urlscan.io logo urlscan.io
SecurityTrails logo

tandlakeri.com Open in urlscan Pro
104.21.1.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://feedproxy.google.com/~r/ycpnbkh/~3/VnZbLiAXSm4/siltation.php
Effective URL: https://tandlakeri.com/
Submission: On September 16 via automatic, source urlhaus — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 24 HTTP transactions. The main IP is 104.21.1.38, located in and belongs to CLOUDFLARENET, US. The main domain is tandlakeri.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 5th 2020. Valid for: a year.
This is the only time tandlakeri.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.250.185.206 15169 (GOOGLE)
2 192.185.48.167 26337 (OIS1)
2 104.21.1.38 13335 (CLOUDFLAR...)
2 142.250.186.170 15169 (GOOGLE)
4 4 104.21.66.129 13335 (CLOUDFLAR...)
4 172.67.139.13 13335 (CLOUDFLAR...)
2 172.67.214.69 13335 (CLOUDFLAR...)
3 104.18.20.180 13335 (CLOUDFLAR...)
1 13.225.78.72 16509 (AMAZON-02)
2 51.161.92.183 16276 (OVH)
5 172.217.23.99 15169 (GOOGLE)
1 3.225.25.49 14618 (AMAZON-AES)
24 11
1    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
feedproxy.google.com
2    192.185.48.167 (United States)

ASN26337 (OIS1, US)
PTR: brandwingroup.com
forfacks.com
2    104.21.1.38 (None, )

ASN13335 (CLOUDFLARENET, US)
tandlakeri.com
2    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
4    104.21.66.129 (None, )

ASN13335 (CLOUDFLARENET, US)
app.groovefunnels.com
4    172.67.139.13 (United States)

ASN13335 (CLOUDFLARENET, US)
app.groove.cm
2    172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    104.18.20.180 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.grooveapps.com
1    13.225.78.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-72.fra2.r.cloudfront.net
cdn.heapanalytics.com
2    51.161.92.183 (Canada)

ASN16276 (OVH, FR)
PTR: ip183.ip-51-161-92.net
matomo.groovetech.io
5    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
fonts.gstatic.com
1    3.225.25.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-25-49.compute-1.amazonaws.com
heapanalytics.com
Domain Requested by
5 fonts.gstatic.com fonts.googleapis.com
4 app.groove.cm tandlakeri.com
4 app.groovefunnels.com 4 redirects
3 assets.grooveapps.com tandlakeri.com
2 matomo.groovetech.io tandlakeri.com
2 use.fontawesome.com tandlakeri.com
use.fontawesome.com
2 fonts.googleapis.com tandlakeri.com
app.groove.cm
2 tandlakeri.com tandlakeri.com
2 forfacks.com forfacks.com
1 heapanalytics.com tandlakeri.com
1 cdn.heapanalytics.com tandlakeri.com
1 feedproxy.google.com 1 redirects
24 12

This site contains no links.

Subject Issuer Validity Valid
forfacks.com
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-05 -
2021-11-04		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
*.groovetech.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-18 -
2022-08-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
heapanalytics.com
Amazon		 2020-12-24 -
2022-01-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://tandlakeri.com/
Frame ID: 0179EC396644CE6110AEAF3654341F86
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hem

Page URL History Show full URLs

  1. http://feedproxy.google.com/~r/ycpnbkh/~3/VnZbLiAXSm4/siltation.php HTTP 301
    https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycp... Page URL
  2. https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycp... Page URL
  3. https://tandlakeri.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

748 kB
Transfer

2281 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://feedproxy.google.com/~r/ycpnbkh/~3/VnZbLiAXSm4/siltation.php HTTP 301
    https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29 Page URL
  2. https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29 Page URL
  3. https://tandlakeri.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://feedproxy.google.com/~r/ycpnbkh/~3/VnZbLiAXSm4/siltation.php HTTP 301
  • https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
Request Chain 3
  • https://app.groovefunnels.com/groovepages/css/inpage_published.css HTTP 302
  • https://app.groove.cm/groovepages/css/inpage_published.css
Request Chain 4
  • https://app.groovefunnels.com/groovepages/css/chunk-vendors.css HTTP 302
  • https://app.groove.cm/groovepages/css/chunk-vendors.css
Request Chain 10
  • https://app.groovefunnels.com/groovepages/js/inpage_published.js HTTP 302
  • https://app.groove.cm/groovepages/js/inpage_published.js
Request Chain 11
  • https://app.groovefunnels.com/groovepages/js/chunk-vendors.js HTTP 302
  • https://app.groove.cm/groovepages/js/chunk-vendors.js

