Submitted URL: https://oremin.me/#ne
Effective URL: https://oremin.me/
Submission Tags: 0xscam
Submission: On April 11 via api from US — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 172.67.142.16, located in United States and belongs to CLOUDFLARENET, US. The main domain is oremin.me.
TLS certificate: Issued by E1 on April 7th 2024. Valid for: 3 months.
This is the only time oremin.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 31 172.67.142.16 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
32 3
Apex Domain
Subdomains
Transfer
31 oremin.me
oremin.me
531 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 116
837 B
32 3
Domain Requested by
31 oremin.me 2 redirects oremin.me
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com oremin.me
32 3

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org
Subject Issuer Validity Valid
oremin.me
E1
2024-04-07 -
2024-07-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 2 frames:

Primary Page: https://oremin.me/
Frame ID: 93023DFB5F80B47FC6F23AE06453E31C
Requests: 28 HTTP requests in this frame

Frame: https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 660FD707D6B5406D6A8B35AA62B9B736
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Main

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js


Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

94 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

577 kB
Transfer

893 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Request Chain 26
  • https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
oremin.me/
12 KB
4 KB
Document
General
Full URL
https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b18be1155c40f2c912370b9a1b9029db5154446f45b2e82232c9f817a5715c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8727c5c4d9a892fd-CPH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 11 Apr 2024 03:08:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSzh51dQCxB6XXofyPSpjP1JBK9YhVRFg8TZ61kkbhH%2BfoTXHwzrOtdKQBsXrTyJipi%2B2sF5v3w13swhPk%2Fx0cvbk8Ki%2BBmpgznE%2FHBICN11nyuvi9Ys2NGvpag%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/
2 KB
837 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Apr 2024 03:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 01:16:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Apr 2024 03:08:32 GMT
bootstrap.min.css
oremin.me/css/
112 KB
20 KB
Stylesheet
General
Full URL
https://oremin.me/css/bootstrap.min.css
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82052d75f5fce338c784a50a9b6de7d729c63313f2c1139b916e3503326f0c6f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661327f7-1c17a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpB1bARqYM5O8W3N%2BBQolXRtGL41rhomIKXUPVILnov27LgD37se1s4UA4%2BXr8Y3XYp2vxrMlAxR36kJLzXbYN0ZC%2Fa4PLqcBWsItLQB5FDtBKWxR4QpeE8JlRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8727c5d02ec692fd-CPH
alt-svc
h3=":443"; ma=86400
owl.carousel.min.css
oremin.me/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://oremin.me/css/owl.carousel.min.css
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a5dd987c14d9f4f3e82b36933e2cfb563e2cf451dc83175ff6d0d20a0d7d13

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661327fb-e2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xr3707m0wB4FIZUa2FwNiOizLRBEipGY0SOgM0CHqfhY1pUyHRDQqfP3rtOmwd%2BpPbQl5EO%2FSEUI55K1tMxmuUsKDWTNZnwvuQTAolECBf1dTGzQkP6b%2F69jsl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8727c5d02ec792fd-CPH
alt-svc
h3=":443"; ma=86400
owl.theme.default.min.css
oremin.me/css/
2 KB
938 B
Stylesheet
General
Full URL
https://oremin.me/css/owl.theme.default.min.css
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9d8e502e14f78f9719329a78721dc917f26bc073df3514e14c634edd239ea9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661327fb-90b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7AMjZVgUMUNHP25uML2RUNASpoaFcJt8S2QahuIFYCO1CMKn5KL9vqLhSkJHWduxHabZVhBuJBZbgn%2FCqdXXK4nXdnlAhiwQvO5PlmbhYtyfyWnXc%2FdRnWV2dYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8727c5d02ec892fd-CPH
alt-svc
h3=":443"; ma=86400
magnific-popup.css
oremin.me/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://oremin.me/css/magnific-popup.css
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661327f9-1e66"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwVGkIpQv2amZLL2nmzKUBLQjwRwDdi6Klh2DU1eCO4fUNBWZn64OgWgDR%2Fpo1xiyK2HAVtQmz4087QMREXv01PD557ZGTn8KZExd5ThzelwvweqivYXAg3Tj4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8727c5d02ec992fd-CPH
alt-svc
h3=":443"; ma=86400
style.css
oremin.me/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://oremin.me/css/style.css
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd34ff859cdaafbc16491e8bef3a9c3872c9bb73eabb21076afe7b4442ab076

