urlscan.io logo urlscan.io
SecurityTrails logo

your-local-dream.com Open in urlscan Pro
18.185.46.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fotonaldi.it/
Effective URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9...
Submission: On January 10 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 18.185.46.83, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is your-local-dream.com.
TLS certificate: Issued by Amazon on April 23rd 2021. Valid for: a year.
This is the only time your-local-dream.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.184.38.55 16509 (AMAZON-02)
1 3 18.185.46.83 16509 (AMAZON-02)
18 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 18.158.102.47 16509 (AMAZON-02)
8 52.29.197.116 16509 (AMAZON-02)
37 8
1    2606:4700:3036::ac43:9d2a (United States)

ASN13335 (CLOUDFLARENET, US)
fotonaldi.it
3    2606:4700:3032::6815:4e4f (United States)

ASN13335 (CLOUDFLARENET, US)
arthyredir2.com
1    18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
arthyredirtrk.online
3    18.185.46.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-46-83.eu-central-1.compute.amazonaws.com
your-local-dream.com
18    2600:9000:2156:9a00:6:74ba:b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.cdn2reference.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.158.102.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-102-47.eu-central-1.compute.amazonaws.com
retarget2core.com
8    52.29.197.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
pt-xb.xyz
Apex Domain
Subdomains		 Transfer
18 cdn2reference.com
www.cdn2reference.com — Cisco Umbrella Rank: 199481
225 KB
8 pt-xb.xyz
pt-xb.xyz — Cisco Umbrella Rank: 260098
14 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 your-local-dream.com
your-local-dream.com
15 KB
3 arthyredir2.com
arthyredir2.com
2 KB
2 retarget2core.com
retarget2core.com — Cisco Umbrella Rank: 166487
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
42 KB
1 arthyredirtrk.online
arthyredirtrk.online
676 B
1 fotonaldi.it
fotonaldi.it
622 B
37 10
Domain Requested by
18 www.cdn2reference.com your-local-dream.com
www.cdn2reference.com
8 pt-xb.xyz retarget2core.com
pt-xb.xyz
3 fonts.gstatic.com fonts.googleapis.com
3 your-local-dream.com 1 redirects retarget2core.com
3 arthyredir2.com 2 redirects
2 retarget2core.com www.cdn2reference.com
your-local-dream.com
2 fonts.googleapis.com www.cdn2reference.com
1 www.googletagmanager.com your-local-dream.com
1 arthyredirtrk.online 1 redirects
1 fotonaldi.it 1 redirects
37 10

This site contains no links.

Subject Issuer Validity Valid
*.arthyredir2.com
R3		 2021-11-17 -
2022-02-15		 3 months crt.sh
your-local-dream.com
Amazon		 2021-04-23 -
2022-05-22		 a year crt.sh
cdn2reference.com
Amazon		 2021-11-10 -
2022-12-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
retarget2core.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
pt-xb.xyz
Amazon		 2021-08-27 -
2022-09-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Frame ID: 17053FEDDF72A7E75749DF7C1EA4C7C2
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fotonaldi.it/ HTTP 302
    https://arthyredir2.com/?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it Page URL
  2. https://arthyredir2.com/index2.php?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonald... HTTP 302
    https://arthyredir2.com/index3.php?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonald... HTTP 302
    https://arthyredirtrk.online/4f7f68b2-085b-499d-be21-facb4ea6eee6?src=432+30kwbalance+3xl+ascrp+it+conten... HTTP 302
    https://your-local-dream.com/tds/ae?tdsId=s7806yas_r&tds_campaign=s7806yas&utm_sub=opnfnl&s1=ps&utm_sourc... HTTP 302
    https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

