urlscan.io logo urlscan.io
SecurityTrails logo

pautocandede.gq Open in urlscan Pro
2606:4700:3037::6815:34fa  Public Scan

Go To Rescan Add Verdict Report
URL: https://pautocandede.gq/detmir
Submission: On August 10 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3037::6815:34fa, located in United States and belongs to CLOUDFLARENET, US. The main domain is pautocandede.gq.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time pautocandede.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 151.101.112.193 54113 (FASTLY)
1 1 78.47.21.152 24940 (HETZNER-AS)
1 1 176.9.162.205 24940 (HETZNER-AS)
1 78.47.21.155 24940 (HETZNER-AS)
21 4
10    2606:4700:3037::6815:34fa (United States)

ASN13335 (CLOUDFLARENET, US)
pautocandede.gq
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
8    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    78.47.21.152 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs09.joxi.ru
joxi.ru
1    176.9.162.205 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs13.joxi.ru
joxi.net
1    78.47.21.155 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs02.joxi.ru
dl3.joxi.net
Apex Domain
Subdomains		 Transfer
10 pautocandede.gq
pautocandede.gq
131 KB
8 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5708
84 KB
2 joxi.net
joxi.net — Cisco Umbrella Rank: 434062
dl3.joxi.net
4 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 878
6 KB
1 joxi.ru
joxi.ru
468 B
21 5
Domain Requested by
10 pautocandede.gq pautocandede.gq
8 i.imgur.com pautocandede.gq
2 unpkg.com pautocandede.gq
1 dl3.joxi.net pautocandede.gq
1 joxi.net 1 redirects
1 joxi.ru 1 redirects
21 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-08		 a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pautocandede.gq/detmir
Frame ID: 55BE1BD4CC455BF4A8AB145E75B1B21F
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Детский мир | Готовимся к учебному году за 1₽

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

226 kB
Transfer

378 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://joxi.ru/52aGG6WTl7JDbr.svg HTTP 301
  • https://joxi.net/52aGG6WTl7JDbr.svg HTTP 302
  • https://dl3.joxi.net/drive/2022/08/08/0054/1210/3572922/22/42f774fa4c.svg