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661327fc-562a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsXxW9vOiBu%2F5ldFHeR5hPpFUCbcC5trmI5u4Bcx96DhWw6gCQcfEpRzqXYFM54654m07VFCFX1Sxd7aNblAJI5WNlGFvf3Rhj22JMqzAvZ%2FR6X1mXtisP%2BAXE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8727c5d02eca92fd-CPH
alt-svc
h3=":443"; ma=86400
themify-icons.css
oremin.me/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://oremin.me/css/themify-icons.css
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26989d3113acf7ccb959bee7a1f6a1a1e009edcbe58e52b3052b89f868a2c3cb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661327fd-406a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7oFURrVC5Pfc8G6OCR34jODXXHgkl887ZKrVwmyEkUJmPhbZQM7GBl8o0bbSSH7qqSFdJeLIAmI7hxBmjaJFZNbtkkylsrDOZCBJmwa2GX%2BAZBmwL879sKMiwc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8727c5d02ecb92fd-CPH
alt-svc
h3=":443"; ma=86400
bulksplash-rmrdnl-4p3jflrqjha.jpg
oremin.me/assets/images/
36 KB
36 KB
Image
General
Full URL
https://oremin.me/assets/images/bulksplash-rmrdnl-4p3jflrqjha.jpg
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a74978eb2c3e8477b7c6f5128f7f117cc7baa5afdffdf8f4c2f1ce653272cc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"661327d6-8ffe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5k7lrUl2jG7U%2Bbsqmhnw7M2F3PqKEmE3IsPfByse0ueJJIGXF2MMy9s375mgH1upl3%2BBZrpL8N%2F6B6E3s3%2FQNU0TTUeDe0ssxIZPi7eT%2FP3ZuxHoQeak2UcVqJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8727c5d02ecc92fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
36862
bulksplash-imgix-klwuhr-wpj8.jpg
oremin.me/assets/images/
57 KB
57 KB
Image
General
Full URL
https://oremin.me/assets/images/bulksplash-imgix-klwuhr-wpj8.jpg
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a9faac2085637188acd50e1e3c94de87dda25908e2df344743eed4a71a5035

