urlscan.io logo urlscan.io
SecurityTrails logo

xn--21-6kcip7dial.xn--p1ai Open in urlscan Pro Puny
рассвет21.рф IDN
2a03:6f00:1::5c35:6033  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Effective URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Submission: On June 10 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 19 domains to perform 37 HTTP transactions. The main IP is 2a03:6f00:1::5c35:6033, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is xn--21-6kcip7dial.xn--p1ai.
TLS certificate: Issued by R3 on April 2nd 2021. Valid for: 3 months.
This is the only time xn--21-6kcip7dial.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a03:6f00:1::... 9123 (TIMEWEB-AS)
6 151.101.14.133 54113 (FASTLY)
2 145.239.131.60 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.96.102.137 15169 (GOOGLE)
1 50.16.185.137 14618 (AMAZON-AES)
1 52.222.195.64 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 35.244.142.80 15169 (GOOGLE)
2 2 2620:119:50e3... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 54.84.30.144 14618 (AMAZON-AES)
37 21
1    2a03:6f00:1::5c35:6033 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
xn--21-6kcip7dial.xn--p1ai
6    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
assets.aweber-static.com
2    145.239.131.60 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co
image.ibb.co
i.ibb.co
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    50.16.185.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-185-137.compute-1.amazonaws.com
i.kissmetrics.com
1    52.222.195.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-195-64.cdg50.r.cloudfront.net
scripts.kissmetrics.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
2    2620:119:50e3:101::6cae:b45 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.84.30.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
trk.kissmetrics.io
Domain Requested by
6 assets.aweber-static.com xn--21-6kcip7dial.xn--p1ai
assets.aweber-static.com
3 connect.facebook.net xn--21-6kcip7dial.xn--p1ai
connect.facebook.net
3 bat.bing.com xn--21-6kcip7dial.xn--p1ai
bat.bing.com
2 www.facebook.com xn--21-6kcip7dial.xn--p1ai
2 www.google.de xn--21-6kcip7dial.xn--p1ai
2 www.google.com xn--21-6kcip7dial.xn--p1ai
2 px.ads.linkedin.com 2 redirects
2 s.yimg.com xn--21-6kcip7dial.xn--p1ai
s.yimg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dev.visualwebsiteoptimizer.com xn--21-6kcip7dial.xn--p1ai
1 trk.kissmetrics.io scripts.kissmetrics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 px4.ads.linkedin.com xn--21-6kcip7dial.xn--p1ai
1 www.linkedin.com 1 redirects
1 cdn.pdst.fm xn--21-6kcip7dial.xn--p1ai
1 snap.licdn.com xn--21-6kcip7dial.xn--p1ai
1 www.googleadservices.com www.googletagmanager.com
1 i.ibb.co xn--21-6kcip7dial.xn--p1ai
1 scripts.kissmetrics.com xn--21-6kcip7dial.xn--p1ai
1 i.kissmetrics.com xn--21-6kcip7dial.xn--p1ai
1 www.googletagmanager.com xn--21-6kcip7dial.xn--p1ai
1 image.ibb.co xn--21-6kcip7dial.xn--p1ai
1 xn--21-6kcip7dial.xn--p1ai
37 24

This site contains no links.

Subject Issuer Validity Valid
xn--21-6kcip7dial.xn--p1ai
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
*.aweber-static.com
RapidSSL RSA CA 2018		 2020-06-15 -
2021-08-14		 a year crt.sh
ibb.co
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.kissmetrics.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-28 -
2022-06-09		 a year crt.sh
*.kissmetrics.io
Sectigo RSA Domain Validation Secure Server CA		 2020-06-16 -
2021-06-16		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-06-03 -
2021-07-21		 2 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
cdn.pdst.fm
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Frame ID: 3EF2C8DBCE41E543CA46D373BD182584
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:Start|End) Visual Website Optimizer A?Synchronous Code -->/i
  • script /dev\.visualwebsiteoptimizer\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

