Submitted URL: https://access.dev-login.com/
Effective URL: https://tutorial.stoik.io/phishing
Submission: On August 28 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 38 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is tutorial.stoik.io.
TLS certificate: Issued by R3 on August 2nd 2023. Valid for: 3 months.
This is the only time tutorial.stoik.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 63.35.119.213 16509 (AMAZON-02)
1 52.223.52.2 16509 (AMAZON-02)
3 2600:9000:238... 16509 (AMAZON-02)
26 2600:9000:249... 16509 (AMAZON-02)
3 143.204.9.92 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
38 9
Apex Domain
Subdomains
Transfer
26 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 82145
8 MB
3 framer.com
events.framer.com — Cisco Umbrella Rank: 97774
13 KB
3 weglot.com
cdn.weglot.com — Cisco Umbrella Rank: 10256
44 KB
2 rive.app
public.rive.app — Cisco Umbrella Rank: 704024
77 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 886
84 KB
1 cdn-api-weglot.com
cdn-api-weglot.com — Cisco Umbrella Rank: 76647
4 KB
1 framerstatic.com
app.framerstatic.com — Cisco Umbrella Rank: 133254
19 KB
1 stoik.io
tutorial.stoik.io
24 KB
1 dev-login.com
access.dev-login.com
140 B
38 9
Domain Requested by
26 framerusercontent.com tutorial.stoik.io
framerusercontent.com
3 events.framer.com tutorial.stoik.io
events.framer.com
3 cdn.weglot.com tutorial.stoik.io
cdn.weglot.com
2 public.rive.app framerusercontent.com
1 unpkg.com framerusercontent.com
1 cdn-api-weglot.com cdn.weglot.com
1 app.framerstatic.com tutorial.stoik.io
1 tutorial.stoik.io
1 access.dev-login.com 1 redirects
38 9

This site contains no links.

Subject Issuer Validity Valid
tutorial.stoik.io
R3
2023-08-02 -
2023-10-31
3 months crt.sh
*.weglot.com
Amazon RSA 2048 M01
2023-02-07 -
2024-03-07
a year crt.sh
framerusercontent.com
Amazon RSA 2048 M02
2023-02-23 -
2024-02-15
a year crt.sh
events.framer.com
Amazon RSA 2048 M01
2023-04-26 -
2024-05-23
a year crt.sh
framerstatic.com
Amazon RSA 2048 M01
2023-02-23 -
2023-12-21
10 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-01-26 -
2024-01-25
a year crt.sh
rive.app
Amazon RSA 2048 M01
2023-02-22 -
2024-01-09
a year crt.sh

This page contains 1 frames:

Primary Page: https://tutorial.stoik.io/phishing
Frame ID: 945572FCE1BA0B999CECD4578A2EDE1A
Requests: 40 HTTP requests in this frame

Screenshot

Page Title

Tutoriel Stoïk

Page URL History Show full URLs

  1. https://access.dev-login.com/ HTTP 302
    https://tutorial.stoik.io/phishing Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.weglot\.com

Page Statistics

38
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

2
Countries

8962 kB
Transfer

14359 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://access.dev-login.com/ HTTP 302
    https://tutorial.stoik.io/phishing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request phishing
tutorial.stoik.io/
Redirect Chain
  • https://access.dev-login.com/
  • https://tutorial.stoik.io/phishing
195 KB
24 KB
Document
General
Full URL
https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.52.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Framer/1214fbd /
Resource Hash
b70787e05638312c55c93937f086173a93c0ee5b9dca0987cd25f7b5a677c055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
23814
content-type
text/html
date
Mon, 28 Aug 2023 13:10:50 GMT
etag
"758d97e43a17424bd49c26589f4afbb3"
last-modified
Fri, 02 Jun 2023 08:37:41 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/1214fbd
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
Cached
x-fallback
No Fallback
x-region
eu-west-1