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"661327d5-e201"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4gFwGoN2xC%2BJh3EIZ%2BOn%2F7QqfJVi25CgrOeR1PUfmnCS7yDxt5Clboiabi%2BrdX3ri8eEk9TkdKm4Se7BE5l0qHvrlE1BKRli7hW3rhuLGvUtLGuqUVOwIttKQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8727c5d02ecd92fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
57857
bulksplash-angieprz21-tyyycokojo4.jpg
oremin.me/assets/images/
45 KB
45 KB
Image
General
Full URL
https://oremin.me/assets/images/bulksplash-angieprz21-tyyycokojo4.jpg
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7b085206304110788dd065b95c1fcf2b646b4d623b63d1d83524c30a97a1c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"661327d4-b35b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Amc5tR%2Fgqy4kWH0uiT7GdhyOGQoDjc%2Bh1kDSzcaC9rTgGW2hsb1qVyn%2FmX5DRg84VQHxbhwqvPuN8LJQ0r0jdjJXxd20A6X3NMMqwQf6NPskeOAstYrpf%2Fuu8PI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8727c5d04ed692fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
45915
email-decode.min.js
oremin.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://oremin.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 17:26:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6610342c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCGsmnrhgVXF37eEYJRYmhysR0M0JHrutBSZOUsbo9mIFL%2FZE%2FSfTDECtQHb7ZelaVdIocCox%2BXy3Y0HB5dLBX9AbNfLct35KJHTXOjoQ99WWUaNVYNhlZ6NaCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8727c5d04ed792fd-CPH
expires
Sat, 13 Apr 2024 03:08:32 GMT
rocket-loader.min.js
oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 17:26:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6610342c-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHohFlVxU%2BY%2FcrwcqPzDIzHNKU7nuFB%2Fce2qukPg6GuxKyAoKBHtuPjAQeQubDqGroPFFaeaFTQpPC4SpWtFG%2BqVTIemCklYiKIkZbMNXrONz5hJTO1APs7GwOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8727c5d04ed892fd-CPH
expires
Sat, 13 Apr 2024 03:08:32 GMT
bulksplash-rmrdnl-4p3jflrqjha.jpg
oremin.me/assets/images/
36 KB
36 KB
Image
General
Full URL
https://oremin.me/assets/images/bulksplash-rmrdnl-4p3jflrqjha.jpg
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a74978eb2c3e8477b7c6f5128f7f117cc7baa5afdffdf8f4c2f1ce653272cc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
cf-cache-status
HIT
last-modified
Sun, 07 Apr 2024 23:10:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"661327d6-8ffe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2C6CqPSkD00TUiFoulQ78o2%2BOdQFfKUMedhkD6xqZSv27Dhd0N0unwJSm2DVWDnS3hAXNoH4QvLIIxmrIc80MLYMjbsFFZHKlLG5Fk5W0OuoeU%2BswFXlOzGOyzE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8727c5d5c92692fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
36862
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://oremin.me
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:52:30 GMT
x-content-type-options
nosniff
age
407763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 09:52:30 GMT
themify.woff
oremin.me/fonts/themify/
55 KB
55 KB
Font
General
Full URL
https://oremin.me/fonts/themify/themify.woff?-fvbane
Requested by
Host: oremin.me
URL: https://oremin.me/css/themify-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/css/themify-icons.css
Origin
https://oremin.me
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:11:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6613280f-db2c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJ%2Bxse9o8Mn3EiwDwu5BxggIEa%2FEHKzO9ZOV9ilgXzGT6sOmxVfXRPf9LtaD9td9wUVfllBTdBWFbkLI7UamovOM5O0jaJgOlpRNiIlMTNviiUtGT%2FITE9279hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
accept-ranges
bytes
cf-ray
8727c5d5c92992fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
56108
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://oremin.me
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 19:07:30 GMT
x-content-type-options
nosniff
age
374463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 19:07:30 GMT
custom.js
oremin.me/js/
3 KB
1 KB
Script
General
Full URL
https://oremin.me/js/custom.js
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1ba1399b4064fb2341037f943a0cb03e70746d4039a9bc7d61aa8808ae1d41

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6613281a-d48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gupJOmZEFXfDN5sVnaNK5S7SmHO8ie4uIAjcy7c03CcUM8hANAfroxMgkvo21m0wnrViqjQo0AfxdSy66O6IqUGiuiKsYCAJ6iJZpJJgcl3BQWQmAbQRzuJDIOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
8727c5d5f94092fd-CPH
alt-svc
h3=":443"; ma=86400
jquery.magnific-popup.min.js
oremin.me/js/
20 KB
8 KB
Script
General
Full URL
https://oremin.me/js/jquery.magnific-popup.min.js
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b30ca232045dbc02c722c1747f97cf2dc474258e86800daeff61af4ebdb5500

