urlscan.io logo urlscan.io
SecurityTrails logo

qldshade.stagingurl.net Open in urlscan Pro
172.67.195.69  Public Scan

Go To Rescan Add Verdict Report
URL: https://qldshade.stagingurl.net/
Submission: On June 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 172.67.195.69, located in United States and belongs to CLOUDFLARENET, US. The main domain is qldshade.stagingurl.net.
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: 3 months.
This is the only time qldshade.stagingurl.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 172.67.195.69 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.48 2635 (AUTOMATTIC)
22 6
17    172.67.195.69 (United States)

ASN13335 (CLOUDFLARENET, US)
qldshade.stagingurl.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
Apex Domain
Subdomains		 Transfer
17 stagingurl.net
qldshade.stagingurl.net
638 KB
2 gstatic.com
fonts.gstatic.com
97 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 3918
639 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
3 KB
22 5
Domain Requested by
17 qldshade.stagingurl.net 1 redirects qldshade.stagingurl.net
2 fonts.gstatic.com fonts.googleapis.com
1 s.w.org qldshade.stagingurl.net
1 www.youtube.com qldshade.stagingurl.net
1 fonts.googleapis.com qldshade.stagingurl.net
22 5

This site contains no links.

Subject Issuer Validity Valid
stagingurl.net
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://qldshade.stagingurl.net/
Frame ID: B713051829167F687045998A1642BEA0
Requests: 35 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HjbpWr8_A5A?wmode=opaque&rel=0&enablejsapi=1
Frame ID: 6F52A7A183AFE23D6E3FBE4F15E9A86C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

qldshade

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Page Statistics

22
Requests

91 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

738 kB
Transfer

1074 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://qldshade.stagingurl.net/favicon.ico HTTP 302
  • https://qldshade.stagingurl.net/wp-includes/images/w-logo-blue-white-bg.png

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qldshade.stagingurl.net/ 		59 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9278c8b7740ed6500f24e2c4da2586bb218927996ffc0749ff4002c8c5b49a1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8927e0c7ba8939df-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 12 Jun 2024 06:45:27 GMT
link
<https://qldshade.stagingurl.net/wp-json/>; rel="https://api.w.org/" <https://qldshade.stagingurl.net/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://qldshade.stagingurl.net/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSD03Y7zP1TqDIJOW6n4lg%2Fihta185nDUDQObKGEgr4hePXy8c6xTezlGMnb2oKl5IPqyjWITAn%2Bb6s4QVV1nuBePHtWkMeDMrHwovPnbShN%2B%2BfbJ3%2B5g9NhZmeu9RdTTSyYOrDeZ8vdyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
frontend.min.css
qldshade.stagingurl.net/wp-content/themes/bricks/assets/css/ 		116 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qldshade.stagingurl.net/wp-content/themes/bricks/assets/css/frontend.min.css?ver=1718095446
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bebcb90658467e9380fab1988d781357b346a9b0378d44e0d6583851b4b0b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 08:44:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d1ae-66680e56-fce25;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufbTKf%2BP1gtv2jt3flmcjI9O%2FJEHKyqzn%2BvYnqRtp9Ll%2FrPBWCW9Q8V2GTUwhqLp9USaUvLsmz46tcunDbWTsRPGkridkPTRy8J3xCch0qiPpwn3tmFm31KiuaHRLJ%2F8kP%2BPZKRb1ATeaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
8927e0ce19c439df-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 12 Jun 2024 18:45:28 GMT
style.css
qldshade.stagingurl.net/wp-content/themes/bricks-child/ 		260 B
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qldshade.stagingurl.net/wp-content/themes/bricks-child/style.css?ver=1718002262
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8e980bb66f2c4ff91ae6a46eefd0bda20abfcfd1eaf4d60190544f08b35fc9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:28 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 06:51:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"104-6666a256-fcec0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CJptwJ%2BIH3gZfnGsiw%2ByfA1a7jns6ndmyP8uXgPbANpQn25tmt1TuLFip2tSehb8cLa4DYH0JsnxGSeJ8uiFUu7YDLJtMqegXoLG7SbfTbhEynSmg6rD6vVovKDmpYt3P43MDmPAjqBJxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
8927e0ce19c639df-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 12 Jun 2024 18:45:28 GMT
ionicons.min.css
qldshade.stagingurl.net/wp-content/themes/bricks/assets/css/libs/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qldshade.stagingurl.net/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1718002234
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ffa11c1b4bb7c83f7344764d9b78223a11f330384712fe1ec76aa8850f8b78

