29a2d820000000001
last-modified
Fri, 16 Oct 2020 13:20:42 GMT
server
cloudflare
etag
W/"11a43-5b1c9a1aa7424-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5e5dd72dd9f1c29a-FRA
cf-bgj
minify
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2031
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
cf-request-id
05ee84d0bd0000dfe78d847000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e5dd72dfb86dfe7-FRA
expires
Mon, 11 Oct 2021 20:48:38 GMT
date.min.js
go.dealsforme.club/BM/RJ/BLK/CH-LP9/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/js/date.min.js
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c658ca0b39e6adff9e246b7e631ca8f99dca1e9c65a690594a3c8396eb5b3a1d

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
cf-request-id
05ee84d0ab0000c29ae9aa1000000001
last-modified
Fri, 16 Oct 2020 13:20:44 GMT
server
cloudflare
etag
W/"77b7-5b1c9a1cd3e6c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5e5dd72dd9f5c29a-FRA
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1909
etag
W/"af07e3bccd7885748057bb532c526ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
5e5dd72e2ab7175e-FRA
cf-request-id
05ee84d0d60000175ed583f000000001
expires
Thu, 22 Oct 2020 08:48:38 GMT
package.png
go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/package.png
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5746ad7a7b61a08423a2e0c8e0bc452189fc19a788c1d8b7a7c2cc6c6ce9d5d

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
content-length
12839
cf-request-id
05ee84d0e50000c29ae9aa7000000001
last-modified
Fri, 16 Oct 2020 13:20:44 GMT
server
cloudflare
etag
"3227-5b1c9a1cdabcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e5dd72e3a98c29a-FRA
loader.gif
go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/loader.gif
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d24113060026ad514ba303c40261b09661482729336c891eee23e38a56f9e68

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
content-length
1447086
cf-request-id
05ee84d0e90000c29af489a000000001
last-modified
Fri, 16 Oct 2020 13:20:45 GMT
server
cloudflare
etag
"1614ae-5b1c9a1d3494d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e5dd72e4aabc29a-FRA
clearance.png
go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/clearance.png
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c79cfa8d5e1986e3c9d2b601a3ae056c82e9b282f32572b6b9cd81bdd909e4

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
content-length
37781
cf-request-id
05ee84d0ea0000c29a468f7000000001
last-modified
Fri, 16 Oct 2020 13:20:44 GMT
server
cloudflare
etag
"9395-5b1c9a1cce0ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e5dd72e4aadc29a-FRA
img1.png
go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/img1.png
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f69d8288918594bbce4543f51e706c70928a5af09e87468bfc89b538915bdcb

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
content-length
2566
cf-request-id
05ee84d0eb0000c29a299c0000000001
last-modified
Fri, 16 Oct 2020 13:20:44 GMT
server
cloudflare
etag
"a06-5b1c9a1ccf04c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e5dd72e4ab0c29a-FRA
img2.png
go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/img2.png
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71badf1eec3c5f96e72a74ea6bfcde53a4f2676207b7b64c0ce0738a1507f315

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
content-length
4208
cf-request-id
05ee84d0ea0000c29afb31b000000001
last-modified
Fri, 16 Oct 2020 13:20:44 GMT
server
cloudflare
etag
"1070-5b1c9a1cd1f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e5dd72e4ab1c29a-FRA
img3.png
go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/img/img3.png
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9d7b1349dcc52eed9638a848b26e19e5c06920b24e4be3180613cd41dff570

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3552
status
200
content-length
3356
cf-request-id
05ee84d0eb0000c29a2d825000000001
last-modified
Fri, 16 Oct 2020 13:20:44 GMT
server
cloudflare
etag
"d1c-5b1c9a1cd3e6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e5dd72e4ab2c29a-FRA
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i&display=swap
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
975772d6707d5d9c3019de3f24c839f10dcd31e4da888e8531a3a57270353fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 20:48:38 GMT
server
ESF
date
Wed, 21 Oct 2020 20:48:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Oct 2020 20:48:38 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Request headers

Origin
https://go.dealsforme.club
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2030
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
05ee84d0fc0000c2fe2322d000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e5dd72e689dc2fe-FRA
expires
Mon, 11 Oct 2021 20:48:38 GMT
icofont.woff2
go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/fonts/ 		525 KB
526 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/fonts/icofont.woff2
Requested by
Host: go.dealsforme.club
URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/icofont.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Request headers

Origin
https://go.dealsforme.club
Referer
https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/css/icofont.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 20:48:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
537868
cf-request-id
05ee84d0ee0000c29a5d25f000000001
last-modified
Fri, 16 Oct 2020 13:20:43 GMT
server
cloudflare
etag
"8350c-5b1c9a1b3ea06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603313318"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e5dd72e4ac1c29a-FRA

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| OneSignal object| GET_params string| par object| tmp string| tag string| value

1 Cookies

Domain/Path Name / Value
.dealsforme.club/ Name: __cfduid
Value: d242df9ec5976cfe645fb2aeb3b7665741603313318

11 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: device_name
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: city
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: trafficsource_name
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: user_agent
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: browser_version
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: device_brand
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: ip
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: isp
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: os_version
console-api log URL: https://go.dealsforme.club/BM/RJ/BLK/CH-LP9/index.php?device_name=Desktop&city=Warsaw&trafficsource_name=mmd%20smart&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&browser_version=83&device_brand=Desktop&ip=194.99.105.99&isp=M247%20Europe%20SRL&os_version=10.14&os_name=Mac%20OS%20X&lpkey=1688034a318736e517&uclick=5my9fe&uclickhash=5my9fe-5my9fe-gx-0-gx-u3-lp-05d602(Line 40)
Message:
Tag sent: os_name

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1mz.link
cdn.onesignal.com
cdnjs.cloudflare.com
fonts.googleapis.com
go.clck.space
go.dealsforme.club
138.197.180.42
185.212.131.234
2606:4700:3030::681b:9311
2606:4700::6812:1baf
2606:4700::6812:e234
2a00:1450:4001:801::200a
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
2f69d8288918594bbce4543f51e706c70928a5af09e87468bfc89b538915bdcb
3d24113060026ad514ba303c40261b09661482729336c891eee23e38a56f9e68
3db5722c797d4acfeca70bb10bf202cfc1321f017dca1f8a8a2bd4ea7be7cb27
52c79cfa8d5e1986e3c9d2b601a3ae056c82e9b282f32572b6b9cd81bdd909e4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
71badf1eec3c5f96e72a74ea6bfcde53a4f2676207b7b64c0ce0738a1507f315
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
975772d6707d5d9c3019de3f24c839f10dcd31e4da888e8531a3a57270353fde
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
9fd0b2a5de7b40ec620392565f68e9b120ecd8443effb8c294c6869e32644813
b5746ad7a7b61a08423a2e0c8e0bc452189fc19a788c1d8b7a7c2cc6c6ce9d5d
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e
c658ca0b39e6adff9e246b7e631ca8f99dca1e9c65a690594a3c8396eb5b3a1d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
f053ed7915505034dcc29e8618a09e9c63bed6a4df06cd7849a4a79de6741695
ff9d7b1349dcc52eed9638a848b26e19e5c06920b24e4be3180613cd41dff570
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051