61 %
IPv6

19
Domains

24
Subdomains

21
IPs

6
Countries

438 kB
Transfer

1472 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&time=1623292019235&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D256865%26time%3D1623292019235%26url%3Dhttps%253A%252F%252Fxn--21-6kcip7dial.xn--p1ai%252Fsomt%252FExcel%252FScan_Document_2020.html%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&time=1623292019235&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&time=1623292019235&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&liSync=true&e_ipv6=AQKITNiuKNFd_AAAAXnzvoS34-ELl-wAhxD4rQQq27MVBdIw_rCTvKKHublKokqGFeyXg4qD

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Scan_Document_2020.html
xn--21-6kcip7dial.xn--p1ai/somt/Excel/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:1::5c35:6033 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
7676feb5b949c57e013dc58e2b42d1f7a0282219417d0365a1e4b8081e611b04

Request headers

:method
GET
:authority
xn--21-6kcip7dial.xn--p1ai
:scheme
https
:path
/somt/Excel/Scan_Document_2020.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.14.1
date
Thu, 10 Jun 2021 02:26:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 09 Jun 2021 06:28:10 GMT
etag
W/"2d49-5c44f60de05bb"
content-encoding
gzip
main.50315030.css
assets.aweber-static.com/www/assets/css/ 		384 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/css/main.50315030.css
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d4e4bf73adea4c9618bd375cbdd5bb1806a9a97bc7834aec68d21bb9c1e7442

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3HL_eJIQSMN01BwkgDNKXg.F1xGBEMUy
content-encoding
gzip
etag
"78fe02dc37f46aee49d79c51168a10f3"
age
68236
via
1.1 varnish
x-cache
HIT
content-length
64259
x-amz-id-2
fSRIDi2nRP2qRiBv2VpFMDxAELfYRTwkkdYJ3AcySwtiOZTq9WIZcaeqHxbTxjsGyGmPKF14k6U=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 03 Jan 2018 20:25:28 GMT
server
AmazonS3
x-timer
S1623292019.636968,VS0,VE1
date
Thu, 10 Jun 2021 02:26:58 GMT
vary
Accept-Encoding
x-amz-request-id
R8Q3R2FQN0R5TFFW
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
x-cache-hits
1
jquery.5a555b6d.js
assets.aweber-static.com/www/assets/bundles/ 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/bundles/jquery.5a555b6d.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bbb02166c3396d0f40fa8ebe151e046e70e00d2d842fe40d4f215a81f0772b3

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nEC0pXCYIdLlaCFyW.NJp92ITbQ4XtOR
content-encoding
gzip
etag
"5c1504dbb73fcf8cf75abed2d97a0777"
age
68248
via
1.1 varnish
x-cache
HIT
content-length
38193
x-amz-id-2
hBipco9odC76eQHBQQOHrOiWZnvlMhQZ1BLluI+Y6Ml2qpQWwgDvC1ZfWg1I1pZQ8YA3ueGjfg4=
x-served-by
cache-fra19181-FRA
last-modified
Fri, 12 Jan 2018 16:37:55 GMT
server
AmazonS3
x-timer
S1623292019.637102,VS0,VE1
date
Thu, 10 Jun 2021 02:26:58 GMT
vary
Accept-Encoding
x-amz-request-id
5H88V56TB39T5WQC
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
vendor.98010375.js
assets.aweber-static.com/www/assets/bundles/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/bundles/vendor.98010375.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88ac03bb60640d37911839e3408fafc1fa5fa9f9c9dbd3de528066ec1b6597aa

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
HdpT90ZK.MNlglIeCa3xNn4ProoohTbL
content-encoding
gzip
etag
"36626a5655ccad577db446555bf4ccd6"
age
0
via
1.1 varnish
x-cache
MISS
content-length
27922
x-amz-id-2
799Mj3OweX3ScN75KmvjraqI0/uE1cc+RCaaQCy7NerjOKWmm3V/gXBAgHfbmhwyiXcmljJgJwg=
x-served-by
cache-fra19181-FRA
last-modified
Fri, 12 Jan 2018 16:37:57 GMT
server
AmazonS3
x-timer
S1623292019.637092,VS0,VE485
date
Thu, 10 Jun 2021 02:26:59 GMT
vary
Accept-Encoding
x-amz-request-id
BWQBVAEBGV51S5X5
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0
lib.becade21.js
assets.aweber-static.com/www/assets/bundles/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/bundles/lib.becade21.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43c6c415e0250d62b72f26e96e93d7627dd05295cea6dca4f0429e43a91b3aa4