37
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

346 kB
Transfer

511 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fotonaldi.it/ HTTP 302
    https://arthyredir2.com/?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it Page URL
  2. https://arthyredir2.com/index2.php?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it&niche= HTTP 302
    https://arthyredir2.com/index3.php?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it HTTP 302
    https://arthyredirtrk.online/4f7f68b2-085b-499d-be21-facb4ea6eee6?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it HTTP 302
    https://your-local-dream.com/tds/ae?tdsId=s7806yas_r&tds_campaign=s7806yas&utm_sub=opnfnl&s1=ps&utm_source=int&affid=e3024637&subid=&clickid=wa8p7n054cvtec8d26btqva4&subid2= HTTP 302
    https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://fotonaldi.it/ HTTP 302
  • https://arthyredir2.com/?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
arthyredir2.com/
Redirect Chain
  • https://fotonaldi.it/
  • https://arthyredir2.com/?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it
503 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://arthyredir2.com/?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8595cd0db5af05f90a469f9a05315f22c17c8069af3dc754602059194c0c3d6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

date
Mon, 10 Jan 2022 12:17:09 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHplce5uUKF8%2F6OhJsXRlok28omNiNWkjs04MjThW4ai0%2B%2FxkWIozbezTzmhv8HXjj4lMwoLw2CgTxOCP%2BJdqQRYHLEALxUERO5LyXdOgGT6JpbC6WDxeyWn8pDESZgfPo6fcplMMtkSGZw6o%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cb5d730ef520f6e-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 10 Jan 2022 12:17:09 GMT
content-type
text/html; charset=UTF-8
location
https://arthyredir2.com/?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXjRgNPaV%2FGi8ZE4fpn79c8BLLFuHHB%2Bmikc6emRTw3Xli3zJriJusyKhgNRyjQTEJZfaetzEN%2BWV0ZSTEG1NH2HlgzePPm7XFHgs2tVC3pVMwrxsQGwhh83c8ianYT0raRhTo2E%2F1XInA8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cb5d72fdebd0e2a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request jump
your-local-dream.com/
Redirect Chain
  • https://arthyredir2.com/index2.php?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it&niche=
  • https://arthyredir2.com/index3.php?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it
  • https://arthyredirtrk.online/4f7f68b2-085b-499d-be21-facb4ea6eee6?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it
  • https://your-local-dream.com/tds/ae?tdsId=s7806yas_r&tds_campaign=s7806yas&utm_sub=opnfnl&s1=ps&utm_source=int&affid=e3024637&subid=&clickid=wa8p7n054cvtec8d26btqva4&subid2=
  • https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaig...
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.46.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-46-83.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1e09562560ad42ad5d1079e9e3d974b194a7eb770048fba645d381edd37f7850

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://arthyredir2.com/?src=432+30kwbalance+3xl+ascrp+it+content_eu_2+noprot&dom=fotonaldi.it#

Response headers

date
Mon, 10 Jan 2022 12:17:09 GMT
content-type
text/html; charset=UTF-8
content-length
12996
server
nginx

Redirect headers

date
Mon, 10 Jan 2022 12:17:09 GMT
location
https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
server
nginx
accept-ch
UA, Platform, Model, Mobile, Arch
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
access-control-allow-origin
*
webPushMotivationPopupSmall.css
www.cdn2reference.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/css/webPushMotivationPopupSmall.css?v=2
Requested by
Host: your-local-dream.com
URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 16:53:26 GMT
content-encoding
gzip
last-modified
Wed, 31 Oct 2018 08:29:51 GMT
server
nginx
age
69824
etag
W/"1340-579821b240313"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
WWnji9UExL2fN2syu8J781ZpGPfy66hkS_Eou_v7wvhMVvAxdr-LKg==
ab7f61f23554e5161c0b19f68dd7418b.css
www.cdn2reference.com/landings/23862/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Requested by
Host: your-local-dream.com
URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f73e4f17cfbe49872871916872e56ea02c6036b6bc4276670437ce0d2894c0fd