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 06:50:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"724d-6666a23a-fce32;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1Ivl5vKsaLfArt59TQxSKATr2cphGXLjQjn2N7%2BzymR1TwGSnBKrpW3ZDutZYvH0rlfCNFLXXOU%2FWColwps5RuAuWyeLLX2EJW8zVYLZIcCJIeD38u48A8JgTmkxbQIQy%2F3I9l%2BPnksaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
8927e0ce39e739df-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 12 Jun 2024 18:45:28 GMT
css2
fonts.googleapis.com/ 		89 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap&family=Work+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b563ba46e490d781d2fec7061cb6e11c0d962d1e6e13e991434b6254bf14e25f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 06:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 06:45:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 06:45:27 GMT
Layer-1.png
qldshade.stagingurl.net/wp-content/uploads/2024/06/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qldshade.stagingurl.net/wp-content/uploads/2024/06/Layer-1.png
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38c437d48382b45dcdfbcc767d603e84e0dda10f1283683938908a898a91b19

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:28 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 04:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4d4c-6667ce7b-ed10;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OE%2BCVwnPzzYsxhbH7R5heQ%2BQUgi8AU5tm6zQSFrEm3Mk0b8paw4D1kFAT1mty5Da5rrUh5f%2B4uR%2BgfM6RuysTc6dIFdBI10siR2XNJeYxYzm5OxsU1nxMZJzdbs%2F0VYjWrjB1cEsFfJJNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0ce39ed39df-FRA
alt-svc
h3=":443"; ma=86400
content-length
19788
expires
Wed, 12 Jun 2024 18:45:28 GMT
3353f3a2-051a-4743-b0f4-95a01cf67a72
https://qldshade.stagingurl.net/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://qldshade.stagingurl.net/3353f3a2-051a-4743-b0f4-95a01cf67a72
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
980e1ffc4d755fa43d3633bb2f8e8c29739d7a46d19c08c7910394effd47f1d5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57d70aa60410c576b14f8ae457c7d060c3f2141ad490343660aae19ef0b6c24b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e04aea818248a04c404466d63745473144f2581fa30d3c14409d09f308889f62

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad9552ee8210fd9d0e25e81c0c701bf52e0b5087a59b32c3e9ba29f40583748e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
106c2d938b4b22be4d5544d07540255fda22448a73a6d9cddfa830b4023c76f2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8a165d0e906d51ce433f05da971c73cc0d31a31535f159b75cc151a136745eb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9beee2cb8dca25b7dd17d6c0aa156336ac2ccaa995a37e691794082fdfa69c7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f12fa7171cf89b6efd3d14e9896ac2ae4032b67b730627b68ab627175c7375f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c0c73c52c6ab35b41dba25c6c83e9e8664283d8095b97f5c67b3265db1dccb3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27742a5b5cbd3eb54bfc63aeb82f99ee6d1465ffc129b8bb6ff005780d4d32f9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d6f00b0c640cb73bf5a9afd2493944e1f26c9e5517b5edde6d9ce3a23ffc398

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6c7284778cf8b5b459a4bcce12a8f9cf9785a9c071ee196bb347bec9da79342

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1dd07ae1e6dfc2dd884faa58f23428572c1b93edc73d03961d6fd6c01f6b901

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d82c79cbd12dd8f2cef77b979d7c5d27df688b387bc8a5721dee4f29fe79928d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
bricks.min.js
qldshade.stagingurl.net/wp-content/themes/bricks/assets/js/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qldshade.stagingurl.net/wp-content/themes/bricks/assets/js/bricks.min.js?ver=1718002234
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec085b1841b86b2160725d68a123a8f576fc0ac7108ca43f98214f716caf2335