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5zpXDf6fMIE09AQnekKYv9r0OnbBRWVB
content-encoding
gzip
etag
"554df709b421134fe1de27725d45c116"
age
0
via
1.1 varnish
x-cache
MISS
content-length
8850
x-amz-id-2
FZql1raR0le2+szHhmGfdk60GeET6TplHJABYdeNLzAF8e4wDIIxwkVN6gQYf/QKCc3OOOymcbY=
x-served-by
cache-fra19181-FRA
last-modified
Fri, 05 Jan 2018 20:35:58 GMT
server
AmazonS3
x-timer
S1623292019.637091,VS0,VE326
date
Thu, 10 Jun 2021 02:26:58 GMT
vary
Accept-Encoding
x-amz-request-id
BWQAF02Q612BY4MN
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0
xls2.png
image.ibb.co/iSA8SR/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.ibb.co/iSA8SR/xls2.png
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.60 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
d55f5f4c4a257601e0c11d8a03f00105a308e7e654cef0ed99b4c7cc6cf94488

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:26:59 GMT
last-modified
Thu, 18 Jan 2018 06:20:11 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
37324
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		168 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5J4XPK&gtm_auth=UYNjOPXi40kADX0ZYRcuvw&gtm_preview=env-50&gtm_cookies_win=x
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fbea04225049b898cf6c0caec4ad60274cda64bdbebc12d5b8517106429d9cdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:26:59 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49201
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=1330&u=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&r=0.6524848079431249
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
a5ded5e88be4993d8a52f5afdddb0758fa1dd59de7278b5ce532e51599124571

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 02:26:58 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
SourceSansPro-Regular.967c60da.woff2
assets.aweber-static.com/www/assets/fonts/source-sans-pro/regular/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/fonts/source-sans-pro/regular/SourceSansPro-Regular.967c60da.woff2
Requested by
Host: assets.aweber-static.com
URL: https://assets.aweber-static.com/www/assets/css/main.50315030.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Request headers

Origin
https://xn--21-6kcip7dial.xn--p1ai
Referer
https://assets.aweber-static.com/www/assets/css/main.50315030.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nUkSREdmXGzdhRK76f3SJORrxKDXSWfy
via
1.1 varnish
etag
"967c60da0742e7f2bdfbde13accaf519"
age
0
x-cache
MISS
content-length
12960
x-amz-id-2
LjyUqyQJiDiqALC5uHHk/jc35Qoi4nU99uHUHdbNe8EgO9GNHvTZLn4IhdJv3NcDqOGVjD1F8dk=
x-served-by
cache-fra19143-FRA
last-modified
Thu, 30 Nov 2017 16:08:44 GMT
server
AmazonS3
x-timer
S1623292019.185861,VS0,VE328
date
Thu, 10 Jun 2021 02:26:59 GMT
x-amz-request-id
TZ2VCF7ER7C0ADBC
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
x-cache-hits
0
SourceSansPro-Semibold.5a4f76c9.woff2
assets.aweber-static.com/www/assets/fonts/source-sans-pro/semibold/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/www/assets/fonts/source-sans-pro/semibold/SourceSansPro-Semibold.5a4f76c9.woff2
Requested by
Host: assets.aweber-static.com
URL: https://assets.aweber-static.com/www/assets/css/main.50315030.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e