Redirect headers

Connection
close
Content-Type
text/html
Location
https://tutorial.stoik.io/phishing
Transfer-Encoding
chunked
weglot.min.js
cdn.weglot.com/
109 KB
38 KB
Script
General
Full URL
https://cdn.weglot.com/weglot.min.js
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:dc00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
673f9f682706a8adb1aefa0134ff203f323c093d17ef9a19fe50b141531af8ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 97eaba44803576cf9f5d9993fc05ccee.cloudfront.net (CloudFront)
date
Mon, 28 Aug 2023 13:07:42 GMT
last-modified
Thu, 24 Aug 2023 12:06:21 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
190
etag
W/"0320a2a010fe8b9b2364dfe70b7a1ab2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
MZDmcvINUJg8muEtI80Z5WkjWBMez-SaJRaZTLCwkIXpD9aAwC9i6w==
02mIJaO3ApgU3d1vkJKNHqJlHg~AL43Df-TLPyeZd52CoXnr-swtbBDHSL3EHppN5V6Uzw.otf
framerusercontent.com/modules/assets/
3 MB
2 MB
Font
General
Full URL
https://framerusercontent.com/modules/assets/02mIJaO3ApgU3d1vkJKNHqJlHg~AL43Df-TLPyeZd52CoXnr-swtbBDHSL3EHppN5V6Uzw.otf
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
58144824c4644e8df5ffa390866e46e677bd217fb4b056e72257bd291097f46d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:37:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
1064031
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
vary
Accept-Encoding,Accept
x-amz-cf-id
XI3cGAex74ekoyEO2MvMGW09s56yHYyvgCAuNkldoHOyUNI5ZNRREQ==
bkgzoODKE0SNBwRi5RyUvqmN0~osfUgmKObOdrV7xfb4NVboE1cRl83Q43Hq5x0M6Tc-U.otf
framerusercontent.com/modules/assets/
3 MB
2 MB
Font
General
Full URL
https://framerusercontent.com/modules/assets/bkgzoODKE0SNBwRi5RyUvqmN0~osfUgmKObOdrV7xfb4NVboE1cRl83Q43Hq5x0M6Tc-U.otf
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dfb4d17800ca2f9e1ea5ee77045029c7df35a38c69a1f3f9d4ef4f961844b2cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 09:42:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
962912
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
vary
Accept-Encoding,Accept
x-amz-cf-id
bdtwvchQUmG4hLoAMSXEUjNNLZ1rcvceoDbYFziGhpu-tbfsdrMK0w==
o8GjlZ0w60dL22uyAsxx9T1R7s~XjhAyzB1akrAALUv5sA0msLR9BufRWb4hoyaJ_zDbmk.otf
framerusercontent.com/modules/assets/
3 MB
2 MB
Font
General
Full URL
https://framerusercontent.com/modules/assets/o8GjlZ0w60dL22uyAsxx9T1R7s~XjhAyzB1akrAALUv5sA0msLR9BufRWb4hoyaJ_zDbmk.otf
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b22282a1ffaf129a05fa7cd6941a02d79c2b5dab7f8690a533b9db693e83d71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 10:39:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
700311
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
vary
Accept-Encoding,Accept
x-amz-cf-id
78WpJhSbyNdx0JPIx1f188faRi_OJ55RaxVVqbIYIODfqZSfctfWiw==
HXnty5sbsiAXgKRTsa6hvULfl1s~Yu7Bca_igD3v0w8cdv2kGn4nU8LPc1vxb7vDD7TNjsw.otf
framerusercontent.com/modules/assets/
3 MB
2 MB
Font
General
Full URL
https://framerusercontent.com/modules/assets/HXnty5sbsiAXgKRTsa6hvULfl1s~Yu7Bca_igD3v0w8cdv2kGn4nU8LPc1vxb7vDD7TNjsw.otf
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1cb5ce124dbed6e393e6f1cd714cfe8fdd56fb8db90562267d321d1eef211b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 14:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
688086
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
vary
Accept-Encoding,Accept
x-amz-cf-id
m3Kh_7OEDgNGyOJdSsI3FRs8nNf4YAhJ679HxLaRWmK18gkHLk6vsQ==
chunk-FVNNZN7S.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
133 KB
41 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-FVNNZN7S.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4d6f7a89162cd72ae98a59a5d2a73f68064dfccafc74166d4772cae79647d771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:11 GMT
x-amz-version-id
d4NSDwKiy3EA87WV.CzYsmjY3gqizy5A
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526741
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"fca2724704b10d1f3112b5f4f173bb2c"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
Hguxc4wTv4f2JjQQvycFo_BQ8LyvP9K5jzHrc3PAfT-ZjeLv5LAgrA==
chunk-NGVECRX6.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
360 KB
108 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-NGVECRX6.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
853d737c1ef0a430e3e7cab8a3a386672e9a86fd6ffc5a6f3daa51b553d3993d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:11 GMT
x-amz-version-id
b8uazhfH9yJl_1s2Lm3B5nmTlfJTmESR
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526741
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"160dd07d82260ef28ad260e9eeb06789"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