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 06:50:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"19a80-6666a23a-fce96;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FM%2B2wMCjY59c8GoKAYubqYR07xFjMFQq64hQpSsRfTPxAAx4O%2BMkozG2PSfP9rNHxb2xSCGQC6%2FVl74FXRCLR%2F%2BqUCMDuST1FMbnHMu23r01DupqGFJ5OxJSMhCVu7wsGa03OZOLFGYmaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=43200
cf-ray
8927e0cf0ac939df-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 12 Jun 2024 18:45:28 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap&family=Work+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://qldshade.stagingurl.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 23:37:47 GMT
x-content-type-options
nosniff
age
112061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Jun 2025 23:37:47 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap&family=Work+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://qldshade.stagingurl.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 11:32:53 GMT
x-content-type-options
nosniff
age
69155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 11:32:53 GMT
ionicons.woff2
qldshade.stagingurl.net/wp-content/themes/bricks/assets/fonts/ionicons/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qldshade.stagingurl.net/wp-content/themes/bricks/assets/fonts/ionicons/ionicons.woff2
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1718002234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
649218d06ada6cbd24cd0a01d080a34b497c2c65f16792e3e4afee7bf950e558

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1718002234
Origin
https://qldshade.stagingurl.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:30 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 06:50:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c5c8-6666a23a-fcea8;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bN9Jwr%2BuTLATVfb8duyA%2B%2BCwApAOI7tdgzKR%2BmdJYS4PZRSFHt19A%2FNQaIjQFipn0QxOF67RgIOXRQh98leFY1Ht8ej0QYqS0jE%2Fwnk52mqy2%2BeE8NaIO%2BWrK%2BBeT0iHV9hUbBiCxSY%2BDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0d63d5d39df-FRA
alt-svc
h3=":443"; ma=86400
content-length
50632
expires
Wed, 12 Jun 2024 18:45:29 GMT
wp-emoji-release.min.js
qldshade.stagingurl.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qldshade.stagingurl.net/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 06:36:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4926-66669efb-fbda6;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uivrK0t3iRtlLXttO7f2DIn66w51lRJPeTz8uHoTbx7ufKUqBOzpKwBURn%2BJkkdo%2FeeGDivAs3TG0w08G%2BeLUlq4ygOQpnbnJjLYS6BDC2Z08YXPPaCrGTSELC3HcIbY%2BaQHjEJpxMU5Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=43200
cf-ray
8927e0d72e7d39df-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 12 Jun 2024 18:45:29 GMT
Group-423.png
qldshade.stagingurl.net/wp-content/uploads/2024/06/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qldshade.stagingurl.net/wp-content/uploads/2024/06/Group-423.png
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548de948d8f7b8abb620e7abce7601dff53255db36ed757ab9d9ba943f63ccf3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:29 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 04:11:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3613-6667ce7d-ef51;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QMNYckMyZnrdXgjNXlzpfC9VN1KYrc80MdDf5QDawgn1vmWzRH3pXGvGq9GJA0TykUfYzNf276UPEDzXm7FWQ84cMBK9qRyoEICkCtFeNYXUlEoh7istvGBMO0REO5ZkAD19qYA5s3V%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0d76ec939df-FRA
alt-svc
h3=":443"; ma=86400
content-length
13843
expires
Wed, 12 Jun 2024 18:45:29 GMT
HjbpWr8_A5A
www.youtube.com/embed/ Frame 6F52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/HjbpWr8_A5A?wmode=opaque&rel=0&enablejsapi=1
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/wp-content/themes/bricks/assets/js/bricks.min.js?ver=1718002234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qldshade.stagingurl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jun 2024 06:45:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
6981eef6-352296515-637731271603866-1831216674742885822-n_10gi0m00gi0cc00003l01o.jpg
qldshade.stagingurl.net/wp-content/uploads/2024/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qldshade.stagingurl.net/wp-content/uploads/2024/06/6981eef6-352296515-637731271603866-1831216674742885822-n_10gi0m00gi0cc00003l01o.jpg
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72ac1dd35c036a99841e073de5543b351b051b5bca5898d2d26e2bd9d0e965e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:30 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 08:37:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4b8c-6666bb62-10d00;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AyWxAxhgOsGvRN3rJABux0GX61Gb%2F9n%2B83u9zqVfHXO3rIr9FA71AUlLFiimdx8m73qgNWD7bKySijmaxknbFPPLHX2k8A2%2BgtrfEOEKXy1gYDMi85oGA%2Bpe6LV9wSH%2F%2Fj%2FXdP%2FtJRJIww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0d76ecc39df-FRA
alt-svc
h3=":443"; ma=86400
content-length
19340
expires
Wed, 12 Jun 2024 18:45:29 GMT
IMG_5596-scaled-2-1024x768.jpg
qldshade.stagingurl.net/wp-content/uploads/2024/06/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qldshade.stagingurl.net/wp-content/uploads/2024/06/IMG_5596-scaled-2-1024x768.jpg
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
accf6314840e8412e65546ca12cab25bf4c8020e5ccc945e53f11a657bf58419