Request headers

Origin
https://xn--21-6kcip7dial.xn--p1ai
Referer
https://assets.aweber-static.com/www/assets/css/main.50315030.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vPnTVymu2.5ASvwIuzzgIqabBa5WpaNy
via
1.1 varnish
etag
"5a4f76c9cb1886f5682d1093f4fac915"
age
0
x-cache
MISS
content-length
12916
x-amz-id-2
Z/LRNoYGeTfT3WFCjs/HaM9/wfNUVqtJxckvvwbscYV1vfM5udttCKAlqYMDUTLP74jrFTjf5Pc=
x-served-by
cache-fra19143-FRA
last-modified
Thu, 30 Nov 2017 16:08:44 GMT
server
AmazonS3
x-timer
S1623292019.185841,VS0,VE311
date
Thu, 10 Jun 2021 02:26:59 GMT
x-amz-request-id
TZ2Q8Z11P10NGE0R
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
x-cache-hits
0
i.js
i.kissmetrics.com/ 		39 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kissmetrics.com/i.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.185.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-185-137.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 02:26:56 GMT
Server
nginx
P3P
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
39
Expires
Sat, 10 Jul 2021 02:26:56 GMT
7380cf13bcddad3f1993fd5b0f313c4c7c679d73.2.js
scripts.kissmetrics.com/ 		114 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.kissmetrics.com/7380cf13bcddad3f1993fd5b0f313c4c7c679d73.2.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.195.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-195-64.cdg50.r.cloudfront.net
Software
nginx/1.6.2 /
Resource Hash
bec55be18119709e4dc452197b295940b5cb59f52af0984477db1b02b65cc5d4

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 02:29:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 17:14:24 GMT
Server
nginx/1.6.2
X-Amz-Cf-Pop
CDG50-P2
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
P3P
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Via
1.1 a5d054ec657be0f6c3a94aea7a055e24.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=utf-8
X-Amz-Cf-Id
Q8YshdtmDnb-4BSh7u6WcpHvkzkpMUPBs_eRmWmGlvJLJ4pd_iv48w==
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=1330&d=xn--21-6kcip7dial.xn--p1ai&u=DDC7780283FA312E4BE3EB110C0344047&h=ee40c6051e62a5b68eeb94f1063305c3&t=false&r=0.45151246445520465
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 02:26:58 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
default.jpg
i.ibb.co/2jHLnjX/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/2jHLnjX/default.jpg
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.60 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:26:59 GMT
server
nginx
content-length
1157
content-type
image/png
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J4XPK&gtm_auth=UYNjOPXi40kADX0ZYRcuvw&gtm_preview=env-50&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1578
date
Thu, 10 Jun 2021 02:00:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 10 Jun 2021 04:00:41 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5J4XPK&gtm_auth=UYNjOPXi40kADX0ZYRcuvw&gtm_preview=env-50&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
7ed6ea6b994f975e4ede747d96d2eb3f63ad55b3d5803615fdb115b487b461d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13984
x-xss-protection
0
server
cafe
etag
12421713846596914618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Jun 2021 02:26:59 GMT
bat.js
bat.bing.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:26:58 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref
Ref A: A8C73846F9AF492CBEA2ECE9C3D52E48 Ref B: FRAEDGE1221 Ref C: 2021-06-10T02:26:59Z
etag
"0d2a696ff53d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9008
fbevents.js
connect.facebook.net/en_US/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24515
x-fb-rlafr
0
pragma
public
x-fb-debug
53f4l3uSi7PuzZ7zJLhVc/CiXI7ImYEHgR/Zg7GdxtuvnuUj/CLDyH1QcsYdZqkGR90U/q5voTN5OcFnKk7CVw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 10 Jun 2021 02:26:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 10 Jun 2021 01:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2181
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5639
x-amz-id-2
kCUN8HwJ96naLHuuWI03l9Mu4u73M9ELAk76bal5qk32rpZ7OgwGr/axLCAzXAqyW7TUrEZkE7A=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 27 May 2021 13:00:20 GMT
server
ATS
etag
"6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
A309QDA5H9KVBN4D
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges
bytes
content-type
application/javascript
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 02:26:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=52368
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 01:55:56 GMT
content-encoding
gzip
age
1863
x-guploader-uploadid
ABg5-UxtWEoC6UsVHckjPHg3MtwKNCIZilWPD6NlkPHThuwIB3GLB56uEspI7Eywjb-2Z12f96SqXRypyA30_sKTVg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation
1622234043862937
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Thu, 10 Jun 2021 02:55:56 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=188877388&t=pageview&_s=1&dl=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&ul=en-us&de=UTF-8&dt=Request%20for%20Quotation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1571118145&gjid=347200645&cid=1383340385.1623292019&tid=UA-1759093-10&_gid=2094663939.1623292019&_r=1&gtm=2wg6215J4XPK&z=1611960885
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 02:26:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--21-6kcip7dial.xn--p1ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
440422.json
s.yimg.com/wi/config/ 		2 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/440422.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
TZ2HNKAZCFHDNZJD
x-amz-id-2
o3oYvhgWkulnZ+0dIWyqLauHUAcvj1NckeWOBPOkISIyFPlcuB7fbicuTUD6wROMXnw82vAUgPE=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&time=1623292019235&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D256865%26time%3D1623292019235%26url%3Dhttps%253A%252F%252Fxn--21-6kcip7dial.xn--p...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&time=1623292019235&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&time=1623292019235&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&liSync=true&e_ipv6=AQKITNiuKNFd_A...
0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&time=1623292019235&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&liSync=true&e_ipv6=AQKITNiuKNFd_AAAAXnzvoS34-ELl-wAhxD4rQQq27MVBdIw_rCTvKKHublKokqGFeyXg4qD
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:27:00 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
+8sj530XhxYQCAn70SoAAA==

