urlscan.io logo urlscan.io
SecurityTrails logo

www.redlrect-andyor.site Open in urlscan Pro
2606:4700:3032::ac43:a875  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Submission: On September 20 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3032::ac43:a875, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.redlrect-andyor.site.
TLS certificate: Issued by E1 on September 19th 2023. Valid for: 3 months.
This is the only time www.redlrect-andyor.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

26    2606:4700:3032::ac43:a875 (United States)

ASN13335 (CLOUDFLARENET, US)
www.redlrect-andyor.site
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2404:6800:4004:823::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    64.185.227.156 (United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com
api.ipify.org
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2404:6800:4008:c19::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
26 redlrect-andyor.site
www.redlrect-andyor.site
261 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
147 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683
72 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
31 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
49 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
352 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2769
223 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
30 KB
0 ip-api.com Failed
ip-api.com Failed
41 10
Domain Requested by
26 www.redlrect-andyor.site www.redlrect-andyor.site
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.redlrect-andyor.site
www.googletagmanager.com
2 maxcdn.bootstrapcdn.com www.redlrect-andyor.site
maxcdn.bootstrapcdn.com
2 cdnjs.cloudflare.com www.redlrect-andyor.site
2 cdn.jsdelivr.net www.redlrect-andyor.site
1 stats.g.doubleclick.net www.google-analytics.com
1 api.ipify.org code.jquery.com
1 code.jquery.com www.redlrect-andyor.site
0 ip-api.com Failed code.jquery.com
41 10

This site contains no links.

Subject Issuer Validity Valid
redlrect-andyor.site
E1		 2023-09-19 -
2023-12-18		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Frame ID: 75BC33E9A6AF1F7141E997656A74B0BB
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

セキュリティ センター Code #0x268d3 サービス

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

98 %
HTTPS

89 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

611 kB
Transfer

1348 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		42 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f05c77ffcf0499115478b66b03da9d22ec2742032c1609b65f897b87628982