RSnllpUyoZvnUXE_QuWxhyVa5S8GxbWBdxMHcmeSfmLul0SB1psFsw==
chunk-OIST4OYN.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
454 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-OIST4OYN.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7944b060b2f607cd1df3d09c957818afa4869d807b6ff0349506ecf590a03daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 22 May 2023 11:56:33 GMT
x-amz-version-id
kduE3SzekYMoX_jo589LfwUuQkwnZd8m
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
8471659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
454
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Apr 2023 10:51:59 GMT
server
CloudFront
etag
"8af81548ac68e6596fe9853138d19471"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
AUmyEwrh_OrUw2xVGlYuthymuQR3JrVwPRqDFRJtbMnoLXVik-LwSg==
ZCvIKFFK_o6EqP8zz0BjsGGzk01F6CXhPjPFuifGTwk.WD65XXOX.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
93 KB
17 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/ZCvIKFFK_o6EqP8zz0BjsGGzk01F6CXhPjPFuifGTwk.WD65XXOX.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
35ccee42c78071a51f1c791ced9dd970c2b820c53256f71549ee1c811c1b4992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:12 GMT
x-amz-version-id
au_FUrbLJsbchB2u4ScImuzTrLqxbaa7
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526740
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"6e424c1b24f6c4e64b717bb3f1d5230d"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
rtsX51woB3mapEaDJeDujAgVsUgdFwtFcwgDsK3DNLp70EjDj5vyHw==
chunk-BTXXAJH3.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
786 B
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-BTXXAJH3.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
5b7aca77a32003c76ee14a49a33903062d12cfbc58a28d59050f1004d6cf8361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 22 May 2023 11:56:33 GMT
x-amz-version-id
cPpDvCgVPPvEQW7BdABsRVuRDnx4vslf
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
8471659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
786
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Apr 2023 10:51:59 GMT
server
CloudFront
etag
"09e7a823f87830eb5aab445c550eefce"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
2ZVLsveGnc-UnFQfW6g_Zs34olsq8SfErm1QfurlWOE8WPFSfoHKfg==
chunk-R3FXFYSQ.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
609 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-R3FXFYSQ.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
374e59c0b67172fdb642ce8ce36f5b13877e5abf4b3d3d63b9dc158a0961b7a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:09:28 GMT
x-amz-version-id
0RrJBUB5tQ254g6ixGCHmlk3qF0LEuA8
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
7797684
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
609
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 26 May 2023 10:57:20 GMT
server
CloudFront
etag
"2427b5d8283d920da562652e072edd7d"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
yzNvj9a-mMz3MiddRrDlIWTI8JX-BU_5cG5J494W4GI1IoZlkjfVuA==
chunk-UMA67M3D.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
2 KB
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-UMA67M3D.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
99993fb98ec847beaafe3afe02850951500745927a8a243e5a2ef808026741a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:12 GMT
x-amz-version-id
rN1DZ2L4sMolte.i8vWyK8.8GE6JfBvr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526740
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"776f59e8611934184fab76cb7e61b2c3"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
f2zSOy1IEZy6v5s7deGQ54z8fEEK2Kluon8IVGk36RuCI7NHfTfthg==
chunk-Z7GARUBH.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
79 KB
27 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-Z7GARUBH.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ef6752eeea243841a21fd815b7b951f6cba6341966ff1d68e2da934ceb43aa87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:12 GMT
x-amz-version-id
6pCiERzixoMC9LlSvKE7d5J8pzPqm4.Z
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526740
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"c5a9cb3d7c80287edfe61bc76dfc0499"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
D4D-AwNP5sBbwAq7ittpBzxHhKs0Nbt-kC2ZBaVoFplYVR-wjOtFHg==
chunk-QJ4QVKHN.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
743 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-QJ4QVKHN.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
65a9ece7cf15d10f087d61b270035625aa26e01ee4c4c6098140e8b92ff66b78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:12 GMT
x-amz-version-id
7w.Uov6dt_F0GnmtRXcfZ1gokZ.iwXar
