urlscan.io logo urlscan.io
SecurityTrails logo

optimisationdirectory.info Open in urlscan Pro
72.167.249.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://optimisationdirectory.info/
Effective URL: https://optimisationdirectory.info/
Submission Tags: tranco_l324
Submission: On April 01 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 72.167.249.38, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is optimisationdirectory.info.
TLS certificate: Issued by R3 on February 29th 2024. Valid for: 3 months.
This is the only time optimisationdirectory.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 72.167.249.38 398101 (GO-DADDY-...)
4 142.250.181.226 15169 (GOOGLE)
2 104.20.95.138 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
20 5
Apex Domain
Subdomains		 Transfer
11 optimisationdirectory.info
optimisationdirectory.info
178 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
207 KB
2 statcounter.com
secure.statcounter.com — Cisco Umbrella Rank: 23792
c.statcounter.com — Cisco Umbrella Rank: 11492
14 KB
20 3
Domain Requested by
11 optimisationdirectory.info optimisationdirectory.info
4 pagead2.googlesyndication.com optimisationdirectory.info
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 c.statcounter.com secure.statcounter.com
1 secure.statcounter.com optimisationdirectory.info
20 5
Subject Issuer Validity Valid
optimisationdirectory.info
R3		 2024-02-29 -
2024-05-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://optimisationdirectory.info/
Frame ID: 71246EA63F2A344F306E77D9E1026CAF
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3032375649499951&output=html&adk=1812271804&adf=3025194257&lmt=1711940410&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x750_l%7C260x750_r&format=0x0&url=https%3A%2F%2Foptimisationdirectory.info%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711940410742&bpp=5&bdt=188&idt=269&shv=r20240327&mjsv=m202403250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1445958222949&frm=20&pv=2&ga_vid=1616065717.1711940411&ga_sid=1711940411&ga_hid=2074218503&ga_fc=0&u_tz=120&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95325974%2C95326315%2C95320377%2C95328825&oid=2&pvsid=299680598998768&tmod=1354277724&uas=0&nvt=1&fsapi=1&fc=1920&brdim=230%2C230%2C230%2C230%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: 0F040F35CFBFDA8700C5419018FE7C72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F8D67E6272AEFCF888662DBA64C40C9C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Optimisation Directory

Page URL History Show full URLs

  1. http://optimisationdirectory.info/ HTTP 307
    https://optimisationdirectory.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

20
Requests

95 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

398 kB
Transfer

828 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://optimisationdirectory.info/ HTTP 307
    https://optimisationdirectory.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
optimisationdirectory.info/
Redirect Chain
  • http://optimisationdirectory.info/
  • https://optimisationdirectory.info/
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://optimisationdirectory.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache / PHP/5.6.40
Resource Hash
b291804415b87905e255728a16589eff3316ab7ada0e2bba8b219a4ccaf7a6af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-length
5213
content-type
text/html; charset=utf-8
date
Mon, 01 Apr 2024 03:00:09 GMT
expires
Mon, 14 Oct 2002 05:00:00 GMT
last-modified
Mon, 01 Apr 2024 03:00:10 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/5.6.40