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
siltation.php
forfacks.com/
Redirect Chain
  • http://feedproxy.google.com/~r/ycpnbkh/~3/VnZbLiAXSm4/siltation.php
  • https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
937 B
541 B 		Document
General
Check archive.org
Download Go to
Full URL
https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.48.167 , United States, ASN26337 (OIS1, US),
Reverse DNS
brandwingroup.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
forfacks.com
:scheme
https
:path
/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 16 Sep 2021 19:08:55 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
444
content-type
text/html; charset=UTF-8

Redirect headers

Location
https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Thu, 16 Sep 2021 19:08:55 GMT
Expires
Thu, 16 Sep 2021 19:08:55 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Length
252
Server
GSE
siltation.php
forfacks.com/ 		956 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
Requested by
Host: forfacks.com
URL: https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.48.167 , United States, ASN26337 (OIS1, US),
Reverse DNS
brandwingroup.com
Software
Apache /
Resource Hash
8a0dfc57644b79d9a15472a86684bcc721f047b5d30a93c7cf2eabc4da7e4759

Request headers

:method
GET
:authority
forfacks.com
:scheme
https
:path
/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29
accept-encoding
gzip, deflate, br
cookie
d=0; n=Etc/Unknown
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://forfacks.com/siltation.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ycpnbkh+%28bitingspellbind%29

Response headers

date
Thu, 16 Sep 2021 19:08:56 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
485
content-type
text/html; charset=UTF-8
Primary Request /
tandlakeri.com/ 		338 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ac45218475ce48b083c31a771f96a087046934381d00fd83f81e18e1117ccd

Request headers

:method
GET
:authority
tandlakeri.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://forfacks.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://forfacks.com/

Response headers

date
Thu, 16 Sep 2021 19:08:57 GMT
content-type
text/html
last-modified
Tue, 03 Nov 2020 11:06:37 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjtQlrg%2B%2F8hL5M%2FeUmgKG6lSTqNb6dAgbspqT%2BBhmtncrRp8roP9OUHsvjqMfq9RGxD6pFRU7AY4Er%2B%2BmOjsRUY23Gn3W%2B7lYN4vBrcrY2vw3bedZGFBGqw163CF8vOuvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68fc62e9bc1e32bd-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		74 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
86532df979078bb8d18f6eda7d82fbba5507367534fc55813da9b777ca01b007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 19:08:57 GMT
server
ESF
date
Thu, 16 Sep 2021 19:08:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Sep 2021 19:08:57 GMT
inpage_published.css
app.groove.cm/groovepages/css/
Redirect Chain
  • https://app.groovefunnels.com/groovepages/css/inpage_published.css
  • https://app.groove.cm/groovepages/css/inpage_published.css
362 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/css/inpage_published.css
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5949002a116a1582e56d4b4ddc5a6263f24087df3945c9ad2dbc5f6c54578ae4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Sep 2021 12:18:36 GMT
server
cloudflare
age
2160
etag
W/"6143361c-5a968"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC6lK0e%2FVKrb5oEoDXHBr66wuq7MAEOJ8ws7CFBfffSPUvfgjXiV30X4iOu1lDWcOEbNnxDCsVtQnyDSNugHn8rMRsGFj4LqyGa1QlwCyRsf9tL1RL6ZEsy0nSZUf%2FQs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68fc62ecbc6f53fd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 16 Sep 2021 19:08:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moNKKHIudBTuRhgO8ql3f1FW%2FuU6uc9oNjRUyeBGL%2Fuywl%2FCbZ%2F3YSMOSsFhX86iESVRwAModU%2BGngbw%2B%2BWHSInr2yfOLewfu%2FoZPmLnq4xtpB5J99xXFts1KnsJN6G8dOqyK0jL%2Ffc%3D"}],"group":"cf-nel","max_age":604800}
location
https://app.groove.cm/groovepages/css/inpage_published.css
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
68fc62ec3b8f3a1d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
chunk-vendors.css
app.groove.cm/groovepages/css/
Redirect Chain
  • https://app.groovefunnels.com/groovepages/css/chunk-vendors.css
  • https://app.groove.cm/groovepages/css/chunk-vendors.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/css/chunk-vendors.css
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Thu, 16 Sep 2021 19:08:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vu7py4IvCeRY9LTY%2BY8MaIy3AGlh%2BewWG1i3NWKpMi7mpYXRD0Pf3engLKOBAFHzuS9ywxMGBfOu31l4JxkCh1VklRhOXm1glCQmIFtxLOcQDrzDlvdgofG%2Bg43vMPoxObbJjO9h1g%3D"}],"group":"cf-nel","max_age":604800}
location
https://app.groove.cm/groovepages/css/chunk-vendors.css
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
68fc62ec3b943a1d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
all.css
use.fontawesome.com/releases/v5.13.0/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Referer
https://tandlakeri.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:58 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RJC0EE6AYE0JD0YF
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
PdPVwXulrC6c5A87wKpq5f43JtfTOXJXD+qbpA2eczhIykqVnHzZgQeqsmEqYc0ArlzzmoM7alY=
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
W/"76cb46c10b6c0293433b371bae2414b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRNaFabWMYb5zedTCQLICRbNRn5u3V3FgCYQkkq8zdUWxcHbicTxrz2G5In0MHJByqW3ytoAoOCfYVH3EGzJiqgT1ouEeHE%2B%2BoUvI7MRAPBsmx4lPYc2ePLgNv92ERRUsc5NEpxg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
68fc62ef5af774db-EZE
navmenu-lib.web.js
assets.grooveapps.com/plugins/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.grooveapps.com/plugins/navmenu-lib.web.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a9dac45eb5d5947c5ab8f57d56dbb2c8d1c5b43dce0ce78d578a87ed21afbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:57 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ADPycdv8TaOYwou7rCzN8iZzQlCpmOQvkTM4Dvxt7TBeHD5t5Idqh5Qky6pAcr3iWPzM-RpHvd-ToR_P3oXmnJPSkNNxRt8RkA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 15 Sep 2021 18:49:09 GMT
server
cloudflare
etag
W/"dd1d4da26edb3c96c9848c3c4e7be2c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=guoaqQ==, md5=3R1Nom7bPJbJhIw8Tnvixg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1631731749586240
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
64255
cf-ray
68fc62ed1e93edbb-CDG
expires
Fri, 16 Sep 2022 19:08:57 GMT
css2
fonts.googleapis.com/ 		687 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6177dce6a20ed4e9095210a9262cd09976e6a09654b5bda988c39edf6bd102fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 19:00:44 GMT
server
ESF
date
Thu, 16 Sep 2021 19:08:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Sep 2021 19:08:57 GMT
1599220593_mf-logo.png
assets.grooveapps.com/images/5ea2b4c4b0103d0de18a5d6c/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ea2b4c4b0103d0de18a5d6c/1599220593_mf-logo.png
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef1409f5539231f61c1e25c4f01712bd804d9d030ef603445a97c2738c4f594