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
809783c4ccc5e06e-NRT
content-encoding
br
content-type
text/html
date
Wed, 20 Sep 2023 05:02:10 GMT
last-modified
Tue, 12 Sep 2023 20:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03%2BK%2Bx%2Fe9wuGRZOdi5PwbAogmynSQ6W43caElOMPtuD1VIE2lBbx0h8zQRn4npgPgUt97HiNZxTFAxaNUJdu0I7gC7Ho%2Ff7rVMpAlGqfQpXcR8%2BnkCMS%2F2bhbqr0s13X14RHUnAT6okzkJC%2FB1EoZgFMeFNDScs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redlrect-andyor.site/
Origin
https://www.redlrect-andyor.site
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 20 Sep 2023 05:02:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
18132084
x-jsd-version
4.6.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26291
x-served-by
cache-fra-eddf8230111-FRA, cache-nrt-rjtf7700046-NRT
x-jsd-version-type
version
etag
W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5295991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26657
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-6821"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGgswFttPzUHdPs2CNEZmw7l06nFGcqBnuZhaYlBvoHBwHAZoaNV1GLmELTvt8btEpJFMvrhl7cKzMYO3F7%2F8F0NHt9s2pl5uYY%2BKPeH7rCjVniv0xWOClpxB4jFWSnSo6uSpXsrG9F7uvLb93DIIe%2FC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809783c5fb1faf40-NRT
expires
Mon, 09 Sep 2024 05:02:10 GMT
main.css
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/main.css
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb61a5e6b50e8194f51a35b12768fd4d3caf123407373cb4fd81b1b5e30f6b1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1032
etag
W/"2e56-6052f00f60b8a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIqNDQ5r5F%2BmW7qSh0asmi6WV01ZaTN5DaLtYfVb%2BBE%2FTtYgDJoWbVqfmq2LbRsEv%2BQaJli86Gs7WaKLQg1Fyqpl1MNgVoN91tFVGbBEzMLbbwF1ie56Id0QKpXVvzpAARu4ARaruYlyE2QNqyRyFVeTGvHad1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
809783c5ee55e06e-NRT
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
753, 617, 617
age
31357079
cdn-cachedat
2021-06-19 03:25:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
275513b65ecaee506859e09f13a72b9f
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
809783c60926f5a7-NRT
cdn-requestpullsuccess
True
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
385518
x-cache
HIT, HIT
content-length
30125
x-served-by
cache-lga21971-LGA, cache-nrt-rjtf7700022-NRT
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1695186131.890730,VS0,VE0
etag
W/"28feccc0-15283"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
179, 10752
js
www.googletagmanager.com/gtag/ 		184 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-93923346-7
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f758859b1bc895c03182a5c955126ee558be6727cf56d7766666e2eda4a88704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68810
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Sep 2023 05:02:11 GMT
bg2.jpeg
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/bg2.jpeg
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
978
etag
"1bbe3-6052f0099b0ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dADcnCjG7DEBjWFSd4rrTRBvuCEQIEaozwrEegb5%2FVI3BQ%2BTP3kSRqNdnVEgVUOHTRIifSioMNaWYvAEnzZh1Q8uVrJSPpTEcBbBDxvNDQcgPnQrJreWuOMJ4U1t%2FU47tuggOOtPtFTzy%2BwGUtMhOIj80I%2BFAFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cf58071-NRT
alt-svc
h3=":443"; ma=86400
content-length
113635
minimize.jpeg
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/minimize.jpeg
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
977
etag
"8c7-6052f0175dd65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DJKbfK3zbK6dt7gS2AVgoEa%2B2PNxSxrenD2%2FzwLFodivzlYseWH37CHuhT40OZ%2B3pn%2BC1hQD8WgyTbP84L%2F8GEw9lh1E4tGgRtbLVWXjWug18Zkf%2BeYAwAdd643FzfVpkYhwA0LNNxAfdKJG9bc5ctGwK7r3n0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cf68071-NRT
alt-svc
h3=":443"; ma=86400
content-length
2247
microsoft.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/microsoft.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
977
etag
"415-6052f00f02f65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qAOMJOu%2FUsutQ6hKQhZWA7GDW6d%2B4sPcwmMZpY%2FTEGw8yI2eBKrg1BLRhtvUSu3ySfVvNw4seBXDwUMMARb39Y1U6PuaczjPy38b1c3KsiSAcKgtt4VCy6WnKqQTHAGf%2FuAUO0z%2BA%2Fk7T7AfU2oftBTLPceFmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cf78071-NRT
alt-svc
h3=":443"; ma=86400
content-length
1045
setting.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		364 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/setting.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
977
etag
"16c-6052f01980c39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcvF%2BX9alhZng6O9p58KbIUf%2FKysqeFXJj4bIY6%2FhBmIYtMep7hgjRdTcNPvUyts7WbzICg%2BXp%2FX9zh9gQwynjgFzcCEMWUkzu%2F6ifp%2BrYNUeluWZBXGRaF6xWjAwxrioqG4Hg3QaLHdsUskvyuwJd4aQJ7878o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cf88071-NRT
alt-svc
h3=":443"; ma=86400
content-length
364
que.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		349 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/que.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
977
etag
"15d-6052f004f47fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SUho2Qj3ccJ7sbCPKGPP9U%2B354IBKU1ao86wxlvCd5aizXdyFvLtWsxX032sbD6SUSy77HVIks9KduD%2F1ePZ5%2B5BCBeSjZHpFpVNEtto8D4qT9oK7XrAjBXHW6Pi8r8136O5zX8Am3jRNTaXPJzeWB0s7XKtqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cf98071-NRT
alt-svc
h3=":443"; ma=86400
content-length
349
virus-scan.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/virus-scan.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
976
etag
"650f-6052f013bc0fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf64ZP7dE%2FYBHKLwp6IqFqxZ9Z767veQO662gWiy68pmiJxyv2h1i0td098Lsm573jZ4QT2hGXsYX%2FB2e3xeqi19LVDkTx5TEJ8zm8ekGdYqbTIKnS6jrZQs44QS8bwISbYZtFgAkE8%2FHmCu93cg9h%2Fpt3T2Nn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cfa8071-NRT
alt-svc
h3=":443"; ma=86400
content-length
25871
bell.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/bell.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
976
etag
"454-6052f005bfa4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2B3NXOxRgMh%2FMth2C2mOPMqjc3QIXvWq86DxD%2FV1pi%2FLiKuf3YYcNcghv%2FE%2BdHtA3FiJa5DTie1M%2FSrXv%2BrP8kcPm3ZrYmqU%2BVA7y0Jz9KGmSdjvOVhbeanXl7RODtKO4GI0LO2SNWKmE80XKVWS4uN%2FeGq1bXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cfb8071-NRT
alt-svc
h3=":443"; ma=86400
content-length
1108
pc.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/pc.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
975
etag
"1355-6052f0162166a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i28N7gKIA2RLqKiJJdtDusZarspsOIbWXo%2B%2Fwk%2FFNU3bh%2BbTj8dCsIUoAEbDTXjCjNQ496K%2FbvA2%2F2rIzUwbjV%2B%2F3NI9W%2FiRE9wnA2EhMF40ExYgqnvMx5Gbo5%2BHx64n8x6ykgj726IIxLrUT11sRWriJMaRQiM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cfc8071-NRT
alt-svc
h3=":443"; ma=86400
content-length
4949
cross_white.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/cross_white.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102c0a47c23c47ef502307b29bb3c8cdde02532b161d4d57fd44f2da7b9804a2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
976
etag
"545-6052f01ae1563"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BNNRCTrGpwAjJw4fVmneZnGUdYPVdjx7PGJkf8YMeHYewPilfUkAbvntBJ9w0Onm6%2BzQgJswiMxQLMc5wRCyg69ei9edFUISPkC%2FYrZ5g6%2Bdfzv4iOjcMWmo%2FU8CnoK35mtBYeCEsaaMaRW5B2t5sp%2B5VDUVs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cfd8071-NRT
alt-svc
h3=":443"; ma=86400
content-length
1349
virus-scan-red.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/virus-scan-red.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a4ae64b1e5c7351637321703069f61e0de72add1ae3654d3919127655b87d1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
976
etag
"7340-6052f00a5b716"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56Gb4liAnXaJwDSWMw45dxoOToBOvyRuZNeaZYZ%2FMwK0iWFkq1DD9nl%2BlHbscnQ0dMaJfiLA6LOC23DW1lj33tjTTFCNAk26642uR4kx6aSttJ8JOXpZYv4sj2vgayzNeH933%2FqTqoPPxcm%2BnFWLUS5X84DO%2BUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cfe8071-NRT
alt-svc
h3=":443"; ma=86400
content-length
29504
virus-images.jpeg
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/virus-images.jpeg
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
975
etag
"2004-6052f0148a22b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrBgS8E90Jp23MQm7QZZ4H82dimwKQrE3Z18vVg89asojvq9bR6beETXlInuhxtbuA4r5L5q6vjfg158TKuGChRNP7n1dZBUqgXE2zQEq1%2BCJ6rtzxRERJV9hcqYpbIb1gubpln271UQhIPFKlhO9LX4sVfYXGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64cff8071-NRT
alt-svc
h3=":443"; ma=86400
content-length
8196
support.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/support.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a98d9b3734d7ef3ec1b562873c4cd212b86420e4e569b17a5414ab74c808581