Redirect headers

Location
https://optimisationdirectory.info/
Non-Authoritative-Reason
HttpsUpgrades
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3032375649499951
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d135ec81ba2a7fef6e9c58c8d6415cf5c60153961e7e0bf5731dbd3d23ec14ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
Origin
https://optimisationdirectory.info
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50921
x-xss-protection
0
server
cafe
etag
11814814254483942851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 01 Apr 2024 03:00:10 GMT
main.css
optimisationdirectory.info/templates/LadyLuck4.2/style/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
7e040bfa763eed77fc7e7f6f9b4a21f505ae60d6d2631b567981a48f9b26699f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 14:51:20 GMT
server
Apache
etag
"760b17-46e5-5cd3794638a00-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3770
fileuploader.css
optimisationdirectory.info/templates/LadyLuck4.2/style/ 		1 KB
474 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/style/fileuploader.css
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
bdda6ac16c4be957523822a7b443fcfa1f719f25c5a797f87f39dd7033f8019e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 14:51:20 GMT
server
Apache
etag
"760b14-4d5-5cd3794638a00-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
411
logo.png
optimisationdirectory.info/templates/LadyLuck4.2/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/images/logo.png
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
eb36a20ab010f6aa68fb6e6d715bd7ac18a1c856a375e1b559367f51f5368cfa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
last-modified
Thu, 30 Sep 2021 14:51:20 GMT
server
Apache
accept-ranges
bytes
etag
"760b07-2b8f-5cd3794638a00"
content-length
11151
content-type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3032375649499951&plah=optimisationdirectory.info&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3032375649499951
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c4e8385982ac2916b0ee6946e0cbcda62f725207c3699e8dad759db1b51c91ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141458
x-xss-protection
0
server
cafe
etag
10173519069833114884
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Apr 2024 03:00:10 GMT
paper-bg.jpg
optimisationdirectory.info/templates/LadyLuck4.2/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/images/paper-bg.jpg
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
1c4244b208736bd7b7370104dad770b38ae624f729a0d8d7612d43b0fd02b699

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
last-modified
Thu, 30 Sep 2021 14:51:20 GMT
server
Apache
accept-ranges
bytes
etag
"760b08-3ab9-5cd3794638a00"
content-length
15033
content-type
image/jpeg
counter.js
secure.statcounter.com/counter/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Mar 2024 14:36:00 GMT
server
cloudflare
age
42109
etag
W/"66042ed0-8c64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
86d553cfefa99f31-FRA
expires
Mon, 01 Apr 2024 03:18:21 GMT
top-illustration.gif
optimisationdirectory.info/templates/LadyLuck4.2/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/images/top-illustration.gif
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
7864c72c20faf65884a30dc6145ee48dc1e8176e494aadbc859c323533f11b8d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
last-modified
Thu, 30 Sep 2021 14:51:20 GMT
server
Apache
accept-ranges
bytes
etag
"760b13-11eb7-5cd3794638a00"
content-length
73399
content-type
image/gif
header.gif
optimisationdirectory.info/templates/LadyLuck4.2/images/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/images/header.gif
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
51bbf511550fb6c3c677f64c5b9dcb9ae473485194c6bac09ff20dc18e0a4810

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
last-modified
Thu, 30 Sep 2021 14:51:19 GMT
server
Apache
accept-ranges
bytes
etag
"760b00-ef18-5cd37945447c0"
content-length
61208
content-type
image/gif
bg_header.png
optimisationdirectory.info/templates/LadyLuck4.2/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/images/bg_header.png
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
90d3a828815c623a3435e820b38ce56f82d3e28b283972b878e6bcd8124a73a9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
last-modified
Thu, 30 Sep 2021 14:51:18 GMT
server
Apache
accept-ranges
bytes
etag
"760ade-25ec-5cd3794450580"
content-length
9708
content-type
image/png
searchBtnCenter.gif
optimisationdirectory.info/templates/LadyLuck4.2/images/ 		570 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/images/searchBtnCenter.gif
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
47ae7e283bdeb7f1521887cc17c8f5164a672ae41d944938d764d7e3b0b555b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
last-modified
Thu, 30 Sep 2021 14:51:20 GMT
server
Apache
accept-ranges
bytes
etag
"760b0d-23a-5cd3794638a00"
content-length
570
content-type
image/gif
inputBg.jpg
optimisationdirectory.info/templates/LadyLuck4.2/images/ 		451 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimisationdirectory.info/templates/LadyLuck4.2/images/inputBg.jpg
Requested by
Host: optimisationdirectory.info
URL: https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
b2da6c2bdd0bd9687427c41b81e3d28af23d0ea6e17000428523165d7ff11504