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:06:33 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:37:35 GMT
server
nginx
age
12494
etag
W/"1dc8-58c3bd3078dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
3vpNELaTWy-WFOBxZGh2c3oD5UJk_p91mkMZPJO1l6QPc633hjzE-w==
436fdfbeff1d5d77b2161d86757840da.js
www.cdn2reference.com/landings/23862/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/landings/23862/js/436fdfbeff1d5d77b2161d86757840da.js
Requested by
Host: your-local-dream.com
URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2ec915fccb90004b496a8b1f948f3785808bfcb63b6ba4fdc22dacc17d7b275

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 18:41:09 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:37:35 GMT
server
nginx
age
63360
etag
W/"15f68-58c3bd3078dc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
h0pUAsMNQjakQduI-bgbFzhcweWZJWrswKhKxwUrMyqGZsVN4pSN-A==
webPushMotivationPopupSmall.js
www.cdn2reference.com/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/js/webPushMotivationPopupSmall.js?v=8
Requested by
Host: your-local-dream.com
URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 16:53:29 GMT
content-encoding
gzip
last-modified
Wed, 31 Oct 2018 08:31:29 GMT
server
nginx
age
69821
etag
W/"22c1-5798220f7ced0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0GI6FcUi9Lcs3l6QGIO3VXuUrIBN5BsGVpT8iNfV4EnkPAmgvDV3Vw==
dc_img.js
www.cdn2reference.com/js/ 		488 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn2reference.com/js/dc_img.js?v=8
Requested by
Host: your-local-dream.com
URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 05:10:00 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Thu, 29 Oct 2020 09:19:39 GMT
server
nginx
age
25630
etag
"1e8-5b2cbc78da216"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
488
x-amz-cf-id
RFXAhUM6W5EVsgyeTA8XuBERs7YrscoGvBrO6QBG81pUIVE79FT2cw==
css
fonts.googleapis.com/ 		1008 B
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Assistant
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/css/webPushMotivationPopupSmall.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a7e89545d76648565b32f99c4275de332fd9bb8d1ec0f16e2b2b5a6d5212479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 11:46:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 12:17:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 12:17:10 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 12:03:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 12:17:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 12:17:10 GMT
gtm.js
www.googletagmanager.com/ 		111 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
Requested by
Host: your-local-dream.com
URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac25e147273cc95dbcf3c4f2d41c7d6f3a27f943d69866d26b36915e1d63b616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42653
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 12:17:10 GMT
general-web-1.jpg
www.cdn2reference.com/landings/23862/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/general-web-1.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
44c2f2a9fab8ca1131ac12f252d7ca690f1bb4488856e62a15ef7c6369f185b2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 16:02:07 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
age
72903
etag
"9a12-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
39442
x-amz-cf-id
Tli2kvYY-GtBeqyZOJHqIpyTZxJ02kUfk7epcl3AFl1h2_qJ3RS79g==
general-web-2.jpg
www.cdn2reference.com/landings/23862/images/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/general-web-2.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b70d5923d2a25d5107e944bbc86f46b29c906cba6e11321b35e5af4cbcc5dc3e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"a8a0-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
43168
x-amz-cf-id
ED5nsqMpG5tfUsmnplcheT4qQz-IWsKFo4eHEdyso5CZ1N1siti9hw==
general-web-3.jpg
www.cdn2reference.com/landings/23862/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/general-web-3.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2224331a6b55de54212a989ab421301dabe2ebce44525e1f11782ba07e0009ae

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"896e-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
35182
x-amz-cf-id
yQzU-vXtTZaPaa-t7t8MK2dTCBOx2RqVXm6kvPFjbRGUulqWHV95AQ==
main-bg.jpg
www.cdn2reference.com/landings/23862/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/main-bg.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
742cdd2b68a2026b74e8abf7f374d43d57be02dc3428524c0a355b893677d9e7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:26:39 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"b4d7-58c39fec681c0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
46295
x-amz-cf-id
IT3Nx_zpwW84hGk9HrN1OoSwVtJL5mQRNJqUEaGpBhUvr6lLz9_qbA==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://your-local-dream.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
512110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:02:00 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://your-local-dream.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:58:32 GMT
x-content-type-options
nosniff
age
411518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 17:58:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://your-local-dream.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
411651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 17:56:19 GMT
fp_ec.js
retarget2core.com/fp/ 		1 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://retarget2core.com/fp/fp_ec.js
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/js/dc_img.js?v=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.102.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-102-47.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3011368869ee1922eb0b82057cc6e63d0aec0795d13f7024116198f9e9b7f53f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 13:18:00 GMT
server
nginx
etag
W/"543-17e2f89ff40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-robots-tag
noindex
7.jpg
www.cdn2reference.com/landings/23862/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/7.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3ab807e2379cd0de556aff10dcaf61d74e205ead17cf49f466d13d26b7ff4cd