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
7526740
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
743
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
"816bc2005c22efb76a0ed147dfc80292"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
C9N-cbm30mFiy3gvpHr04RhP3zPC_go5nwOrZ2jtuQoJIamIu3gkfg==
chunk-MUUTI43V.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
27 KB
11 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-MUUTI43V.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9979df6848bfad53bd56a71fcee8164074f9783d32632b9eabc103e92352b124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:12 GMT
x-amz-version-id
21xWUb7kb8fFaFuvWpflN0zdLUccsF0F
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526740
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"52e97c5b1f2bfec8a2c6dff21e67ce94"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
OQ6TjWdR-XxQsSoXOBARLGi7wu86uvcGNPUv_KtQo2oSkBksKPIwYQ==
chunk-42U43NKG.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
44 B
801 B
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-42U43NKG.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 30 May 2023 11:59:05 GMT
x-amz-version-id
7diUJ_CTwSB5B9A.W8OXGqwk2W.tpLEC
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
7780307
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 May 2023 10:36:59 GMT
server
CloudFront
etag
"f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
U8OkVTr0v2dk35FeprGlukrjgf8UdHwOAHZ0Etm5JEmbLNiuglAvJQ==
script
events.framer.com/
12 KB
13 KB
Script
General
Full URL
https://events.framer.com/script
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-92.mxp64.r.cloudfront.net
Software
/
Resource Hash
1b26194d3439f7fa15c917e63e07eccf05d7f1bc92a0986afdd4c9a864f1fd42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:10:52 GMT
via
1.1 d5288b780eb5550f8f1a3dda9a3724a4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
12512
x-amz-cf-pop
MXP64-C1
x-amzn-trace-id
Root=1-64ec9cdc-0c29f6b45453742640e8b827
x-amzn-requestid
5bccb94b-29e6-4070-8ff7-4c0ad77f0015
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Mon, 28 Aug 2023 13:09:58 GMT
x-amz-apigw-id
KX1ydHi2IAMFWJw=
content-length
12512
x-amz-cf-id
lIP-l2JMM2qDwQUBKiOeO3gOOK3UdOFswWu4XrcUAWa4mYYOSvLpDg==
6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/
214 B
666 B
Image
General
Full URL
https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 09 Jul 2023 10:01:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
age
4331391
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
xiLZ5jJUOkw12ee0P-k1MgV7QPDuAeYxJ6drhyH41eZ5d894eWovQA==
11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/
215 B
669 B
Image
General
Full URL
https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:00:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
age
3967798
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
c8b46007-8f95-4988-9233-12a346e1f38a
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-64b011a5-5630e82e48e8517c3a4890ce;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
k3xVxZschbR4o1wXVF5Nf8jFYNrWcL4CRzv663drkDkjoJ88jb5npg==
_script0.7XHG27GI.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
3 KB
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/_script0.7XHG27GI.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6494ecc41ea496ef82c474a857971aec3e4bf78efb51117323bf9d3d9b14bc53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:10 GMT
x-amz-version-id
sQb0WfywMPyp37.VXYTmnvsLfN1w3SHJ
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526742
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"01205ef369b02f9f9322b2edea638ce6"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
7wNNABQj0EcQl-fOI2UaEDPmX2-wTgHcwPB5NJtiGXiQs0pVya-8Nw==
8b86c8bfbf8c9bd197e4237bb44f64506.json
cdn.weglot.com/projects-settings/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.weglot.com/projects-settings/8b86c8bfbf8c9bd197e4237bb44f64506.json
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:dc00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9d4a599091dbe511c495bd64c85ce9bfda7151c9f41cdcc95ad846485915a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 11:22:24 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 10:51:41 GMT
server
AmazonS3
via
1.1 18c617ef1621da46798c2b8cbc1c808c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
etag
W/"f05227db7c91505caa7a10c75ba6770d"
age
6508
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
ybwQ86J7z-bw5UIqIbGSlUZ4V9Cqk_dr235bMty9gOMYouwt53wk8w==
truncated
/
661 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4664a5e05cb66a259d8df2f74d55b1db2fafe996b2e489b8244d529a6a25335