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request detmir
pautocandede.gq/ 		34 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d9827b1b1e28dc120ffd553c847f0aabe5b68806d3dd20f1601fbc61aa68ae3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7387b9f8cccfba83-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 09:32:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SzSHRcLNWWQ4PBGb0SePzDcu%2FkIdKW5fqzuvuu8M%2BgBfzkdUgdVblU%2F%2FlgGW0eqCMpzeXVfzefBCAhwGg7xTCFuwF5h3YMqZbkX0q73PMWW7KHioiqi0MsApKDzgDfyPWBsbWJ%2F32E8aVmNUH8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
9454718
fly-request-id
01F3XXS94VJP6KGT96TWFGGN5S
content-encoding
br
vary
Accept-Encoding
last-modified
Thu, 17 May 2018 22:11:13 GMT
server
cloudflare
etag
W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7387b9fb38d6cc62-ZRH
EyAeQ4v.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/EyAeQ4v.png
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
848017a41ae8c154e285a00dda89d237367e6856081c7232598b381d9e730e50
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
x-content-type-options
nosniff
age
1599
x-cache
HIT, HIT
content-length
6035
x-served-by
cache-iad-kcgs7200155-IAD, cache-hhn4076-HHN
last-modified
Wed, 10 Aug 2022 09:06:11 GMT
server
cat factory 1.0
x-timer
S1660123970.801572,VS0,VE0
etag
"131bc9ba1943d7ea6608f1611fda4c0f"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 31
UcTDBy1.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/UcTDBy1.png
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f8c8f504ab7099800fd83c4053eb67db2060a8c0a28936550c67652f0cb54855
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
x-content-type-options
nosniff
age
1599
x-cache
HIT, HIT
content-length
6034
x-served-by
cache-iad-kiad7000096-IAD, cache-hhn4076-HHN
last-modified
Wed, 10 Aug 2022 09:06:11 GMT
server
cat factory 1.0
x-timer
S1660123970.801555,VS0,VE0
etag
"55b12d96b66a498587321aa6ab530316"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 30
PDkE5ow.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/PDkE5ow.png
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8299ab3871f68c2c1a76407efe792f3b3c8437ae47903d898b31df2e5e79838b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
x-content-type-options
nosniff
age
1599
x-cache
HIT, HIT
content-length
6082
x-served-by
cache-iad-kiad7000069-IAD, cache-hhn4076-HHN
last-modified
Wed, 10 Aug 2022 09:06:11 GMT
server
cat factory 1.0
x-timer
S1660123970.801528,VS0,VE0
etag
"47564087e6a178ec483f3e0706369f55"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 30
uSY5G7Q.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/uSY5G7Q.png
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b709eea5b7d2a207159a3a0afbda3faa1c7e5899861f182b19aab7215f03e8ff
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
x-content-type-options
nosniff
age
1599
x-cache
HIT, HIT
content-length
6191
x-served-by
cache-iad-kcgs7200136-IAD, cache-hhn4076-HHN
last-modified
Wed, 10 Aug 2022 09:06:11 GMT
server
cat factory 1.0
x-timer
S1660123970.801487,VS0,VE0
etag
"0f83a536795b18e63359c3ca741beee2"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 30
AOviAje.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/AOviAje.png
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
66af269d0709d949489a236ffa7c44902d86ca8cd39155bf8107056376b7c81c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
x-content-type-options
nosniff
age
1599
x-cache
HIT, HIT
content-length
6087
x-served-by
cache-iad-kiad7000103-IAD, cache-hhn4076-HHN
last-modified
Wed, 10 Aug 2022 09:06:11 GMT
server
cat factory 1.0
x-timer
S1660123970.801447,VS0,VE0
etag
"f2723521f376ec7d705dffe7a422b983"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 30
3vMIpMc.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/3vMIpMc.png
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
49ad8bd9c3774cebf91c1f9486f066f02e1869eb817f810e3b730d1b21a6c010
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
x-content-type-options
nosniff
age
1599
x-cache
HIT, HIT
content-length
6052
x-served-by
cache-iad-kcgs7200131-IAD, cache-hhn4076-HHN
last-modified
Wed, 10 Aug 2022 09:06:11 GMT
server
cat factory 1.0
x-timer
S1660123970.801470,VS0,VE0
etag
"cd1e1b375e11e693f579a910054eb24f"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 30
jquery-1.11.0.min.js
pautocandede.gq/lander/detmir/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pautocandede.gq/lander/detmir/js/jquery-1.11.0.min.js
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/detmir
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 07 Aug 2022 10:44:53 GMT
server
cloudflare
etag