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:30 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 08:37:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1c4ce-6666bb61-fca9c;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5GZhWt460o6nrH43fn9EYQuK8wtBu9QvPf3s4WS2xBcO9efFdK8TovD0HyDA3xMeNNUNxiro6gcIcRQCDXJ%2Bmc4aIz1EUBwHZUOhF6Pw2bmyhld3guI3mhDOT%2FR%2FdxSpm7vhNsJ374SNCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0d76ed339df-FRA
alt-svc
h3=":443"; ma=86400
content-length
115918
expires
Wed, 12 Jun 2024 18:45:29 GMT
10-year-white.png
qldshade.stagingurl.net/wp-content/uploads/2024/06/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qldshade.stagingurl.net/wp-content/uploads/2024/06/10-year-white.png
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e1ce51645300adcb5c979e22f7170f5766894b7197c7132c173f458c551ea9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:30 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 08:27:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7030-6666b8dc-10cf8;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9zOX1oISksCi9XByJpAqD8IV3VE79GCKryFIop5rtqLqp4adGBMJ8238kuGb2QSToESkddNDnqTACytv61GHD3tFQIqjIxiTHmdFPMp5KhniekQpTd%2F46g%2FEr6YZ91Rx4%2BQOb7wNLrzew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0d76ed539df-FRA
alt-svc
h3=":443"; ma=86400
content-length
28720
expires
Wed, 12 Jun 2024 18:45:29 GMT
arrow-608x1024.png
qldshade.stagingurl.net/wp-content/uploads/2024/06/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qldshade.stagingurl.net/wp-content/uploads/2024/06/arrow-608x1024.png
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
748807b7bfd1a13c0801d9d7a36316aea3d151b24570e45900732d1b12a5ef4d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:30 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 09:22:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6d18-66681757-faf45;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2y3BkmaODzU2SsuM7wURQdWxNcpUdXLoQ40xSZDiDYiVIlqPRiPKg48xvNhr8d9KovRDXADgVbt12f%2FqS1krevYIHXz9X5rBCMo9X1i%2FDbXYJ9o%2BvSwNeSWe2LWg7rkduJgevOAmT1Og5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0d76ed839df-FRA
alt-svc
h3=":443"; ma=86400
content-length
27928
expires
Wed, 12 Jun 2024 18:45:29 GMT
10-1024x685.jpg
qldshade.stagingurl.net/wp-content/uploads/2024/06/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qldshade.stagingurl.net/wp-content/uploads/2024/06/10-1024x685.jpg
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd86074b5cc529bf8ac99fc0a9152c824b5642b374d3f2e0b6c5569ed4fa48d5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:30 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 08:37:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"27631-6666bb5f-fca88;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPKDzZReyO1DruPc%2BEIG5JSTWHr%2B11YhDBjdq3WtL9%2FN5PDPeMzHV5zNPavfLwrdMxt9SuFsjkm2m23hQVHuRoZXAf%2BGvx0FhzOGeMAL0hcjfcs6P6BBJmHaO3zV3pjqPlgfRfEaZ8uhRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0d76edd39df-FRA
alt-svc
h3=":443"; ma=86400
content-length
161329
expires
Wed, 12 Jun 2024 18:45:29 GMT
IMG_8161-scaled-1-1024x768.jpg
qldshade.stagingurl.net/wp-content/uploads/2024/06/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qldshade.stagingurl.net/wp-content/uploads/2024/06/IMG_8161-scaled-1-1024x768.jpg
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b196c78ca67558bc2c4a8a264daab6f21bf8ce2f0213a6d173a5e031c962b81