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"9e2-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
2530
x-amz-cf-id
YUTca_EUENGmdGnFjJ6hcq4Hjz7coTreoQssEX2nqshw_uYg2IucqQ==
8.jpg
www.cdn2reference.com/landings/23862/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/8.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
24e468ea410942f04eebc2383136721bed3873997aa4fc6dde74b38dd8bd1859

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 22:03:45 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
age
51205
etag
"8a0-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2208
x-amz-cf-id
BCFLkP1vmZHql7FOGnmHLYMljJk8lKM-QfOwIeEMFrXzSBTXoyPFfw==
10.jpg
www.cdn2reference.com/landings/23862/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/10.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a941fc52b2621cd3760c703494015a93d411724c02bd64fd1f146ec7ea7acd73

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"8f9-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
2297
x-amz-cf-id
YdOr7AXTX47Sd_hjShUD3S-4dV7cSxaakOO5e0PSYd2UzXhtNahTCQ==
1.jpg
www.cdn2reference.com/landings/23862/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/1.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba23375c737f2bdac0043d9b929cdea0bda7f4a5ef438829d2974c83a596832

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"8f8-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
2296
x-amz-cf-id
2PvcGSdGzuVw1qRP96M0YWm8zfTn5a_7cU1q8FfNDNKroUJaiZePDw==
9.jpg
www.cdn2reference.com/landings/23862/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/9.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
68b386720b07071787ce8d8331b1a911b47f7882a1a281b8c3a56bfb65477599

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 14:16:48 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
age
79222
etag
"9ab-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2475
x-amz-cf-id
7W-1i7KlegWe0a9pj98g9ojy054v7aZqEGPn-rWa0VvlMc5cQgVEYw==
6.jpg
www.cdn2reference.com/landings/23862/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/6.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a30fa26bd37f4b1242f980df4d25547ab69540cc9016e336a741a6ad011e7555

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 20:33:57 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
age
56593
etag
"840-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2112
x-amz-cf-id
SiO6_G-IohyOlq8ry_s9f85UgvPT-AkxBW-yLy9c_F2fSchbgMe4Iw==
3.jpg
www.cdn2reference.com/landings/23862/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/3.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
16721fbda841ecfd9ec404cbcb4196e696893d0df1e178ef39ce138fa945cfec

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 20:23:35 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
age
57215
etag
"857-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2135
x-amz-cf-id
oTIpkxaDnY2z4EeT4XGDUlneVY7k9AFldMkngfHac5pledOaXXQRrw==
2.jpg
www.cdn2reference.com/landings/23862/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/2.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
983ac79ede15e0ec22310e8722a667826b6fa3ba7b509af7e4dbeab910cb0951

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"96d-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
2413
x-amz-cf-id
JcHJW5beQBAeXv79-93XfI6CdVmZEkW1w0qaxqWEHF9ump2C848NoQ==
5.jpg
www.cdn2reference.com/landings/23862/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cdn2reference.com/landings/23862/images/5.jpg
Requested by
Host: www.cdn2reference.com
URL: https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9a00:6:74ba:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a1fcc166aa8188d638992dbd8f4c0d6fda4ae881c91625221706bae59d1952f2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.cdn2reference.com/landings/23862/css/ab7f61f23554e5161c0b19f68dd7418b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 08:35:08 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jun 2019 13:04:16 GMT
server
nginx
age
13322
etag
"a2e-58c39aeb9f400"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2606
x-amz-cf-id
zdH_EWA1RRJPQFmSGo1255DonedLhfK-9lfM8ZvMfcMbK3x7XLvw6w==
main.js
pt-xb.xyz/c_js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/main.js?
Requested by
Host: retarget2core.com
URL: https://retarget2core.com/fp/fp_ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.197.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
89f1911d604623b1e3f80d49b4f15fb23cd9ae00813d84720bde3f6ffb0348cf