W/"62ef97a5-1787f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2phrdbMSIATWbMMpG91%2FzasKkUi4ISYTLpqRsHtXlrc2mpe%2Bmag0VZE3l7UaSQ2z23ixJWt4%2FzwInmlQ3PWr74I7rs1iToYoQN1YglR1plgEHr3V34SwuzdDyP9uZ%2BiGrTiLjn1sB3z%2F4aLajtw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
7387b9fb1fa5ba83-MXP
expires
Sat, 20 Aug 2022 09:32:49 GMT
slick.min.js
pautocandede.gq/lander/detmir/js/slick/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pautocandede.gq/lander/detmir/js/slick/slick.min.js
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/detmir
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 07 Aug 2022 10:44:53 GMT
server
cloudflare
etag
W/"62ef97a5-9e0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJk7gcOijbJnwsoNaAiHwLdoVq0d0I428ActqXCxxWMCQqWvLig%2F4KLk74crFsgYIQHujy4KGJjO5ZbAmuqMPFzcHyyt7i51Rz6o443OwoJ74ygGggOGZWhQpveAaDRnkypCtg9AN8tJLbk8XMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
7387b9fb1fa8ba83-MXP
expires
Sat, 20 Aug 2022 09:32:49 GMT
scripts.js
pautocandede.gq/lander/detmir/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pautocandede.gq/lander/detmir/js/scripts.js
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b85d9355368349035fe6f31efbdaf251c4949b00c52086c1757b636a498bcb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/detmir
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Aug 2022 05:41:37 GMT
server
cloudflare
etag
W/"62f0a211-2a57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3SlGy%2FyCwx6yjpl2Hp5THfQ%2Bng2Z%2BHDsRfofyE10smU8pFAv9ZfJF46EAXe%2FawrUA2UNLBeoigbDPPmfltGDdB0xn4MJY7FlrtoC7FL038lY1iOiI7lxagEUlbkeFXUlaY6yPb3hXXM93p7CIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
7387b9fb1fabba83-MXP
expires
Sat, 20 Aug 2022 09:32:49 GMT
aos.js
unpkg.com/aos@2.3.1/dist/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
9091918
fly-request-id
01F48QS4FTRA1QG27FG082BXHT
content-encoding
br
vary
Accept-Encoding
last-modified
Thu, 17 May 2018 22:11:13 GMT
server
cloudflare
etag
W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7387b9fb38dacc62-ZRH
slick.css
pautocandede.gq/lander/detmir/js/slick/ 		2 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pautocandede.gq/lander/detmir/js/slick/slick.css
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/detmir
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 07 Aug 2022 10:44:53 GMT
server
cloudflare
etag
W/"62ef97a5-6e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJZYYWdyqEESO5mdyyr0QcaIa0HCRxTnL0%2BQDwRS2B3NKh6jVfk3nBimqrMxaFNEDiSol%2BqjZOWlDvQynoWXjNPR7gXqOA0AfOIcZ09zoh49QwX4oHdIBGjd2Y61iptR50A253GWB0XUvoH9qYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
7387b9fb1facba83-MXP
expires
Sat, 20 Aug 2022 09:32:49 GMT
LrBBcJc.png
i.imgur.com/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/LrBBcJc.png
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e8ab8b50361f28be9267c9e59aee9d71730b7a3aa272ee204da6d34db83e8b74
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
x-content-type-options
nosniff
age
1027
x-cache
HIT, HIT
content-length
47365
x-served-by
cache-iad-kcgs7200030-IAD, cache-hhn4076-HHN
last-modified
Wed, 10 Aug 2022 09:15:43 GMT
server
cat factory 1.0
x-timer
S1660123970.966616,VS0,VE0
etag
"cbe16eaec8975acebf5fae3afcc8d273"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 30
f0vkfFr.png
i.imgur.com/ 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/f0vkfFr.png
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f34b2c053ccfc87888c9d987bbb2726e75fb2367622e5e0c15e7336a853a2242
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:49 GMT
x-content-type-options
nosniff
age
1054
x-cache
HIT, HIT
content-length
952
x-served-by
cache-iad-kiad7000096-IAD, cache-hhn4076-HHN
last-modified
Wed, 10 Aug 2022 09:15:16 GMT
server
cat factory 1.0
x-timer
S1660123970.966604,VS0,VE0
etag
"b52b98be0b03cdcce80bf2a05b45c8d5"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 32
42f774fa4c.svg
dl3.joxi.net/drive/2022/08/08/0054/1210/3572922/22/
Redirect Chain
  • https://joxi.ru/52aGG6WTl7JDbr.svg
  • https://joxi.net/52aGG6WTl7JDbr.svg
  • https://dl3.joxi.net/drive/2022/08/08/0054/1210/3572922/22/42f774fa4c.svg
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl3.joxi.net/drive/2022/08/08/0054/1210/3572922/22/42f774fa4c.svg
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
HTTP/1.1
Server
78.47.21.155 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs02.joxi.ru
Software
nginx /
Resource Hash
44e7f377b3cc4695e5dd0f8cfc80be400db56a146667e2ac6c1ad2a0ac280a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 09:32:50 GMT
Last-Modified
Mon, 08 Aug 2022 05:26:37 GMT
Server
nginx
ETag
"62f09e8d-dcc"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3532