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 06:45:30 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 07:44:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2043c-6666aef2-faea7;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zaa5a3oRMQTcxj02Qt1FhxNJLXvkFy0B%2BiwRDzez9xhGYp1ZPnQ6HHZ%2Bo15UfXXDNK2o%2FD1c1MNi4QGS0Qvn4vn6SdHgu59kcA3R1pOqyPwlnk6hBrWFFOERFcSGue2xO5ZwaaVfSdGGWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0d77ee939df-FRA
alt-svc
h3=":443"; ma=86400
content-length
132156
expires
Wed, 12 Jun 2024 18:45:29 GMT
1f642.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		525 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/1f642.svg
Requested by
Host: qldshade.stagingurl.net
URL: https://qldshade.stagingurl.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qldshade.stagingurl.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT ams 1
date
Wed, 12 Jun 2024 06:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 01:18:13 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
w-logo-blue-white-bg.png
qldshade.stagingurl.net/wp-includes/images/
Redirect Chain
  • https://qldshade.stagingurl.net/favicon.ico
  • https://qldshade.stagingurl.net/wp-includes/images/w-logo-blue-white-bg.png
4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qldshade.stagingurl.net/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
172.67.195.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qldshade.stagingurl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 12 Jun 2024 06:45:35 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 06:36:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1017-66669efb-fc049;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AT7nY7%2FnNF1EaD64Qzj0mwl%2FsnlVqZpSsZlhF2iL4DYj5C0fs%2FgQZslxuSGotK60fafAAPIhcidU044hC%2B0WINCnRsZynL%2BOhKxCrm8XWdy0QbMUEO2xvQ26fFzCdBv7wqlENzw33UyqNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
8927e0fa4ca939df-FRA
alt-svc
h3=":443"; ma=86400
content-length
4119
expires
Wed, 12 Jun 2024 18:45:35 GMT

Redirect headers

date
Wed, 12 Jun 2024 06:45:34 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
x-litespeed-cache
miss
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtHW7nYW8oW7WHY8jlQFmCBrQ1osnzeyTQHUsc44jSqJF8TkaX%2Fl564C2vC9sN9Uk6uzHTx6NQ3nokZHssYORec34DnzK66XnIkz7eI5AthLfX57hghL9tIuIp7BlruoEDlFGW1HiLVwVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://qldshade.stagingurl.net/wp-includes/images/w-logo-blue-white-bg.png
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
356_HTTP.200,356_HTTP.302,356_default,356_URL.b54ff2eddcb0060bcd786ce388d8d4d7,356_
cf-ray
8927e0e7c8ee39df-FRA
link
<https://qldshade.stagingurl.net/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings object| bricksData function| _typeof function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _defineProperty function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _classCallCheck function| BricksIntersect function| BricksIsInViewport function| bricksQuerySelectorAll object| bricksUtils function| BricksFunction object| bricksLazyLoadFn function| bricksLazyLoad object| bricksAnimationFn function| bricksAnimation object| bricksInitQueryLoopInstancesFn function| bricksInitQueryLoopInstances function| bricksAjaxLoader function| bricksQueryLoadPage object| bricksQueryPaginationFn function| bricksQueryPagination function| bricksStickyHeader function| bricksOnePageNavigation function| bricksSearchToggle object| bricksAlertDismissFn function| bricksAlertDismiss object| bricksTabsFn function| bricksTabs object| bricksVideoOverlayClickDetectorFn function| bricksVideoOverlayClickDetector object| bricksBackgroundVideoInitFn function| bricksBackgroundVideoInit object| bricksPhotoswipeFn function| bricksPhotoswipe function| bricksGetLightboxVideoNode object| bricksAccordionFn function| bricksAccordion object| bricksAnimatedTypingFn function| bricksAnimatedTyping object| bricksAudioFn function| bricksAudio object| bricksPostReadingTimeFn function| bricksPostReadingTime object| bricksCountdownFn function| bricksCountdown object| bricksCounterFn function| bricksCounter object| bricksTableOfContentsFn function| bricksTableOfContents object| bricksFormFn function| bricksForm function| bricksSubmitForm function| bricksRegenerateNonceAndResubmit object| bricksIsotopeFn function| bricksIsotope function| bricksIsotopeListeners object| bricksMapFn function| bricksMap object| bricksPieChartFn function| bricksPieChart object| bricksPricingTablesFn function| bricksPricingTables object| bricksPostReadingProgressBarFn function| bricksPostReadingProgressBar object| bricksProgressBarFn function| bricksProgressBar object| bricksSplideFn function| bricksSplide object| bricksSwiperFn function| bricksSwiper object| bricksVideoFn function| bricksVideo function| bricksFacebookSDK object| bricksPrettifyFn function| bricksPrettify function| bricksSkipLinks object| bricksInteractionsFn function| bricksInteractions function| bricksPopups function| bricksScrollInteractions function| bricksInteractionCallback function| bricksInteractionCallbackExecution function| bricksOpenPopup function| bricksFetchPopupContent function| bricksClosePopup function| bricksPopupCheckLimit function| bricksPopupCheckBreakpoint function| bricksPopupCounter function| bricksInteractionCheckConditions function| bricksStorageGetItem function| bricksStorageSetItem function| bricksStorageRemoveItem function| bricksNavNested function| bricksNavNestedClose function| bricksOffcanvas function| bricksOffcanvasClose function| bricksToggleDisplay object| bricksToggleFn function| bricksToggle function| bricksSubmenuToggle function| bricksSubmenuListeners function| bricksSubmenuPosition function| bricksMultilevelMenu function| bricksNavMenuMobile function| bricksGetFocusables boolean| bricksIsFrontend object| bricksPauseMediaFn function| bricksGetQueryResult function| bricksDisplayQueryResult function| bricksSetVh object| bricksTimeouts object| twemoji object| wp