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
915 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4c6ce540f7437b9b9e37a02b2fd10cdf98ddb55346e747882298e32ea23de91

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
Inter-Regular.latin-JLQMKCHE.woff2
app.framerstatic.com/
19 KB
19 KB
Font
General
Full URL
https://app.framerstatic.com/Inter-Regular.latin-JLQMKCHE.woff2
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3200:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 10:20:55 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
14438997
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19024
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Mar 2023 10:19:13 GMT
server
CloudFront
etag
"e8e69f41b1da2a7b6e6fcb959e00e736"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
e17KnOgWmX_kcXmEXd5PwDMufbBPV7eTRKR0Z7yncruUT6fQ0Cy9kw==
weglot.min.css
cdn.weglot.com/
28 KB
5 KB
Stylesheet
General
Full URL
https://cdn.weglot.com/weglot.min.css?v=4
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:dc00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 08:11:41 GMT
content-encoding
gzip
via
1.1 97eaba44803576cf9f5d9993fc05ccee.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 24 Aug 2023 12:10:46 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
277151
etag
W/"396483c84619a8b59a272ec60b4059c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
gzfVIkNC7v3vSRcfbgufrsVZ5Z5Q9pHdM36mp2mXuv0w20Sd0HEJVg==
translate
cdn-api-weglot.com/
5 KB
4 KB
Fetch
General
Full URL
https://cdn-api-weglot.com/translate?api_key=wg_8b86c8bfbf8c9bd197e4237bb44f64506&v=1690973496
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:478b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad37b2b3852548333d871e153c863526e16a27f8bd6172888859efb022c17ea9
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-3af683240cdaa0b0bba99b02f57e179f' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Aug 2023 13:10:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
script-src 'nonce-3af683240cdaa0b0bba99b02f57e179f' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none';
content-encoding
br
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,PATCH
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOyDCMT%2BptbaPqgmSmTEtbVKquBCbE6JX%2Ft7OduNprOWnats23MRzRpRAw4QBW4whBL1xRfs9D16glkXUOH7nlCboCvtLugrmoVAUP0wN4UhoGW%2Bthx8N9vAUwjpw2tn8CfSX6HZEojwR2WYAQ8gqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, no-store, private
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
vary
Accept-Encoding
cf-ray
7fdccbff2cb7995a-FRA
access-control-allow-headers
Content-Type
expires
Mon, 28 Aug 2023 13:10:52 GMT
truncated
/
255 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
_lcnLFQDpj5rj76ZiZCYV3fMB3ZRGyvcvjbG_YzwStA.WHPDVO2E.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
121 KB
28 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/_lcnLFQDpj5rj76ZiZCYV3fMB3ZRGyvcvjbG_YzwStA.WHPDVO2E.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/_script0.7XHG27GI.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e9f6325a74c0f36b42df101e45af79bc78e3d085f17b69d53c562e330db450dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:13 GMT
x-amz-version-id
5osQUAdapJWxZ6CphmQXh03WN0xYJn.B
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526740
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"41d876e66460fbb4e748e70ca7f33e56"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
GM9GPL7_pK4pg8jNm-2TJTyycJDPQO7ZEVtEd2hE-3jnG7afyrWTMA==
E9dWOF-JXT6V0-yZNUBA5lGDLs8J81nX9H-mfyehRt4.K4MJYUIM.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
137 KB
25 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/E9dWOF-JXT6V0-yZNUBA5lGDLs8J81nX9H-mfyehRt4.K4MJYUIM.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/_script0.7XHG27GI.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0e2f2ad331ed505516730c77eb2550ec19507589b0afc271497e688f8d484862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:13 GMT
x-amz-version-id
tWBKRnLs06o5ZEAoUoQ9Phuq7oh8LNm0
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526740
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"5a034058c92c13303a35685f8842578d"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