Redirect headers

Date
Wed, 10 Aug 2022 09:32:50 GMT
Server
nginx
X-Powered-By
PHP/5.4.45
Vary
Accept-Language
Content-Type
text/html; charset=UTF-8
Location
http://dl3.joxi.net/drive/2022/08/08/0054/1210/3572922/22/42f774fa4c.svg
Cache-Control
no-cache
Transfer-Encoding
chunked
Node
vs13
Connection
keep-alive
Intro-Book.woff2
pautocandede.gq/lander/detmir/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pautocandede.gq/lander/detmir/fonts/Intro-Book.woff2
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b44643963d2a0a0c2c0782bcb41cb3e047b278ac341e581351e1aeb949ee4b3

Request headers

Referer
https://pautocandede.gq/detmir
Origin
https://pautocandede.gq
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24408
last-modified
Sun, 07 Aug 2022 10:44:53 GMT
server
cloudflare
etag
"62ef97a5-5f58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUG%2F3KVAsMt7x5hoLB7Z1gH2R8OxL1SluU46lfJc80gmJjqStBCAx1jUjFeKt2UpwMYaLMej5AgqtLrc3L6BpNfnbsU4zdzeVPp6MqSXnOj1o8PeA9qdV0BHrDofeDX9jnIhCq17sYgWsceJaEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7387b9fc5c7a375b-MXP
expires
Sat, 20 Aug 2022 09:32:50 GMT
star-ico.svg
pautocandede.gq/lander/detmir/img/ 		784 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pautocandede.gq/lander/detmir/img/star-ico.svg
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5de659854b40ac02603267597cae4ce93b975f8e2e0bc7f611025231cd0d3543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/detmir
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 07 Aug 2022 10:44:53 GMT
server
cloudflare
etag
W/"62ef97a5-310"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YF2P%2FYd6Rq5ZoYtcEeirLC%2FRheFkEpEoPtSO7Ic02z8kPLB3q27Dm%2F8l6KXhkq2uGu9Nhrr5vuDzk2N0gBSblU%2FTQqWdDnaITBHtZF12d2zvaMEw2sdVqeiAnR5Tt02pr9fsi6Cge6vSVmitVGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
7387b9fc5c7c375b-MXP
expires
Sat, 20 Aug 2022 09:32:50 GMT
Intro-Bold.woff2
pautocandede.gq/lander/detmir/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pautocandede.gq/lander/detmir/fonts/Intro-Bold.woff2
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6312fa136be11317465496284c9055a7e1d548f6b64565511c865df52e52ca

Request headers

Referer
https://pautocandede.gq/detmir
Origin
https://pautocandede.gq
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24572
last-modified
Sun, 07 Aug 2022 10:44:53 GMT
server
cloudflare
etag
"62ef97a5-5ffc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTu3zWLHtOl08PinM5AGLMrfVc3QUxxyqE1pQQJcdMrWpvA1ZUjBfpjDMEUGZzcCh8w2Mh2pS9iBS7%2BHG9ABJ8bYUNQYaEzMKYvhaYQX2bh2VeAhd4R4iH%2BfPIfPOGAz75x3Ps7RllETal6V370%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7387b9fc5c7e375b-MXP
expires
Sat, 20 Aug 2022 09:32:49 GMT
Intro-Black.woff2
pautocandede.gq/lander/detmir/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pautocandede.gq/lander/detmir/fonts/Intro-Black.woff2
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96333de5d4bbd60b6ef4941812f012f5b53768fee8eb639cf608284f5178961a