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
content-encoding
gzip
etag
W/"20be-2fPs9h7b3QRkjntWa7WFvhRX+Uo"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
mtu-integration-bridge.js
your-local-dream.com/ 		739 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://your-local-dream.com/mtu-integration-bridge.js?
Requested by
Host: retarget2core.com
URL: https://retarget2core.com/fp/fp_ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.46.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-46-83.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a554bc01c16e43dc6dd258c927b93cba7cd06f82e1b0cbe177232bdf955c0246

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
last-modified
Thu, 06 Jan 2022 13:18:00 GMT
server
nginx
etag
W/"2e3-17e2f89ff40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-robots-tag
noindex
content-length
739
ac3fc68831981c704535980c826941a5
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ 		35 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&j_type=open&jump=23862&jump_name=
Requested by
Host: your-local-dream.com
URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.102.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-102-47.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 12:17:10 GMT
access-control-allow-credentials
true
accept-ch
UA, Platform, Model, Mobile, Arch
content-type
image/gif
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pwa.js
pt-xb.xyz/c_js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/pwa.js?placement=default&referer=https%3A%2F%2Farthyredir2.com%2F&doc_location=https%253A%252F%252Fyour-local-dream.com%252Fjump%253Fid%253D23862%2526tds_campaign%253Db4851yas%2526tds_id%253Db4851yas_jump_a_1565615261821%2526tds_oid%253D23862%2526tds_cid%253D9fa23600f986156b1223a7c44c69e03639e1546b%2526s1%253Dps%2526utm_source%253Dint%2526utm_campaign%253De3024637%2526utm_content%253D%2526data2%253Dwa8p7n054cvtec8d26btqva4%2526s3%253D%2526tds_host%253Dyour-local-dream.com%2526dci%253Dd9a0564f17b705a1704b9e1105102d710adf55ee%2526tds_ac_id%253Ds7806yas%2526_tgUrl%253DaHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%25253D%25253D%2526tds_rt%253D&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.197.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
4713436f484149b42a9f50c808fd5dfff3fc50ffbef345b5737ac500371c01e9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
content-encoding
gzip
etag
W/"49fa-/HmujGAa1L7poc4BPyOSX3dwhd4"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rtr.js
pt-xb.xyz/c_js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/rtr.js?placement=default&referer=https%3A%2F%2Farthyredir2.com%2F&doc_location=https%253A%252F%252Fyour-local-dream.com%252Fjump%253Fid%253D23862%2526tds_campaign%253Db4851yas%2526tds_id%253Db4851yas_jump_a_1565615261821%2526tds_oid%253D23862%2526tds_cid%253D9fa23600f986156b1223a7c44c69e03639e1546b%2526s1%253Dps%2526utm_source%253Dint%2526utm_campaign%253De3024637%2526utm_content%253D%2526data2%253Dwa8p7n054cvtec8d26btqva4%2526s3%253D%2526tds_host%253Dyour-local-dream.com%2526dci%253Dd9a0564f17b705a1704b9e1105102d710adf55ee%2526tds_ac_id%253Ds7806yas%2526_tgUrl%253DaHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%25253D%25253D%2526tds_rt%253D&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.197.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
34e0014ab8b33152ff32376720376b0f6ddde3bc6519b1ae5e474f0f2c017b06