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:58 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=5585
x-guploader-uploadid
ADPycduWGFZpDgE9ZFGizvz_6G9NRt-rvEbhTT61-IsnFa1YroYy91EB8E1aPIFAGaWBLvUV5t0OoT4Y1oU1OFN_xRCsrJu5tQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1599220593_mf-logo.webp"
content-type
image/webp
content-length
1752
expires
Thu, 16 Sep 2021 23:08:58 GMT
last-modified
Fri, 04 Sep 2020 11:56:33 GMT
server
cloudflare
etag
"9a7d33f7b957bad2e4dd2dec0b6c9ac3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=Fl2/pw==, md5=mn0z97lXutLk3S3sC2yaww==
x-goog-generation
1599220593466336
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
5585
accept-ranges
bytes
cf-ray
68fc62ef999bedbb-CDG
cf-bgj
imgq:85,h2pri
email-decode.min.js
tandlakeri.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tandlakeri.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tandlakeri.com
referer
https://tandlakeri.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Sep 2021 16:30:56 GMT
server
cloudflare
etag
W/"61421fc0-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BU934QpjK7BHn%2Bfp3YC6AtO%2B84TZK5iVJRm%2Bp%2BWm05YspXyHGuRKpuB%2BO5IiEjnWKMp%2FlwkmNWk%2FFQl6R0Of341PbsKOY%2BRl9goo6pdFZCmGKN%2FU4bXMtaVEjA21YzAppw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68fc62ee8f893a5d-CDG
vary
Accept-Encoding
expires
Sat, 18 Sep 2021 19:08:58 GMT
inpage_published.js
app.groove.cm/groovepages/js/
Redirect Chain
  • https://app.groovefunnels.com/groovepages/js/inpage_published.js
  • https://app.groove.cm/groovepages/js/inpage_published.js
82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/js/inpage_published.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce883cff95dbd1bfc61fb3228a89286aeaec4c0c0eb2aa5e1159aec479becf78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Sep 2021 12:18:36 GMT
server
cloudflare
age
2160
etag
W/"6143361c-147d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXf4xhXK5sJQFp3WkivdVNXnT9ZhGIGpnyUt4izGZ1Jq%2FSmRIdeZZBXU%2BuUd25bruW6MFSliks8mTjf%2FQYL79sE0%2BKiO%2BwapaErlJbqG4evtR4daO0AzCYlC4Xfej8LL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68fc62ef182053fd-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 16 Sep 2021 19:08:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCdEh1yBnkOjxY%2BTFaQlwMbAlGqr2ZmjGTzBOcc1vG9h5zmcfH9Cp3GPnW1vmRVb3nJnbN0Gg4WJ0YYtA6kQ8vvi9WyOh4fpmV0VdhrlZkBUSMzEO%2BnkZFShFMRusD4DAz3sUatFmH4%3D"}],"group":"cf-nel","max_age":604800}
location
https://app.groove.cm/groovepages/js/inpage_published.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
68fc62eecee04075-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
chunk-vendors.js
app.groove.cm/groovepages/js/
Redirect Chain
  • https://app.groovefunnels.com/groovepages/js/chunk-vendors.js
  • https://app.groove.cm/groovepages/js/chunk-vendors.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/js/chunk-vendors.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Thu, 16 Sep 2021 19:08:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxsaFoim2Qf3cOn777SPcnQJGowyW9i3viGuJlAB5rpI1J5TlgwqQU4QoG5k%2BALjIYrO5AmJoI2W0E6DmzMRcPN9gOuRdUlqgIKMlOpn6GP%2BeXV0hpBeCeRv2ixt4f4e8IPHB1%2FeITs%3D"}],"group":"cf-nel","max_age":604800}
location
https://app.groove.cm/groovepages/js/chunk-vendors.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
68fc62ef48074075-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
heap-3364072150.js
cdn.heapanalytics.com/js/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3364072150.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-72.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3881a41b534b9c097b17de829c9ac8d8392547d59846aeb80aff5281bc3a8a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:07:15 GMT
content-encoding
gzip
server
nginx
age
104
etag
W/"1aba4-FWXZQJLUn8d1PQsDcSk2gA"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
u9FA6wLp-2Q3y5NwrWNBJZuyKzOEIoGKLPh2UFfECKzMP5wtHGv4fw==
matomo.js
matomo.groovetech.io/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 /
Resource Hash
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:59 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 21:11:02 GMT
server
nginx/1.19.2
etag
"19167-5aafa0f820d0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32444