87lXHoHorCckzXrG1d6x4U9tTsl0j9iY7gz57uDqct0A3EXMKmfY3w==
roBhL1z8chymD-mmk-8Iz8Cnf5TUFGDjLQScg02ats4.YKKEQDRX.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
121 KB
20 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/roBhL1z8chymD-mmk-8Iz8Cnf5TUFGDjLQScg02ats4.YKKEQDRX.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/_script0.7XHG27GI.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a982046d62e0d710e183cc500ff6773eaec510b50c0951bf8d2040a39b3a4d6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tutorial.stoik.io/
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 10:25:13 GMT
x-amz-version-id
TahSlrMy9mrnrQ.f0MZWQHRs.iAO2OIS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
7526740
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 08:37:40 GMT
server
CloudFront
etag
W/"a986f17ec9dd14ca6b8120ce6e7b531f"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
KM6I73S0pOMZ7mUpQ0e_5LB5sc7t9ynopFw2DPbyp23e6FYOTAPxyw==
rive.wasm
unpkg.com/@rive-app/canvas@1.0.102/
196 KB
84 KB
Fetch
General
Full URL
https://unpkg.com/@rive-app/canvas@1.0.102/rive.wasm
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-Z7GARUBH.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004de84573de77156a49c6aaabcfb82df95d3ad382308aeebddf73e4ad06323f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:10:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11867064
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GXWEZCXGMH3GSTQ7N8HMFFZT-fra
server
cloudflare
etag
W/"30f6a-2x7AoODSqnSGuw2qBvTbbMkEmF8"
vary
Accept-Encoding
content-type
application/wasm
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fdccc015b4a9b86-FRA
6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/
214 B
668 B
Image
General
Full URL
https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 09 Jul 2023 10:01:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
age
4331392
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
cd6fe516-7186-49ea-8583-2bab5f74ff2a
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-64aa855c-0af01ff92e851a665abb74ce;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
hbknIrAjAB7DmHKIBhAxt3MOE4hy8Ip1mDFfuNheQ4wE2-ZVZH8NkQ==
11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/
215 B
668 B
Image
General
Full URL
https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:00:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
age
3967799
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
c8b46007-8f95-4988-9233-12a346e1f38a
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
x-amzn-trace-id
root=1-64b011a5-5630e82e48e8517c3a4890ce;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
mlIskzIWkIsxacRf8M0OPxp4-kegojmgCapxk45oVtN3rDuDx4oTSA==
chunk-KQIAYJ4I.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
933 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-KQIAYJ4I.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6bc7fb7083b5b152d4ebe310106a6293682ed0bfc872b4fff901232580c6fe45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/_lcnLFQDpj5rj76ZiZCYV3fMB3ZRGyvcvjbG_YzwStA.WHPDVO2E.mjs
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:07:06 GMT
x-amz-version-id
CabLtlC6eIS0vrOQlbdU2zWyIuXbdQOh
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
age
7715026
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
933
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 May 2023 15:19:57 GMT
server
CloudFront
etag
"fb4d8c653b09e515dcabb8274d06e294"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
GaHhS41AK7TLu7-uVjyBJD9qZY2Qy1nieqj8KxBhgRRX7u-7ePJNeA==
anonymous
events.framer.com/
0
0
Fetch
General
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-92.mxp64.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://tutorial.stoik.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 28 Aug 2023 13:10:53 GMT
via
1.1 c2015c52d38ccde0fdca03737208f710.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C1
x-amzn-trace-id
Root=1-64ec9cdd-16d2519b42a0312c63b5a650;Sampled=1;lineage=c457ad49:0
x-amzn-requestid
9f7ba218-8887-4ee3-b1bb-3581cd63f41f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
KX1ylFhuIAMFjFw=
content-length
0
x-amz-cf-id