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
content-encoding
gzip
etag
W/"784-xmEOCsJL35RhgIobDjeGyq327pM"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
webpush.js
pt-xb.xyz/c_js/ 		108 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/webpush.js?placement=default&referer=https%3A%2F%2Farthyredir2.com%2F&doc_location=https%253A%252F%252Fyour-local-dream.com%252Fjump%253Fid%253D23862%2526tds_campaign%253Db4851yas%2526tds_id%253Db4851yas_jump_a_1565615261821%2526tds_oid%253D23862%2526tds_cid%253D9fa23600f986156b1223a7c44c69e03639e1546b%2526s1%253Dps%2526utm_source%253Dint%2526utm_campaign%253De3024637%2526utm_content%253D%2526data2%253Dwa8p7n054cvtec8d26btqva4%2526s3%253D%2526tds_host%253Dyour-local-dream.com%2526dci%253Dd9a0564f17b705a1704b9e1105102d710adf55ee%2526tds_ac_id%253Ds7806yas%2526_tgUrl%253DaHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%25253D%25253D%2526tds_rt%253D&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.197.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
7d61977a9fd9b646c9c8485466381ae9cd6df037e9fc15214c5768ed2d44a961

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
etag
W/"6c-uTmxtL0KXXoFbyj3PYIFlFW3ym0"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
108
ipp.js
pt-xb.xyz/c_js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/ipp.js?placement=default&referer=https%3A%2F%2Farthyredir2.com%2F&doc_location=https%253A%252F%252Fyour-local-dream.com%252Fjump%253Fid%253D23862%2526tds_campaign%253Db4851yas%2526tds_id%253Db4851yas_jump_a_1565615261821%2526tds_oid%253D23862%2526tds_cid%253D9fa23600f986156b1223a7c44c69e03639e1546b%2526s1%253Dps%2526utm_source%253Dint%2526utm_campaign%253De3024637%2526utm_content%253D%2526data2%253Dwa8p7n054cvtec8d26btqva4%2526s3%253D%2526tds_host%253Dyour-local-dream.com%2526dci%253Dd9a0564f17b705a1704b9e1105102d710adf55ee%2526tds_ac_id%253Ds7806yas%2526_tgUrl%253DaHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%25253D%25253D%2526tds_rt%253D&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.197.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
f0d4cf0f17790a8c1e3cccbfaa86e94c8e27de96385b7eccc6625ad2ccb5c4f4

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
content-encoding
gzip
etag
W/"1f71-FGmbpQFGvgOwZwYT5QpzODhiXDE"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
recaptcha.js
pt-xb.xyz/c_js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/c_js/recaptcha.js?placement=default&referer=https%3A%2F%2Farthyredir2.com%2F&doc_location=https%253A%252F%252Fyour-local-dream.com%252Fjump%253Fid%253D23862%2526tds_campaign%253Db4851yas%2526tds_id%253Db4851yas_jump_a_1565615261821%2526tds_oid%253D23862%2526tds_cid%253D9fa23600f986156b1223a7c44c69e03639e1546b%2526s1%253Dps%2526utm_source%253Dint%2526utm_campaign%253De3024637%2526utm_content%253D%2526data2%253Dwa8p7n054cvtec8d26btqva4%2526s3%253D%2526tds_host%253Dyour-local-dream.com%2526dci%253Dd9a0564f17b705a1704b9e1105102d710adf55ee%2526tds_ac_id%253Ds7806yas%2526_tgUrl%253DaHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%25253D%25253D%2526tds_rt%253D&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.197.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
0c720233fc8969a4f08651e405c0ca70c56fee9f2631df7dca6bece8728a6bf1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
content-encoding
gzip
etag
W/"5d2-4q9BrMVybZjoy5k+x1+GXpBcHtA"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rtr
pt-xb.xyz/ 		10 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/rtr?referer=https%3A%2F%2Fyour-local-dream.com%2Fjump%3Fid%3D23862%26tds_campaign%3Db4851yas%26tds_id%3Db4851yas_jump_a_1565615261821%26tds_oid%3D23862%26tds_cid%3D9fa23600f986156b1223a7c44c69e03639e1546b%26s1%3Dps%26utm_source%3Dint%26utm_campaign%3De3024637%26utm_content%3D%26data2%3Dwa8p7n054cvtec8d26btqva4%26s3%3D%26tds_host%3Dyour-local-dream.com%26dci%3Dd9a0564f17b705a1704b9e1105102d710adf55ee%26tds_ac_id%3Ds7806yas%26_tgUrl%3DaHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%253D%253D%26tds_rt%3D
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.197.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
etag
W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
10
your-local-dream.com
pt-xb.xyz/v1/recaptcha/inject/ 		98 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pt-xb.xyz/v1/recaptcha/inject/your-local-dream.com?placement=default&referer=https%3A%2F%2Farthyredir2.com%2F&doc_location=https%3A%2F%2Fyour-local-dream.com%2Fjump%3Fid%3D23862%26tds_campaign%3Db4851yas%26tds_id%3Db4851yas_jump_a_1565615261821%26tds_oid%3D23862%26tds_cid%3D9fa23600f986156b1223a7c44c69e03639e1546b%26s1%3Dps%26utm_source%3Dint%26utm_campaign%3De3024637%26utm_content%3D%26data2%3Dwa8p7n054cvtec8d26btqva4%26s3%3D%26tds_host%3Dyour-local-dream.com%26dci%3Dd9a0564f17b705a1704b9e1105102d710adf55ee%26tds_ac_id%3Ds7806yas%26_tgUrl%3DaHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%253D%253D%26tds_rt%3D
Requested by
Host: pt-xb.xyz
URL: https://pt-xb.xyz/c_js/main.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.197.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-197-116.eu-central-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
6e7997fa6781c5636aa078e5b9fb7f30774d7cf54f126c2a82b56871a3e315ad