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
355d1a0aab39a3e4fa816440ae57da9c544054d9615c3c41948f8cd93c610ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26d3fdff195132dd4c305ef61825ac7140da4a9406b958d5beeb0d3e410eefd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/jpeg
1604400823_23640756_at-the-dentist.jpg
assets.grooveapps.com/images/5eb102eb6039da124836458e/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5eb102eb6039da124836458e/1604400823_23640756_at-the-dentist.jpg?update=2
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c4a719a2e40e914130114e45ab05fc0e08332d3744748ccb4eedfae49f0e5bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:59 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvZ4w62Rkncyj9V5LaUNzd-S0Rwl6ebhgGo9JdeEbr2sYcLwNo4mHBkQNapwSGufpspcu4gJi3dL5lbfLc6StBSyi5yRw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
151389
last-modified
Tue, 03 Nov 2020 10:54:05 GMT
server
cloudflare
etag
"3d9457a0a99abdf85847a46c842363c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Rpdo/w==, md5=PZRXoKmavfhYR6RshCNjwA==
x-goog-generation
1604400845301862
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
151389
accept-ranges
bytes
cf-ray
68fc62f4d83cedbb-CDG
expires
Thu, 16 Sep 2021 23:08:59 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:47:28 GMT
x-content-type-options
nosniff
age
310891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:47 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:47:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options
nosniff
age
227141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:03:18 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:21:31 GMT
x-content-type-options
nosniff
age
312448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:21:31 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options
nosniff
age
91163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 17:49:36 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:17:51 GMT
x-content-type-options
nosniff
age
226268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:17:51 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:59 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8DB60N5ZMMR84CFF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
76612
x-amz-id-2
33WQ3ACT3PUqPVx/GlIdnsrFSS0gB7/ZhMMmgi3waKXcPrgf+F9oIYk2z+pS3XKZSRyUzC3kaLs=
last-modified
Wed, 30 Jun 2021 15:39:01 GMT
server
cloudflare
etag
"a06da7f0950f9dd366fc9db9d56d618a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GjzBDtax8QKky9rJUchBMIXPpxOJo%2B28AAkpHAVroOGxTZ1H0do0YAZzLQ86rvYAWe76%2F62utfAU0ugUv3PmraL9FVnXsg7rYTuNNWS7iWQqdhqM6IkFM6ZUfq9mIzaHlcm4wuz"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68fc62f609905991-IAD
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3364072150&u=8194492304892776&v=3705633749442127&s=1902592118498318&b=web&tv=4.0&z=0&h=%2F&d=tandlakeri.com&t=Hem&r=https%3A%2F%2Fforfacks.com%2F&ts=1631819339181&st=1631819339182
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.25.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-25-49.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 19:08:59 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
matomo.php
matomo.groovetech.io/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matomo.groovetech.io/matomo.php?action_name=tandlakeri.com%2FHem&idsite=4&rec=1&r=292654&h=19&m=8&s=59&url=https%3A%2F%2Ftandlakeri.com%2F&urlref=https%3A%2F%2Fforfacks.com%2F&_id=8a5114630dd8624d&_idts=1631819339&_idvc=1&_idn=0&_refts=1631819339&_viewts=1631819339&_ref=https%3A%2F%2Fforfacks.com%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension1=199428&dimension2=koYmL28g4&gt_ms=689&pv_id=uX7k5I
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.92.183 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip183.ip-51-161-92.net
Software
nginx/1.19.2 / PHP/7.4.16
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 19:08:59 GMT
cache-control
no-store
server
nginx/1.19.2
x-powered-by
PHP/7.4.16
content-length
43
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| heap object| _paq function| setupNavmenu boolean| isFreeUser function| encodeSite object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