Request headers

Referer
https://pautocandede.gq/detmir
Origin
https://pautocandede.gq
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24100
last-modified
Sun, 07 Aug 2022 10:44:53 GMT
server
cloudflare
etag
"62ef97a5-5e24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJFwG4mHW0xm9fojE19wkqe%2BzHPOWcuvmJTLMqV7%2Ft%2BMwYXquKqy8Ofpxc5wej1EimQilz7HCFS27txqMmII47DSxUrWCA2Aqs3Al36AQ0nvrd4wl20qzTJjLO212bTBHD9k9Hyz6n1lZlusySU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7387b9fc5c81375b-MXP
expires
Sat, 20 Aug 2022 09:32:49 GMT
slider-arrow.svg
pautocandede.gq/lander/detmir/img/ 		657 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pautocandede.gq/lander/detmir/img/slider-arrow.svg
Requested by
Host: pautocandede.gq
URL: https://pautocandede.gq/detmir
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86e7e8ef3244845c9f852e0c8a31a792dbd93cd12b4fa8691052fe523f9747b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pautocandede.gq/detmir
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:32:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 07 Aug 2022 10:44:53 GMT
server
cloudflare
etag
W/"62ef97a5-291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYPu2zoSR5E2PyRftRokqYJi2r7arl0sc1uqk6vb4MtXmxc5ZWFD04DpCtRX9qtYYm88zGykdN0GcSnWBCo7arItqcRFBDjLvn5qW3w0hPgjrr8nF44Ruz6%2Fmz%2BMO1Uzktw9Dpf13ie%2Brud6W%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
7387b9fc5c84375b-MXP
expires
Sat, 20 Aug 2022 09:32:49 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| startTextChanges function| shuffle function| gameFunction function| getRandomFloat function| openWindow function| closeWindows function| setCookie function| getCookie function| eraseCookie function| progressGo number| step object| city function| numberWithSpaces number| n object| D object| jQuery1110020631602415196837 object| AOS

2 Cookies

Domain/Path Name / Value
pautocandede.gq/ Name: _giftid
Value: 3
pautocandede.gq/ Name: TIMER
Value: 1242.4520493333334

1 Console Messages

Source Level URL
Text
security warning URL: https://pautocandede.gq/detmir(Line 1543)
Message:
Mixed Content: The page at 'https://pautocandede.gq/detmir' was loaded over HTTPS, but requested an insecure element 'http://joxi.ru/52aGG6WTl7JDbr.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl3.joxi.net
i.imgur.com
joxi.net
joxi.ru
pautocandede.gq
unpkg.com
151.101.112.193
176.9.162.205
2606:4700:3037::6815:34fa
2606:4700::6810:7aaf
78.47.21.152
78.47.21.155
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1b85d9355368349035fe6f31efbdaf251c4949b00c52086c1757b636a498bcb8
1d9827b1b1e28dc120ffd553c847f0aabe5b68806d3dd20f1601fbc61aa68ae3
44e7f377b3cc4695e5dd0f8cfc80be400db56a146667e2ac6c1ad2a0ac280a19
49ad8bd9c3774cebf91c1f9486f066f02e1869eb817f810e3b730d1b21a6c010
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350
5de659854b40ac02603267597cae4ce93b975f8e2e0bc7f611025231cd0d3543
66af269d0709d949489a236ffa7c44902d86ca8cd39155bf8107056376b7c81c
6a6312fa136be11317465496284c9055a7e1d548f6b64565511c865df52e52ca
8299ab3871f68c2c1a76407efe792f3b3c8437ae47903d898b31df2e5e79838b
848017a41ae8c154e285a00dda89d237367e6856081c7232598b381d9e730e50
893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9
96333de5d4bbd60b6ef4941812f012f5b53768fee8eb639cf608284f5178961a
9b44643963d2a0a0c2c0782bcb41cb3e047b278ac341e581351e1aeb949ee4b3
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee
b709eea5b7d2a207159a3a0afbda3faa1c7e5899861f182b19aab7215f03e8ff
d86e7e8ef3244845c9f852e0c8a31a792dbd93cd12b4fa8691052fe523f9747b
e8ab8b50361f28be9267c9e59aee9d71730b7a3aa272ee204da6d34db83e8b74
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f34b2c053ccfc87888c9d987bbb2726e75fb2367622e5e0c15e7336a853a2242
f8c8f504ab7099800fd83c4053eb67db2060a8c0a28936550c67652f0cb54855