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://your-local-dream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:17:10 GMT
etag
W/"62-yvlWBBkeR2xZAn6kr733sF6/lQA"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
98

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery object| _ins_opt string| _pixel_url string| _pixel_scr object| adsLayer object| DataCloudEC function| _dct object| WebPushMotivationPopup object| google_tag_manager function| onRecaptchaLoadCallback object| ufApp object| _0x466c function| _0x51dc03 function| _0x2550

7 Cookies

Domain/Path Name / Value
arthyredir2.com/ Name: testcodgadgoki
Value: 0
.arthyredirtrk.online/ Name: 4f7f68b2-085b-499d-be21-facb4ea6eee6-v4
Value: o3Mvv5mN3KmefkrZxIsbHLfGpSnfAYvTYrwmUHTEE3c
.arthyredirtrk.online/ Name: cc-v4
Value: vcANK8NalDADKy7xncE70sFLDsyj7Cv1A%2Bn%2FH1ZhkOftNUBUzEQLFNpOb6XBfb7daQIEKm10jTzQC0m48BJlsYUwNldm%2B6SOs6KrulU4YUQ7ppluBngEzi5trRpr0WYM1pUg4fmGURDV7XOrJHBVAw%3D%3D
.your-local-dream.com/ Name: dci
Value: d9a0564f17b705a1704b9e1105102d710adf55ee
your-local-dream.com/ Name: dm
Value: fe450dd0d1dadc615429144d33241f42
.retarget2core.com/ Name: dci
Value: 11853b1d7290f734f03fb3794fb3387e4c9fc1d6
pt-xb.xyz/ Name: visitor_id
Value: 61dc23c68e57700031fa5753