OA2D8VKWgZLjwYbE4K8HDo5bN9OWbznb8Xo9zivcd_mIoRZmq4_NNA==
anonymous
events.framer.com/
0
0
Preflight
General
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-92.mxp64.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tutorial.stoik.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 28 Aug 2023 13:10:52 GMT
via
1.1 c2015c52d38ccde0fdca03737208f710.cloudfront.net (CloudFront)
x-amz-apigw-id
KX1yiENYIAMFd7Q=
x-amz-cf-id
M8SM6wrOExq_f-CpEni4bm6PwvC8-rhbNS9bq6_1Iyi_E7o8QGGaFQ==
x-amz-cf-pop
MXP64-C1
x-amzn-requestid
eccf077e-3b22-431d-89bc-f3b4061c6bd7
x-cache
Miss from cloudfront
chunk-DWMEYOZA.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
723 B
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-DWMEYOZA.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f5aef8573106033780dcf2a9040ab00dbd2163dcae5ca9440eea5530d8c15bbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/E9dWOF-JXT6V0-yZNUBA5lGDLs8J81nX9H-mfyehRt4.K4MJYUIM.mjs
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 07:18:31 GMT
x-amz-version-id
.Zjo9Bezh.hIubE1Ed5jdwCDJwvaKbL7
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
age
7537941
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
723
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 May 2023 15:19:57 GMT
server
CloudFront
etag
"31b489df6dc3aaf7d5127a5550f98e93"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
26z3K67LMt8wpuVBmB19DPfYZx3VaYMaJpkgjdZet4Oqo9ID0ycNHQ==
chunk-URGVINBJ.mjs
framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/
1 KB
1 KB
Script
General
Full URL
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-URGVINBJ.mjs
Requested by
Host: tutorial.stoik.io
URL: https://tutorial.stoik.io/phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5e00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ea74cc81321c44376c08f019104e59e3f7a61fd9d27734d43ba7a018780f398a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/roBhL1z8chymD-mmk-8Iz8Cnf5TUFGDjLQScg02ats4.YKKEQDRX.mjs
Origin
https://tutorial.stoik.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:07:07 GMT
x-amz-version-id
lRksemZAZzm8LEZfhvcXVAPJlT4fX98a
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
age
7715026
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 May 2023 15:19:57 GMT
server
CloudFront
etag
W/"c037d97e3fb121d62c4d874f56de3934"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
AhjtDiM4nZh4DxBgpX6sEjNPusBHx2ZlkHP-9qTwFUvO7vT3ECSS_Q==
AISrwJ-hHk_xnpQDcSDCfw.riv
public.rive.app/hosted/234766/64071/
118 KB
41 KB
Fetch
General
Full URL
https://public.rive.app/hosted/234766/64071/AISrwJ-hHk_xnpQDcSDCfw.riv
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-Z7GARUBH.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4e00:4:c45e:82c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdea03eccf65750be7eabed32bdc20aa8501c9d3bf92283ceddb4c37fd0ff47a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 06:09:43 GMT
content-encoding
br
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1062070
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 30 May 2023 15:17:39 GMT
server
AmazonS3
etag
W/"9652ee276d397429e4d1cf7faa038ff2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=31536000, immutable
x-amz-cf-id
0BOGgxIcYnrkU98eU_pbr-UUrXiNTlV6MITSKkPwL0y7I8utj6revw==
q4tvsFN7e0a9VasOXzHXpw.riv
public.rive.app/hosted/234766/48305/
109 KB
36 KB
Fetch
General
Full URL
https://public.rive.app/hosted/234766/48305/q4tvsFN7e0a9VasOXzHXpw.riv
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6Q0egad8g5lVAdEuj6C6Tc/chunk-Z7GARUBH.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4e00:4:c45e:82c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ef1fec18935cf80e9e78c8c72e6ee15a7d9064aa7f7b539f77e66026542a8b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tutorial.stoik.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 08:20:21 GMT
content-encoding
br
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1659032
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 31 Mar 2023 10:15:04 GMT
server
AmazonS3
etag
W/"312cfdc282331fafa176770feef22fdb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=31536000, immutable
x-amz-cf-id
0tVmAeYS01ehX9hDMAtbLeZyHA6M1hPgMxu8Q3heV2Ga97ZPS5kFKA==