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
975
etag
"3094-6052f00562dc7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kQfuKS1GKSOUzooMFcww1pDZzfIXn8%2F8rP6Ch7w%2FMoXJOfI3QRDeZRJf1lGS5RopNx68T%2BzALZW7Xcq477Tv0Npiv4R3O%2FRZo4qYrexGRdwp3L1mmPf%2BfZLZO3qwKqteFJHsLwF0mWjp%2F6BxqJOhUFYQPo%2F4lI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64d008071-NRT
alt-svc
h3=":443"; ma=86400
content-length
12436
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
899137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3979
last-modified
Thu, 22 Jun 2023 11:09:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942be3-f8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmGtrlhNIjLreJidQRsBHEEaWbZqAHGaWg0daHjJOMHT2hF51PyR018Vos1NxkkuGKIwILnK9iEemeo2v3t0cQvqivfmteM%2B7HsmYrmklga3vlR%2FBO3OQmpGzpEmz96UOwuNRRhl15z52YRqSA7UFLW%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809783c63b5caf40-NRT
expires
Mon, 09 Sep 2024 05:02:10 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redlrect-andyor.site/
Origin
https://www.redlrect-andyor.site
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 20 Sep 2023 05:02:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
1302717
x-jsd-version
4.6.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23377
x-served-by
cache-fra-etou8220029-FRA, cache-nrt-rjtf7700046-NRT
x-jsd-version-type
version
etag
W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
fullscreen.js
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/fullscreen.js
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffe37b4a00a88fdf821598caccfbd5287d3926288fff0583cb196c765ccf0329