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/templates/LadyLuck4.2/style/main.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:10 GMT
last-modified
Thu, 30 Sep 2021 14:51:19 GMT
server
Apache
accept-ranges
bytes
etag
"760b04-1c3-5cd37945447c0"
content-length
451
content-type
image/jpeg
t.php
c.statcounter.com/ 		192 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=8630552&u1=A4648C1B2CD14F092C1A0D08434125B0&java=1&security=410a67bc&sc_snum=1&sess=21e3ea&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=800&h=600&camefrom=&u=https%3A//optimisationdirectory.info/&t=Optimisation%20Directory&invisible=1&sc_rum_e_s=1699&sc_rum_e_e=1702&sc_rum_f_s=0&sc_rum_f_e=1697&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://optimisationdirectory.info
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
86d553d058029f31-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 0F04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3032375649499951&output=html&adk=1812271804&adf=3025194257&lmt=1711940410&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x750_l%7C260x750_r&format=0x0&url=https%3A%2F%2Foptimisationdirectory.info%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711940410742&bpp=5&bdt=188&idt=269&shv=r20240327&mjsv=m202403250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1445958222949&frm=20&pv=2&ga_vid=1616065717.1711940411&ga_sid=1711940411&ga_hid=2074218503&ga_fc=0&u_tz=120&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95325974%2C95326315%2C95320377%2C95328825&oid=2&pvsid=299680598998768&tmod=1354277724&uas=0&nvt=1&fsapi=1&fc=1920&brdim=230%2C230%2C230%2C230%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=281
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3032375649499951&plah=optimisationdirectory.info&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://optimisationdirectory.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Apr 2024 03:00:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240327&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3032375649499951&plah=optimisationdirectory.info&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1f0d21da671ad937a1689d04e96066804e816e774bc63dfea458f0cb813a15c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12277
x-xss-protection
0
favicon.ico
optimisationdirectory.info/ 		337 B
454 B 		Other
General
Check archive.org
Download Go to
Full URL
https://optimisationdirectory.info/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.249.38 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
38.249.167.72.host.secureserver.net
Software
Apache /
Resource Hash
9134f7aa4dd1a743177dc68e98dd2a2eee03be6069fa343e623bb9144d920642

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:16 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 14:48:10 GMT
server
Apache
etag
"6e1b22-151-5cd3789105e80-br"
vary
Accept-Encoding
content-type
image/x-icon
accept-ranges
bytes
content-length
341
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3032375649499951&plah=optimisationdirectory.info&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://optimisationdirectory.info/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 03:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Apr 2024 03:00:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F8D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://optimisationdirectory.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
48058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 31 Mar 2024 13:39:18 GMT
expires
Mon, 31 Mar 2025 13:39:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240327&jk=299680598998768&bg=!JySlJGvNAAYQOWS2MDk7ADQBe5WfOJhXPtYXBu3Re3jce1GdIAbHGuBHUT4FwmDx6-DxvPlVkcgmnTANq96i61nNwTSlAgAAAChSAAAAAmgBB34ANR-SvefZmVvyZ-xh27BQpeSX7fqzA2nvYg6cUpCDUBToajOkr5giiXKLnGLCRwzozejGVFczCgCxWS_bML95NbMWPQkSTtUmkFGlRE2BWcI8dnOIO5SrBZNV-bPIw-s_qBx5t1Bg6K-PxvQxKNY7rVc6AKQ1bh_LGLatMO6xrG2vJeGJLyDkCo9PClf2NX8yFy6g5AXVSpV8LFR17wjD369YF4rMMp9k9HdGOYvIsgRUkUPbQ8QX5rMMUsd2FliotxHWd7bCGkZxpRG5rDmB3vC6cTRhMafk0Rx_8EO01PpVEENS7szeYL8rmQKjvdQxnl-96HFI3MaOkrZIvVOK0CjmHSW7CiStxkVY75JFlhNqeedVSXerz7EmmDJi6JHhvHuJdjdh9sYox0gAxv8dtolJZoGeiw4KPMO2g0Z810slXwNLhcDPZdi7u_5wLbJfaTZuTIE7-S-mCLs65UPKQYnvl4nHz_qbQGnq4v60G8Xdq4nuDxhQdaFkpdCRvhzVuhGKuFhatMFrq1H10qPpVPge-iQw3HVRiYfcZVYp0XJNkGtwh5T8Lb3aOzoCWKT0EUuJels2EwE9hqjBJRC5Vw5zRR32CnRh86ccA-xloSI7w9ewd5HYgR4kFfU2gFoiRRS0-FImT9mfo7IQPaHO_WUMs9O5SIdXXcpV_UOL-ualWrZ9aocKJEUh2GL6v0c7rSLUHvwxDec8bs_uj0iJfWcE6sFs4RwOhZvfs6Ob-6WjWHYwEEEBpEudWI1Uxgwtwk4LSTa9bj57LGIhAfRCnYB6TMEebrRqFROAvE7i0LeUNQAkgHulO8bm9BFXGWUFUVTQxfOrQwZ_g3_iCvm-4rO3elEcMM-qrHj0VV7iIbwsQw_1eNHS67cZb-3IWhupnHZxG7-EiLOC0z4jhZgTInX9tJEM0_S9P5HK40_cSNVAEG_yo_NPQFMh2UCPiOyT6oZV-wh0EQwQNqjm1MyX-HusXpN2see9dAixPeMN6PTtLEt9TMz5jPRHtTaRAhd1zRT6ERjRi2ZZVMBMBY7YQRjS9ZhX6hr0_ox2I-WTnITYIvUzDflGbf_csJUw8uLyJGTJZvkveGZC_-J8kDOjt04D5IJyN6H4J1x7cBex-B5baNeTE7AaCWpxbhMmbAWsXeTVzXVT9jY3UsC6HWfuQIu_JXnQKN-nCzjYasbn5z1CUgBhlVqkd4g3xzgNi8d0