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:11:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6613281e-51c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgwaSsNSDOW8EPljWUTRUAa5RNA0jBpSFZTWrjd0huRLmxfAQH1pKm%2FFOGXp3Q%2Bde3TefQtE8k4zKdqRDmC8ngZqsM08qMhOz8mfObCV%2Bcwyx3TlVn%2FnOk0LBYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
8727c5d5f94192fd-CPH
alt-svc
h3=":443"; ma=86400
owl.carousel.min.js
oremin.me/js/
39 KB
11 KB
Script
General
Full URL
https://oremin.me/js/owl.carousel.min.js
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:11:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66132820-9dd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67wHBZww56UgqZgxkY2TgzTKz4iWYxtqL8EZdf1D%2FSr9dO%2FxzBvFbnSwn4ZbqJn0%2F7NZqUJcy6TTOObx5vh%2BX1TPtyr0NIFntty23%2BTsYw3LzD2SYtaJfGhEqBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
8727c5d5f94292fd-CPH
alt-svc
h3=":443"; ma=86400
modernizr-2.6.2.min.js
oremin.me/js/
15 KB
7 KB
Script
General
Full URL
https://oremin.me/js/modernizr-2.6.2.min.js
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:11:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6613281f-3c36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FHkMZHN4mLHadzOqFrqhMPZygULFQAmSiOyy4bYDOU0Mrs%2FVwohXT2zvyPIsZIBpivqadIq%2FYVKhMBc3xIApLaotnhpCtYfM2fw9wEpzujbKtBLLIhjBypc3G8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
8727c5d5f94392fd-CPH
alt-svc
h3=":443"; ma=86400
bootstrap.js
oremin.me/js/
66 KB
15 KB
Script
General
Full URL
https://oremin.me/js/bootstrap.js
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68fd9f7f7c8165a37c795ebfa68f958fc5e03cdefc2a586ad682199065c3330

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6613281a-10653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URKk%2BT%2B%2F02cetb7rIJPqhif4OmUqhxvMOWYzv9xxhNXoFuSB7xOtCg4w8I7cZgzt4g8kWw%2F3KCjTOzYiCmkCdUytO2dk7nIyXrMbhgV%2BXh1enurrPaW%2FBYGmb9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
8727c5d5f94592fd-CPH
alt-svc
h3=":443"; ma=86400
jquery.easing.1.3.js
oremin.me/js/
8 KB
2 KB
Script
General
Full URL
https://oremin.me/js/jquery.easing.1.3.js
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:11:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6613281e-1fa5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HOTrlNVVFD7KSwpLQbFNsOzhtITcJsRKlax%2BKmVdQl49KIZTbZ54CnhpNbkvMPk7zJUUO2WHi8EcIapPuBd6dgezXTo9H%2BieBf4kSZ79JtQxjLIC1hcskKvPSM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
8727c5d5f94692fd-CPH
alt-svc
h3=":443"; ma=86400
jquery-1.10.2.min.js
oremin.me/js/
91 KB
33 KB
Script
General
Full URL
https://oremin.me/js/jquery-1.10.2.min.js
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:11:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6613281d-16bb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyRzMX25djcEDMYeww0SJVgilZB9cEz28s8FwU6uxYnLs7lFfo3PemJkGNe5Y%2FwX9DAG1zwC3tvoRAeDR1dDh9U196Ta2ICaZMYimZom8muJatJJaGpmLXepJnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
8727c5d5f94792fd-CPH
alt-svc
h3=":443"; ma=86400
main.js
oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 660F
Redirect Chain
  • https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB
Script
General
Full URL
https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Requested by
Host: oremin.me
URL: https://oremin.me/
Protocol
H3
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1086bafcc2c913f37d419dca52731340fac2a0f293cef80ecd85ef847c8145aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ZmEohxxJgUWAvkyrKnBvxfwwGW4oAjNNvr82LjYkINkRkueKslzTqdmgbIZdruBdgmB41NJvMii2ZHP4oLpRPAHCTxi07GHGALDWEA8nzOxrJm%2BYC3PpO9mcLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8727c5d6295892fd-CPH
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 11 Apr 2024 03:08:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4mk3rxJOgCx0cjVYpwNY5Zvd0twszQV0HEZzQ5XedPAnz86xyId2mSqDTfTYS6Iu8zyHoys3ID1KO%2BSyRA9qs4RfGGADuX3YmGA5P8KkQnRgk68Rq%2F7pOVXNNI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
8727c5d5f94892fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
0
8727c5c4d9a892fd
oremin.me/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 660F
0
580 B
XHR
General
Full URL
https://oremin.me/cdn-cgi/challenge-platform/h/b/jsd/r/8727c5c4d9a892fd
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Apr 2024 03:08:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8eEjvdxH7xK95IyiTzh%2FjYnIFMoaWOV%2BFwqWBVQ7%2FZ0KJMiWSl18Pn7eKFmqtNa3XHhQLYcuHtgL34t62lMm08bn%2FNwrvClet8b8e4HwyukHm5YgjCU7SE5ZZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8727c5d6d9a992fd-CPH
alt-svc
h3=":443"; ma=86400
favicon.ico
oremin.me/
33 KB
34 KB
Other
General
Full URL
https://oremin.me/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5356cd7fa1821a56b7560ce5a5d6892c9118e5dbe73818a50bab410565cae272