Redirect headers

date
Thu, 10 Jun 2021 02:26:59 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&time=1623292019235&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&liSync=true&e_ipv6=AQKITNiuKNFd_AAAAXnzvoS34-ELl-wAhxD4rQQq27MVBdIw_rCTvKKHublKokqGFeyXg4qD
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
HfCZ030Xhxbw2qp0nisAAA==
137848689911278
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/137848689911278?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e032e9b4b719a7a3c4e2df0871c54bc72f25db2f1a141e0410239edf3eeae5a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
3WI9h3BSC7l7Wl2zAZ55+aGXW9fc3zjJAiY2+zQwgxDmrIb6PXDeMXPlt0GfOdKCLleV9fEiwPVoi1kgsodvRw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 10 Jun 2021 02:26:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071267547/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071267547/?random=1623292019253&cv=9&fst=1623292019253&num=1&label=ZCXGCPv1qgMQ2_3o_gM&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&tiba=Request%20for%20Quotation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7521420752694a10973a88dd762226a8c4a5fc31344076643dbe51ae09f21ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 02:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1759093-10&cid=1383340385.1623292019&jid=1571118145&gjid=347200645&_gid=2094663939.1623292019&_u=YEBAAAAAAAAAAC~&z=1246867462
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Jun 2021 02:26:59 GMT
content-type
text/plain
access-control-allow-origin
https://xn--21-6kcip7dial.xn--p1ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
4010922.js
bat.bing.com/p/action/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4010922.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Jun 2021 02:26:58 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 1DC107A043134C1B94EA387FA496C571 Ref B: FRAEDGE1221 Ref C: 2021-06-10T02:26:59Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4010922&Ver=2&mid=cf97fd83-6e56-4ae3-9c6f-80b84ae3292d&sid=55409130c99311ebb16e89013504b0d7&vid=55408c20c99311ebbb1e6366e301b202&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Request%20for%20Quotation&p=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&r=&lt=708&evt=pageLoad&msclkid=N&sv=1&rn=263121
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 10 Jun 2021 02:26:58 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: C3A4760B273149B880EFCCC0780A8BA0 Ref B: FRAEDGE1221 Ref C: 2021-06-10T02:26:59Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1759093-10&cid=1383340385.1623292019&jid=1571118145&_u=YEBAAAAAAAAAAC~&z=1877129313
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 02:26:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1759093-10&cid=1383340385.1623292019&jid=1571118145&_u=YEBAAAAAAAAAAC~&z=1877129313
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 02:26:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1071267547/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071267547/?random=1623292019253&cv=9&fst=1623290400000&num=1&label=ZCXGCPv1qgMQ2_3o_gM&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&frm=0&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&tiba=Request%20for%20Quotation&async=1&fmt=3&is_vtc=1&random=3279018541&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 02:26:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1071267547/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1071267547/?random=1623292019253&cv=9&fst=1623290400000&num=1&label=ZCXGCPv1qgMQ2_3o_gM&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&frm=0&url=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&tiba=Request%20for%20Quotation&async=1&fmt=3&is_vtc=1&random=3279018541&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 02:26:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
error