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: C18Vu7_4U9A
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: WroCEQNUsa4
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgJw%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
qldshade.stagingurl.net
s.w.org
www.youtube.com
172.67.195.69
192.0.77.48
2a00:1450:4001:80b::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::200e
106c2d938b4b22be4d5544d07540255fda22448a73a6d9cddfa830b4023c76f2
1b196c78ca67558bc2c4a8a264daab6f21bf8ce2f0213a6d173a5e031c962b81
27742a5b5cbd3eb54bfc63aeb82f99ee6d1465ffc129b8bb6ff005780d4d32f9
35ffa11c1b4bb7c83f7344764d9b78223a11f330384712fe1ec76aa8850f8b78
3c0c73c52c6ab35b41dba25c6c83e9e8664283d8095b97f5c67b3265db1dccb3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f12fa7171cf89b6efd3d14e9896ac2ae4032b67b730627b68ab627175c7375f
43bebcb90658467e9380fab1988d781357b346a9b0378d44e0d6583851b4b0b5
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
548de948d8f7b8abb620e7abce7601dff53255db36ed757ab9d9ba943f63ccf3
57d70aa60410c576b14f8ae457c7d060c3f2141ad490343660aae19ef0b6c24b
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
649218d06ada6cbd24cd0a01d080a34b497c2c65f16792e3e4afee7bf950e558
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
72ac1dd35c036a99841e073de5543b351b051b5bca5898d2d26e2bd9d0e965e3
748807b7bfd1a13c0801d9d7a36316aea3d151b24570e45900732d1b12a5ef4d
7c8e980bb66f2c4ff91ae6a46eefd0bda20abfcfd1eaf4d60190544f08b35fc9
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
980e1ffc4d755fa43d3633bb2f8e8c29739d7a46d19c08c7910394effd47f1d5
9d6f00b0c640cb73bf5a9afd2493944e1f26c9e5517b5edde6d9ce3a23ffc398
a38c437d48382b45dcdfbcc767d603e84e0dda10f1283683938908a898a91b19
accf6314840e8412e65546ca12cab25bf4c8020e5ccc945e53f11a657bf58419
ad9552ee8210fd9d0e25e81c0c701bf52e0b5087a59b32c3e9ba29f40583748e
b563ba46e490d781d2fec7061cb6e11c0d962d1e6e13e991434b6254bf14e25f
d2e1ce51645300adcb5c979e22f7170f5766894b7197c7132c173f458c551ea9
d6c7284778cf8b5b459a4bcce12a8f9cf9785a9c071ee196bb347bec9da79342
d82c79cbd12dd8f2cef77b979d7c5d27df688b387bc8a5721dee4f29fe79928d
d9beee2cb8dca25b7dd17d6c0aa156336ac2ccaa995a37e691794082fdfa69c7
dd86074b5cc529bf8ac99fc0a9152c824b5642b374d3f2e0b6c5569ed4fa48d5
e04aea818248a04c404466d63745473144f2581fa30d3c14409d09f308889f62
e9278c8b7740ed6500f24e2c4da2586bb218927996ffc0749ff4002c8c5b49a1
ec085b1841b86b2160725d68a123a8f576fc0ac7108ca43f98214f716caf2335
f1dd07ae1e6dfc2dd884faa58f23428572c1b93edc73d03961d6fd6c01f6b901
f8a165d0e906d51ce433f05da971c73cc0d31a31535f159b75cc151a136745eb