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| Weglot object| animator function| HandoffAppearAnimations function| __framer_importFromPackage object| process function| __send_framer_event

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

access.dev-login.com
app.framerstatic.com
cdn-api-weglot.com
cdn.weglot.com
events.framer.com
framerusercontent.com
public.rive.app
tutorial.stoik.io
unpkg.com
143.204.9.92
2600:9000:2156:4e00:4:c45e:82c0:93a1
2600:9000:223e:3200:d:6b42:4ec0:93a1
2600:9000:238d:dc00:1:28b3:b280:93a1
2600:9000:2490:5e00:d:ada1:a280:93a1
2606:4700:20::ac43:478b
2606:4700::6810:7eaf
52.223.52.2
63.35.119.213
004de84573de77156a49c6aaabcfb82df95d3ad382308aeebddf73e4ad06323f
0e2f2ad331ed505516730c77eb2550ec19507589b0afc271497e688f8d484862
1b26194d3439f7fa15c917e63e07eccf05d7f1bc92a0986afdd4c9a864f1fd42
1cb5ce124dbed6e393e6f1cd714cfe8fdd56fb8db90562267d321d1eef211b5f
35ccee42c78071a51f1c791ced9dd970c2b820c53256f71549ee1c811c1b4992
374e59c0b67172fdb642ce8ce36f5b13877e5abf4b3d3d63b9dc158a0961b7a5
4d6f7a89162cd72ae98a59a5d2a73f68064dfccafc74166d4772cae79647d771
4ef1fec18935cf80e9e78c8c72e6ee15a7d9064aa7f7b539f77e66026542a8b6
58144824c4644e8df5ffa390866e46e677bd217fb4b056e72257bd291097f46d
5b7aca77a32003c76ee14a49a33903062d12cfbc58a28d59050f1004d6cf8361
6494ecc41ea496ef82c474a857971aec3e4bf78efb51117323bf9d3d9b14bc53
65a9ece7cf15d10f087d61b270035625aa26e01ee4c4c6098140e8b92ff66b78
673f9f682706a8adb1aefa0134ff203f323c093d17ef9a19fe50b141531af8ee
6bc7fb7083b5b152d4ebe310106a6293682ed0bfc872b4fff901232580c6fe45
6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0
6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e
7944b060b2f607cd1df3d09c957818afa4869d807b6ff0349506ecf590a03daa
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
853d737c1ef0a430e3e7cab8a3a386672e9a86fd6ffc5a6f3daa51b553d3993d
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23
9979df6848bfad53bd56a71fcee8164074f9783d32632b9eabc103e92352b124
99993fb98ec847beaafe3afe02850951500745927a8a243e5a2ef808026741a9
a4664a5e05cb66a259d8df2f74d55b1db2fafe996b2e489b8244d529a6a25335
a4c6ce540f7437b9b9e37a02b2fd10cdf98ddb55346e747882298e32ea23de91
a982046d62e0d710e183cc500ff6773eaec510b50c0951bf8d2040a39b3a4d6a
ad37b2b3852548333d871e153c863526e16a27f8bd6172888859efb022c17ea9
b22282a1ffaf129a05fa7cd6941a02d79c2b5dab7f8690a533b9db693e83d71c
b70787e05638312c55c93937f086173a93c0ee5b9dca0987cd25f7b5a677c055
b9d4a599091dbe511c495bd64c85ce9bfda7151c9f41cdcc95ad846485915a25
bdea03eccf65750be7eabed32bdc20aa8501c9d3bf92283ceddb4c37fd0ff47a
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d
dfb4d17800ca2f9e1ea5ee77045029c7df35a38c69a1f3f9d4ef4f961844b2cf
e9f6325a74c0f36b42df101e45af79bc78e3d085f17b69d53c562e330db450dd
ea74cc81321c44376c08f019104e59e3f7a61fd9d27734d43ba7a018780f398a
ef6752eeea243841a21fd815b7b951f6cba6341966ff1d68e2da934ceb43aa87
f5aef8573106033780dcf2a9040ab00dbd2163dcae5ca9440eea5530d8c15bbe