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint object| valid_obj function| google_spfd number| google_unique_id object| google_sv_map function| increase_height function| decrease_height function| show_panel function| ajaxFunction string| root object| a function| count_link number| sc_project number| sc_invisible string| sc_security string| scJsHost function| _statcounter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
optimisationdirectory.info/ Name: PHPSESSID
Value: i0eo6c689it7qbgb43dqkuhei3
.optimisationdirectory.info/ Name: sc_is_visitor_unique
Value: rx8630552.1711940411.A4648C1B2CD14F092C1A0D08434125B0.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc8630552.1711940411.0

3 Console Messages

Source Level URL
Text
javascript warning URL: https://optimisationdirectory.info/(Line 346)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://optimisationdirectory.info/(Line 346)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://optimisationdirectory.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.statcounter.com
optimisationdirectory.info
pagead2.googlesyndication.com
secure.statcounter.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
104.20.95.138
142.250.181.226
2a00:1450:4001:830::2001
72.167.249.38
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4
1c4244b208736bd7b7370104dad770b38ae624f729a0d8d7612d43b0fd02b699
1f0d21da671ad937a1689d04e96066804e816e774bc63dfea458f0cb813a15c8
47ae7e283bdeb7f1521887cc17c8f5164a672ae41d944938d764d7e3b0b555b2
51bbf511550fb6c3c677f64c5b9dcb9ae473485194c6bac09ff20dc18e0a4810
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7864c72c20faf65884a30dc6145ee48dc1e8176e494aadbc859c323533f11b8d
7e040bfa763eed77fc7e7f6f9b4a21f505ae60d6d2631b567981a48f9b26699f
90d3a828815c623a3435e820b38ce56f82d3e28b283972b878e6bcd8124a73a9
9134f7aa4dd1a743177dc68e98dd2a2eee03be6069fa343e623bb9144d920642
b291804415b87905e255728a16589eff3316ab7ada0e2bba8b219a4ccaf7a6af
b2da6c2bdd0bd9687427c41b81e3d28af23d0ea6e17000428523165d7ff11504
bdda6ac16c4be957523822a7b443fcfa1f719f25c5a797f87f39dd7033f8019e
c4e8385982ac2916b0ee6946e0cbcda62f725207c3699e8dad759db1b51c91ca
d135ec81ba2a7fef6e9c58c8d6415cf5c60153961e7e0bf5731dbd3d23ec14ff
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb36a20ab010f6aa68fb6e6d715bd7ac18a1c856a375e1b559367f51f5368cfa