connect.facebook.net//log/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.facebook.net//log/error?p=pixel&v=2.9.41&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20s%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F137848689911278%3Fv%3D2.9.41%26r%3Dstable%3A25%3A5140)%0A%20%20%20%20at%20u%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F137848689911278%3Fv%3D2.9.41%26r%3Dstable%3A25%3A5495)%0A%20%20%20%20at%20y%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F137848689911278%3Fv%3D2.9.41%26r%3Dstable%3A25%3A6965)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F137848689911278%3Fv%3D2.9.41%26r%3Dstable%3A25%3A7642)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A67555)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A9529)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10167)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A8946)&ue=0&rs=stable&rqm=FGET
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=137848689911278&ev=PageView&dl=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&rl=&if=false&ts=1623292019507&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623292019505.2100494774&it=1623292019241&coo=false&rqm=GET
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:26:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 10 Jun 2021 02:26:59 GMT
e
trk.kissmetrics.io/ 		43 B
376 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trk.kissmetrics.io/e
Requested by
Host: scripts.kissmetrics.com
URL: https://scripts.kissmetrics.com/7380cf13bcddad3f1993fd5b0f313c4c7c679d73.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.30.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 10 Jun 2021 02:26:59 GMT
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 10 Jun 2021 02:26:58 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=137848689911278&ev=Microdata&dl=https%3A%2F%2Fxn--21-6kcip7dial.xn--p1ai%2Fsomt%2FExcel%2FScan_Document_2020.html&rl=&if=false&ts=1623292020009&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Request%20for%20Quotation%22%2C%22meta%3Adescription%22%3A%22Log%20in%20to%20your%20AWeber%20account%20(or%20AWeber%20affiliate%20account)%20by%20entering%20your%20username%20or%20Affiliate%20ID%20and%20password.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Email%20Marketing%20Software%20%7C%20Email%20Marketing%20Newsletters%20from%20AWeber%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.aweber.com%2Flogin.htm%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.aweber-static.com%2Fwww%2Fassets%2Fimg%2Flogo-og-image.95a2e0b1.jpg%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fassets.aweber-static.com%2Fwww%2Fassets%2Fimg%2Flogo-og-image.95a2e0b1.jpg%22%2C%22og%3Asite_name%22%3A%22AWeber%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Asite%22%3A%22%40aweber%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.1.1623292019505.2100494774&it=1623292019241&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: xn--21-6kcip7dial.xn--p1ai
URL: https://xn--21-6kcip7dial.xn--p1ai/somt/Excel/Scan_Document_2020.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xn--21-6kcip7dial.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 02:27:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 10 Jun 2021 02:27:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| webpackJsonp function| jQuery function| $ function| ga object| dataLayer object| _vwo_code number| settings_timer number| _vwo_settings_timer object| _kmq string| _kmk function| _kms undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject object| _vis_opt_queue number| _vis_counter object| uetq function| fbq function| _fbq object| dotq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| pdst function| getParam function| getExpiryRecord function| addGclid object| gaplugins object| gaGlobal object| gaData object| YAHOO function| lintrk boolean| _already_called_lintrk function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push string| KM_KEY number| KM_INCLUDE_HOSTNAME number| KM_SKIP_PAGE_VIEW number| KM_HANDLE_PRERENDER object| KM function| KMQ undefined| KMCTT_SOURCE string| KMCTT_ORIGIN function| _kmil string| KM_COOKIE_DOMAIN