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
978
etag
W/"50e-6052f01a18254-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVSw1GPsNxxv3dItTIZdkZZBnBbLxp0riL3DGkMcUl7IY4gVnJAFqztYjaFP0jVoz%2Bmnhp%2FB%2BnyjWlJHc08ZqTFvoh3uGerhxCyKjQPtX3GDU3FDaXaLj1XE4%2BSPFFjarx5Q46%2B%2FPk7UzJyXK9dojthuNU4R%2Fdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
809783c64cf08071-NRT
alt-svc
h3=":443"; ma=86400
before.js
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/before.js
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f403ab10502d81b357c001e8be57d81e36cfabb8a714bf61a718a1b2b77ee03d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
978
etag
W/"58f-6052f00814613-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf2wCVdq1mULwAlLCrazqOiLK8JvDkBNqhLPUTxkhYg4i67DePKYS%2FiLK5Xfu5603ul4Hqd6h7LaXOqQC3KvTLLDgLDE9M3YCGP261JqDcVlDVMBh%2Fyx3VrFZe3RYBT56x5sejuchkHWHVEuKZv7AmyTt%2FhsntM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
809783c64cf28071-NRT
alt-svc
h3=":443"; ma=86400
main.js
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/main.js
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1ed53e03c0065d04f2fd1b26da060546b130d4312eed53ff25c26af4e16db0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
976
etag
W/"bb2-6052f0128c525-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFMZiO1acwi5Rcg4779uQQdYZbGqc5WaH0JfnewwU1j9gN3Fmuq8F5DPImrPV1FQR%2FPjzSNOrmAH7L5rPKScwg%2FcjXlO%2Bt1F3BFzdD8fK%2FV0FeFRnRPb1KiF0aXHCp79WrvbeLWkzcHb9jiNUXnvB2e1av3qiYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
809783c64cf38071-NRT
alt-svc
h3=":443"; ma=86400
light.js
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/light.js
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c418378adc059c7a1fe9cdc1d5a508840394941f3d967c1a6df7e911715e8ca0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
976
etag
W/"715-6052f00d6bb27-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQ0gmO5PPJnGOi36mrt3UZUUP%2Febp3WCyuhymJW53tCM5if0MocKXEZbsr1zKSys9C5FlrfwzMy9pPYydmriRPrnpC0yaNu9W%2FD8uS5741qceJ17%2Bfz92rT%2BcrvsqlsVgAGOSCzKWpjIGDRb8YgkI2x8Og3VKpo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
809783c64cf48071-NRT
alt-svc
h3=":443"; ma=86400
/
api.ipify.org/ 		23 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.185.227.156 , United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-227-156.static.webnx.com
Software
nginx/1.25.1 /
Resource Hash
e70246309b2d63b68e6777716e532179cedc921d0e5781585ececf38f3f05fda