1 Console Messages

Source Level URL
Text
rendering warning URL: https://your-local-dream.com/jump?id=23862&tds_campaign=b4851yas&tds_id=b4851yas_jump_a_1565615261821&tds_oid=23862&tds_cid=9fa23600f986156b1223a7c44c69e03639e1546b&s1=ps&utm_source=int&utm_campaign=e3024637&utm_content=&data2=wa8p7n054cvtec8d26btqva4&s3=&tds_host=your-local-dream.com&dci=d9a0564f17b705a1704b9e1105102d710adf55ee&tds_ac_id=s7806yas&_tgUrl=aHR0cHM6Ly95b3VyLWxvY2FsLWRyZWFtLmNvbS90ZHMvYWUvdGcvcy81YmUyNjk2YmYyZWE4OWYxMDg0OWYzYjRmMWU1MjI5ZD9fX3Q9MTY0MTgxNzAyOTczMCZfX2w9MzYwMA%3D%3D&tds_rt=(Line 8)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arthyredir2.com
arthyredirtrk.online
fonts.googleapis.com
fonts.gstatic.com
fotonaldi.it
pt-xb.xyz
retarget2core.com
www.cdn2reference.com
www.googletagmanager.com
your-local-dream.com
18.158.102.47
18.184.38.55
18.185.46.83
2600:9000:2156:9a00:6:74ba:b80:93a1
2606:4700:3032::6815:4e4f
2606:4700:3036::ac43:9d2a
2a00:1450:4001:80f::2008
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
52.29.197.116
0ba23375c737f2bdac0043d9b929cdea0bda7f4a5ef438829d2974c83a596832
0c720233fc8969a4f08651e405c0ca70c56fee9f2631df7dca6bece8728a6bf1
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
16721fbda841ecfd9ec404cbcb4196e696893d0df1e178ef39ce138fa945cfec
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
1e09562560ad42ad5d1079e9e3d974b194a7eb770048fba645d381edd37f7850
2224331a6b55de54212a989ab421301dabe2ebce44525e1f11782ba07e0009ae
24e468ea410942f04eebc2383136721bed3873997aa4fc6dde74b38dd8bd1859
3011368869ee1922eb0b82057cc6e63d0aec0795d13f7024116198f9e9b7f53f
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34e0014ab8b33152ff32376720376b0f6ddde3bc6519b1ae5e474f0f2c017b06
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
44c2f2a9fab8ca1131ac12f252d7ca690f1bb4488856e62a15ef7c6369f185b2
4713436f484149b42a9f50c808fd5dfff3fc50ffbef345b5737ac500371c01e9
68b386720b07071787ce8d8331b1a911b47f7882a1a281b8c3a56bfb65477599
6a7e89545d76648565b32f99c4275de332fd9bb8d1ec0f16e2b2b5a6d5212479
6e7997fa6781c5636aa078e5b9fb7f30774d7cf54f126c2a82b56871a3e315ad
742cdd2b68a2026b74e8abf7f374d43d57be02dc3428524c0a355b893677d9e7
7d61977a9fd9b646c9c8485466381ae9cd6df037e9fc15214c5768ed2d44a961
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8595cd0db5af05f90a469f9a05315f22c17c8069af3dc754602059194c0c3d6b
85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f
89f1911d604623b1e3f80d49b4f15fb23cd9ae00813d84720bde3f6ffb0348cf
983ac79ede15e0ec22310e8722a667826b6fa3ba7b509af7e4dbeab910cb0951
a1fcc166aa8188d638992dbd8f4c0d6fda4ae881c91625221706bae59d1952f2
a30fa26bd37f4b1242f980df4d25547ab69540cc9016e336a741a6ad011e7555
a3ab807e2379cd0de556aff10dcaf61d74e205ead17cf49f466d13d26b7ff4cd
a554bc01c16e43dc6dd258c927b93cba7cd06f82e1b0cbe177232bdf955c0246
a941fc52b2621cd3760c703494015a93d411724c02bd64fd1f146ec7ea7acd73
ac25e147273cc95dbcf3c4f2d41c7d6f3a27f943d69866d26b36915e1d63b616
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53
b70d5923d2a25d5107e944bbc86f46b29c906cba6e11321b35e5af4cbcc5dc3e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
f0d4cf0f17790a8c1e3cccbfaa86e94c8e27de96385b7eccc6625ad2ccb5c4f4
f2ec915fccb90004b496a8b1f948f3785808bfcb63b6ba4fdc22dacc17d7b275
f73e4f17cfbe49872871916872e56ea02c6036b6bc4276670437ce0d2894c0fd