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Apr 2024 23:10:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66132803-8572"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2PeX6lznTnaDc4yz8OpRdT8n7cWCETXBpyYBgNPDTv3o0lOOYexN8VUo3RXMbIJbTz0LyVcb1mINat9MVAiWiLGIjxJNKHD%2F8ZjH4M6eDs438v1Rp%2BPTVQxOws%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cf-ray
8727c5dc2bac92fd-CPH
alt-svc
h3=":443"; ma=86400
main.js
oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 660F
Redirect Chain
  • https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB
Script
General
Full URL
https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Protocol
H3
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f59f57bba2eaeed40809848edee475bb79a9f8f0a4c4b8c6fd753de72309559
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmBcY5ScgmOfnlPEyUJSH6iI5Ofm9nf23COq2BYKYZfm3BkbHObWKuj%2BXMFcoD40KLeLVp5zmlqzu602HLa217bb%2B6plKC3y2H%2FlZ5dgnNG%2BgVIEIs9qlXE7Cr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8727c5dc6bbf92fd-CPH
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 11 Apr 2024 03:08:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BBhO0lSFQU0PMpxgRWaIhio8VzSlHHh8vDYwqrQ3RPz0%2FwjO3ug90ICYacffPb0uOKiFdeF1tr14r37MWDf5k9bP23FGSmPQr0t3ADRL6MaqJ1%2FpzX9aZ9eEPPA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
8727c5dc3bb192fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
0
bulksplash-rmrdnl-4p3jflrqjha.jpg
oremin.me/assets/images/
36 KB
36 KB
Image
General
Full URL
https://oremin.me/assets/images/bulksplash-rmrdnl-4p3jflrqjha.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a74978eb2c3e8477b7c6f5128f7f117cc7baa5afdffdf8f4c2f1ce653272cc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
cf-cache-status
HIT
last-modified
Sun, 07 Apr 2024 23:10:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"661327d6-8ffe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQqX%2FpVGDP4J7WnbPKK2Cdk9rmzmk7fSMJLdIsDw8sWDDxwc7fyKLoJo8OUcWZE%2FaKwAvbGimZjHaTGYDRca9c%2BgxKKtNXQOVn3rnDhdAMG%2Fgc9UNemSoW9plM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8727c5dc4bb692fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
36862
bulksplash-angieprz21-tyyycokojo4.jpg
oremin.me/assets/images/
45 KB
45 KB
Image
General
Full URL
https://oremin.me/assets/images/bulksplash-angieprz21-tyyycokojo4.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7b085206304110788dd065b95c1fcf2b646b4d623b63d1d83524c30a97a1c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
cf-cache-status
HIT
last-modified
Sun, 07 Apr 2024 23:10:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"661327d4-b35b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFxIeIvAhe08Yn4WkfXb2AYqjLj3CY4QD%2FFuh6rJt%2BmWS8oABNsIDDFEoqkt58w2jj96V0MOTJB0UgaMZxnUdDUsuD61Cs1ySKLOJeOYqt66B%2FwFc35v1OQqJCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8727c5dc4bb892fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
45915
bulksplash-imgix-klwuhr-wpj8.jpg
oremin.me/assets/images/
57 KB
57 KB
Image
General
Full URL
https://oremin.me/assets/images/bulksplash-imgix-klwuhr-wpj8.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a9faac2085637188acd50e1e3c94de87dda25908e2df344743eed4a71a5035