7 Cookies

Domain/Path Name / Value
forfacks.com/ Name: d
Value: 0
forfacks.com/ Name: n
Value: Etc/Unknown
.tandlakeri.com/ Name: _hp2_id.3364072150
Value: %7B%22userId%22%3A%228194492304892776%22%2C%22pageviewId%22%3A%223705633749442127%22%2C%22sessionId%22%3A%221902592118498318%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
tandlakeri.com/ Name: _pk_ref.4.cd2d
Value: %5B%22%22%2C%22%22%2C1631819339%2C%22https%3A%2F%2Fforfacks.com%2F%22%5D
tandlakeri.com/ Name: _pk_id.4.cd2d
Value: 8a5114630dd8624d.1631819339.1.1631819339.1631819339.
tandlakeri.com/ Name: _pk_ses.4.cd2d
Value: 1
.tandlakeri.com/ Name: _hp2_ses_props.3364072150
Value: %7B%22r%22%3A%22https%3A%2F%2Fforfacks.com%2F%22%2C%22ts%22%3A1631819339181%2C%22d%22%3A%22tandlakeri.com%22%2C%22h%22%3A%22%2F%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.groove.cm
app.groovefunnels.com
assets.grooveapps.com
cdn.heapanalytics.com
feedproxy.google.com
fonts.googleapis.com
fonts.gstatic.com
forfacks.com
heapanalytics.com
matomo.groovetech.io
tandlakeri.com
use.fontawesome.com
104.18.20.180
104.21.1.38
104.21.66.129
13.225.78.72
142.250.185.206
142.250.186.170
172.217.23.99
172.67.139.13
172.67.214.69
192.185.48.167
3.225.25.49
51.161.92.183
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1c4a719a2e40e914130114e45ab05fc0e08332d3744748ccb4eedfae49f0e5bf
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26d3fdff195132dd4c305ef61825ac7140da4a9406b958d5beeb0d3e410eefd9
355d1a0aab39a3e4fa816440ae57da9c544054d9615c3c41948f8cd93c610ecc
3881a41b534b9c097b17de829c9ac8d8392547d59846aeb80aff5281bc3a8a53
46ac45218475ce48b083c31a771f96a087046934381d00fd83f81e18e1117ccd
47a9dac45eb5d5947c5ab8f57d56dbb2c8d1c5b43dce0ce78d578a87ed21afbc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5949002a116a1582e56d4b4ddc5a6263f24087df3945c9ad2dbc5f6c54578ae4
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
6177dce6a20ed4e9095210a9262cd09976e6a09654b5bda988c39edf6bd102fb
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946
7ef1409f5539231f61c1e25c4f01712bd804d9d030ef603445a97c2738c4f594
86532df979078bb8d18f6eda7d82fbba5507367534fc55813da9b777ca01b007
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8a0dfc57644b79d9a15472a86684bcc721f047b5d30a93c7cf2eabc4da7e4759
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce883cff95dbd1bfc61fb3228a89286aeaec4c0c0eb2aa5e1159aec479becf78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855