13 Cookies

Domain/Path Name / Value
.xn--21-6kcip7dial.xn--p1ai/ Name: km_lv
Value: 1623292020
.xn--21-6kcip7dial.xn--p1ai/ Name: km_vs
Value: 1
.xn--21-6kcip7dial.xn--p1ai/ Name: _fbp
Value: fb.1.1623292019505.2100494774
.xn--21-6kcip7dial.xn--p1ai/ Name: kvcd
Value: 1623292019636
.xn--21-6kcip7dial.xn--p1ai/ Name: _uetvid
Value: 55408c20c99311ebbb1e6366e301b202
.xn--21-6kcip7dial.xn--p1ai/ Name: _vwo_uuid_v2
Value: DDC7780283FA312E4BE3EB110C0344047|ee40c6051e62a5b68eeb94f1063305c3
xn--21-6kcip7dial.xn--p1ai/ Name: __pdst
Value: e0cca25f5def41688d6b71bb600a68f2
.xn--21-6kcip7dial.xn--p1ai/ Name: _gcl_au
Value: 1.1.585008093.1623292019
.xn--21-6kcip7dial.xn--p1ai/ Name: km_ai
Value: DE31Bry0Degc6ckURjxeffygjjg%3D
.xn--21-6kcip7dial.xn--p1ai/ Name: _gat
Value: 1
.xn--21-6kcip7dial.xn--p1ai/ Name: _uetsid
Value: 55409130c99311ebb16e89013504b0d7
.xn--21-6kcip7dial.xn--p1ai/ Name: _gid
Value: GA1.2.2094663939.1623292019
.xn--21-6kcip7dial.xn--p1ai/ Name: _ga
Value: GA1.2.1383340385.1623292019

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.aweber-static.com
bat.bing.com
cdn.pdst.fm
connect.facebook.net
dev.visualwebsiteoptimizer.com
googleads.g.doubleclick.net
i.ibb.co
i.kissmetrics.com
image.ibb.co
px.ads.linkedin.com
px4.ads.linkedin.com
s.yimg.com
scripts.kissmetrics.com
snap.licdn.com
stats.g.doubleclick.net
trk.kissmetrics.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
xn--21-6kcip7dial.xn--p1ai
108.174.10.14
142.250.186.162
145.239.131.60
151.101.14.133
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:80e::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:400c:c0a::9b
2a02:26f0:6c00:2b0::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:6f00:1::5c35:6033
34.96.102.137
35.244.142.80
50.16.185.137
52.222.195.64
54.84.30.144
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
43c6c415e0250d62b72f26e96e93d7627dd05295cea6dca4f0429e43a91b3aa4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e
4bbb02166c3396d0f40fa8ebe151e046e70e00d2d842fe40d4f215a81f0772b3
4d4e4bf73adea4c9618bd375cbdd5bb1806a9a97bc7834aec68d21bb9c1e7442
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
7676feb5b949c57e013dc58e2b42d1f7a0282219417d0365a1e4b8081e611b04
7e032e9b4b719a7a3c4e2df0871c54bc72f25db2f1a141e0410239edf3eeae5a
7ed6ea6b994f975e4ede747d96d2eb3f63ad55b3d5803615fdb115b487b461d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ac03bb60640d37911839e3408fafc1fa5fa9f9c9dbd3de528066ec1b6597aa
a5ded5e88be4993d8a52f5afdddb0758fa1dd59de7278b5ce532e51599124571
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bec55be18119709e4dc452197b295940b5cb59f52af0984477db1b02b65cc5d4
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d55f5f4c4a257601e0c11d8a03f00105a308e7e654cef0ed99b4c7cc6cf94488
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7521420752694a10973a88dd762226a8c4a5fc31344076643dbe51ae09f21ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbea04225049b898cf6c0caec4ad60274cda64bdbebc12d5b8517106429d9cdd