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oremin.me/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
cf-cache-status
HIT
last-modified
Sun, 07 Apr 2024 23:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"661327d5-e201"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooWY906iN4j%2FOZNjT3YTLavL43Qi9PIEBG9HwQ%2FqUrqE9W%2FsSeIto90ZibNOmcr62cKMUFJOR%2BkXeHexB2hSGoHPHz6dFI6ko7i8V%2FAlCXqPJw0h9xrTl9aFPLA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8727c5dc4bba92fd-CPH
alt-svc
h3=":443"; ma=86400
content-length
57857
8727c5c4d9a892fd
oremin.me/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 660F
0
577 B
XHR
General
Full URL
https://oremin.me/cdn-cgi/challenge-platform/h/b/jsd/r/8727c5c4d9a892fd
Requested by
Host: oremin.me
URL: https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Apr 2024 03:08:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phrdx1DmF6k3LxUU6hjTKvJ41VDeYFAlewPcvby3BIfOJMuIoxgEPCzA2ldtghJ%2Fy6ycGNW5RWIXYQe1nVFCgzgjpE5tPS8eCG6ZR%2BwjxH06sEsbjyPmtm2a%2FDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8727c5ddec5e92fd-CPH
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR function| $ function| jQuery object| jQuery110204114848622858269 object| html5 object| Modernizr function| yepnope boolean| __cfRLUnblockHandlers

4 Cookies

Domain/Path Name / Value
oremin.me/ Name: PHPSESSID
Value: 7ouqpgges3b5amhf6675q1qcp6
.oremin.me/ Name: _subid
Value: 3uueca2hur8p
.oremin.me/ Name: d6cb3
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjgwNjQ1XCI6MTcxMjgwNDkxMn0sXCJjYW1wYWlnbnNcIjp7XCIxNDE4MFwiOjE3MTI4MDQ5MTJ9LFwidGltZVwiOjE3MTI4MDQ5MTJ9In0.cwMYYzJsqdkjgPWRTXp3BJqjTyj2JwuKb-MLs8lAECA
.oremin.me/ Name: cf_clearance
Value: pZ1gaKkKMWbhfQgoX2wqaTmEp_SzAxdrR.vp95zQnFg-1712804914-1.0.1.1-FPEcB8cpGbsIz_anlTMuKA6_NKOnowq4NmvMPlcGMEtefZPNPIFI0nb9B60p96qFv9Caogr8tggFWLGq0LXLXQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
oremin.me
172.67.142.16
2a00:1450:4001:809::2003
2a00:1450:4001:830::200a
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62
1086bafcc2c913f37d419dca52731340fac2a0f293cef80ecd85ef847c8145aa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26989d3113acf7ccb959bee7a1f6a1a1e009edcbe58e52b3052b89f868a2c3cb
2e1ba1399b4064fb2341037f943a0cb03e70746d4039a9bc7d61aa8808ae1d41
3b18be1155c40f2c912370b9a1b9029db5154446f45b2e82232c9f817a5715c0
5356cd7fa1821a56b7560ce5a5d6892c9118e5dbe73818a50bab410565cae272
5f7b085206304110788dd065b95c1fcf2b646b4d623b63d1d83524c30a97a1c5
6bd34ff859cdaafbc16491e8bef3a9c3872c9bb73eabb21076afe7b4442ab076
82052d75f5fce338c784a50a9b6de7d729c63313f2c1139b916e3503326f0c6f
82a9faac2085637188acd50e1e3c94de87dda25908e2df344743eed4a71a5035
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
89a74978eb2c3e8477b7c6f5128f7f117cc7baa5afdffdf8f4c2f1ce653272cc
8f59f57bba2eaeed40809848edee475bb79a9f8f0a4c4b8c6fd753de72309559
9b30ca232045dbc02c722c1747f97cf2dc474258e86800daeff61af4ebdb5500
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
bb9d8e502e14f78f9719329a78721dc917f26bc073df3514e14c634edd239ea9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c68fd9f7f7c8165a37c795ebfa68f958fc5e03cdefc2a586ad682199065c3330
c6a5dd987c14d9f4f3e82b36933e2cfb563e2cf451dc83175ff6d0d20a0d7d13
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855