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.redlrect-andyor.site/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Sep 2023 05:02:11 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
23
Vary
Origin
Content-Type
application/json
/
ip-api.com/json/ 		0
0
minimize.jpeg
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/minimize.jpeg
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
977
etag
"8c7-6052f0175dd65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KibZ7MtCWqRadw%2F2sOQRPt7%2FT3rvzcTrtSr5k6zpl0errm%2BDVvRz2anl2ExTOuiVTsMzutqOs9YaVA8wgsSDY%2FeOXkYvmxbico%2BwHZQR2lMpUOznz%2FOkXapAgcSHkcniHYdYk43h%2B3gXhHRURBTqcHjGxaBAoLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64d018071-NRT
alt-svc
h3=":443"; ma=86400
content-length
2247
microsoft.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/microsoft.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
977
etag
"415-6052f00f02f65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FaYnUr%2BgRiiT5EvRBwllOaKvoPoZRnDWLDqzC3uvty3n1dOqMMCqK3B3yoraVroboHL881ArQ4LQrp3fxPZxlotQwTCvf1oIXF%2BCxV4nmDDG3LmtS8VGoyGGgIni9uP69AFdE7UuZS7B5WSaYmYjOrJ%2Fze9re8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64d028071-NRT
alt-svc
h3=":443"; ma=86400
content-length
1045
setting.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		364 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/setting.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
977
etag
"16c-6052f01980c39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1Lx9ghaFi9rvQJB03YbAs%2BiMaElubfTZrjMOxw3QUqh8meaDNK0eObZE82HDEa9Dod6GB6WRZpn%2Fs3vYWLqRaouQALQnuuobKaXkeGR5Fo%2FINB5Bb0OqrmeQ%2B9Z6QkOM4cn%2FUKTXlqbLzSns9%2Bzdb9SrN1p9Cg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64d048071-NRT
alt-svc
h3=":443"; ma=86400
content-length
364
que.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		349 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/que.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
977
etag
"15d-6052f004f47fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yY9WctVIR51bfrL8b15mzY9jdsO0hzrIP9SNHjeTY%2Bb1RLNzXtuW2S%2F%2Fht%2FV1SyMBdzQFiYBwn%2Bhez66fl61Zr7vYpqdJzrn3Lfh2Eh4JAErAgcOXFvf4ZO%2FVSx0d8o7BT73QUHzAoJAQ%2Fq%2FVTmPr4vCHffxPC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64d058071-NRT
alt-svc
h3=":443"; ma=86400
content-length
349
virus-scan.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/virus-scan.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
976
etag
"650f-6052f013bc0fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfRHQOsmPbMswoTsDjRdsYbkaWoXXvBUrat5D5mLGjGeE6hiE6VVtluiodEbpebyfg%2FItVf24v2oZXK4VoFY9XYQiy5OGcyGcD894YcfSDcW3Cm6ccaeSD95Zy7XZXLojD76Lr%2BxBtG6lLizXZ5GIE5KgFOlVjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64d068071-NRT
alt-svc
h3=":443"; ma=86400
content-length
25871
bell.png
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/bell.png
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
976
etag
"454-6052f005bfa4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2XQPClBQ3HP%2F1MPrJCCjGccAbah9vcBCcR3iA0%2FSdIa2aYrvwnfP%2BXjEajo%2BybppFQgaeMcnfZ4NBlHcI%2FZJWle%2FB136%2FIFNuKQI9hQtFxUnz1kb2BhdMBBu6odfz3uE6L4UoNb0eQDCTJHro30cF9uJs9Jkk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809783c64d078071-NRT
alt-svc
h3=":443"; ma=86400
content-length
1108
0wa0rni0ng0.mp3
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		8 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/0wa0rni0ng0.mp3
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 20 Sep 2023 05:02:10 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
967
etag
"20d5-6052f0186394b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toh6fRrM9l6BzjZkoFYxHPfQsg15JY9Fd1K6XRW3ha8BeowVFSVbArJsc%2F1oNMz3Bk3e9w8ddoB4xWs7%2BObgq5mcfz8sWfwWJ%2FqqBsrXza63Agyfqwi55R5HabH3QkiV%2BkH6EtRkJN1dvvFgOZ1Bk2zvkPAe1BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-8404/8405
cache-control
max-age=14400
cf-ray
809783c6bd438071-NRT
alt-svc
h3=":443"; ma=86400
Content-Length
8405
wa0lDErtm0s.mp3
www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/ 		85 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/wa0lDErtm0s.mp3
Requested by
Host: www.redlrect-andyor.site
URL: https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a875 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 20 Sep 2023 05:02:11 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 20:08:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
967
etag
"2f44c-6052f004295ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxQlUc8E3Ci8530olAvPFtg%2FvMG5rkr84EDyXkGu3o5eLwOUzgbPa8E7%2FWCLhMMgVI3F6W1k14C13bvtjf5tKTZetuzm%2FenKVvVtTEbrZTn3ZCMgIKQqGmP35GVx0nz0eUn%2BjSxxS%2BfU7kahRWS3%2BVGS5rZMyvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-193611/193612
cache-control
max-age=14400
cf-ray
809783c71d8b8071-NRT
alt-svc
h3=":443"; ma=86400
Content-Length
193612
js
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZQCDX5YPJ6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93923346-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94b18a5b6291d140deb1e1460e2d76fc0aa5ab12a602b6b77040102848577f20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81002
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 05:02:11 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93923346-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 03:44:40 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4651
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Sep 2023 05:44:40 GMT
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=543212825&t=pageview&_s=1&dl=https%3A%2F%2Fwww.redlrect-andyor.site%2F80170%2FEr0Wind0fsd0Security087%2Findex.html&ul=en-us&de=UTF-8&dt=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%20%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC%20Code%20%230x268d3%20%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=158457172&gjid=1237234625&cid=538669539.1695186131&tid=UA-93923346-7&_gid=216892128.1695186131&_r=1&gtm=457e39i0&jsscut=1&z=211852120
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redlrect-andyor.site/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 05:02:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redlrect-andyor.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-93923346-7&cid=538669539.1695186131&jid=158457172&gjid=1237234625&_gid=216892128.1695186131&_u=YEBAAUAAAAAAACAAI~&z=99994250
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c19::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redlrect-andyor.site/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Sep 2023 05:02:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redlrect-andyor.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZQCDX5YPJ6&gtm=45je39i0&_p=543212825&cid=538669539.1695186131&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1695186131&sct=1&seg=0&dl=https%3A%2F%2Fwww.redlrect-andyor.site%2F80170%2FEr0Wind0fsd0Security087%2Findex.html&dt=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%20%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC%20Code%20%230x268d3%20%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQCDX5YPJ6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.redlrect-andyor.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 05:02:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redlrect-andyor.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://www.redlrect-andyor.site
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:02:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
987
age
1024
cdn-cachedat
09/13/2022 20:52:11
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9851e74207ba9f0ae108a51e306edd9a
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
809783d6ccaa203d-NRT
cdn-requestpullsuccess
True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ip-api.com
URL
http://ip-api.com/json/?fields=status,city,country,isp

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| getVariableFromURl string| phone string| phone_number string| phone_number2 function| gtag object| dataLayer object| html5 object| Modernizr object| bootstrap function| _0x43dcbf function| _0x29ed function| _0xd53d function| _0x307022 function| _0x53f6 function| _0x257b function| _0x2f54 function| _0x468354 function| _0x18cd function| _0x2890 function| _0x3aa6b5 function| _0x5e0b function| addEvent object| modal object| btn undefined| span object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.redlrect-andyor.site/ Name: _gid
Value: GA1.2.216892128.1695186131
.redlrect-andyor.site/ Name: _gat_gtag_UA_93923346_7
Value: 1
.redlrect-andyor.site/ Name: _ga_ZQCDX5YPJ6
Value: GS1.1.1695186131.1.0.1695186131.0.0.0
.redlrect-andyor.site/ Name: _ga
Value: GA1.1.538669539.1695186131

1 Console Messages

Source Level URL
Text
security error URL: https://code.jquery.com/jquery-3.2.1.min.js(Line 3)
Message:
Mixed Content: The page at 'https://www.redlrect-andyor.site/80170/Er0Wind0fsd0Security087/index.html' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://ip-api.com/json/?fields=status,city,country,isp'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
ip-api.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.redlrect-andyor.site
ip-api.com
2001:4860:4802:34::178
2404:6800:4004:823::2008
2404:6800:4008:c19::9d
2606:4700:3032::ac43:a875
2606:4700::6811:180e
2606:4700::6812:bcf
2a04:4e42:400::485
2a04:4e42:400::649
64.185.227.156
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
102c0a47c23c47ef502307b29bb3c8cdde02532b161d4d57fd44f2da7b9804a2
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
48a4ae64b1e5c7351637321703069f61e0de72add1ae3654d3919127655b87d1
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
6a98d9b3734d7ef3ec1b562873c4cd212b86420e4e569b17a5414ab74c808581
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1ed53e03c0065d04f2fd1b26da060546b130d4312eed53ff25c26af4e16db0
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342
94b18a5b6291d140deb1e1460e2d76fc0aa5ab12a602b6b77040102848577f20
98f05c77ffcf0499115478b66b03da9d22ec2742032c1609b65f897b87628982
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
beb61a5e6b50e8194f51a35b12768fd4d3caf123407373cb4fd81b1b5e30f6b1
c418378adc059c7a1fe9cdc1d5a508840394941f3d967c1a6df7e911715e8ca0
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70246309b2d63b68e6777716e532179cedc921d0e5781585ececf38f3f05fda
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
f403ab10502d81b357c001e8be57d81e36cfabb8a714bf61a718a1b2b77ee03d
f758859b1bc895c03182a5c955126ee558be6727cf56d7766666e2eda4a88704
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffe37b4a00a88fdf821598caccfbd5287d3926288fff0583cb196c765ccf0329