tduo.qcefpkznvvyj.site Open in urlscan Pro
18.65.39.66  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response tduo.qcefpkznvvyj.site/	7 KB 3 KB	757ms 64ms	Document text/html	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 0ed18f312d2a7b992fc6c812500c4609e22eb497e8625c796e8ce99fc470a523 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 11179 content-encoding gzip content-type text/html date Mon, 10 Jun 2024 08:21:05 GMT etag W/"98c7e2c6d8b8bbe9af055e14afa9e575" last-modified Fri, 31 May 2024 14:18:32 GMT server AmazonS3 vary Accept-Encoding via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) x-amz-cf-id ecSe_Cs9C2qB7FEk-X7sRuhEAMyWEoUl8piIw_sSTTuNCA3Syezdqg== x-amz-cf-pop AMS1-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	jquery.min.js Show response tduo.qcefpkznvvyj.site/js/	91 KB 32 KB	55ms 52ms	Script application/javascript	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tduo.qcefpkznvvyj.site/js/jquery.min.js Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 292241c671ce958f30e4b2f2e1448c65723bdcf606eb68f2270ea7a89ab1a5a3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:06 GMT content-encoding br via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:51 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11178 etag W/"4b5f62f5d9729ca25f2e213984fdbc15" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id GPsJD4p0FRiVQivHAtV3SEU3lmtOCp66k_0ob179A9UbuISzG_n7IQ==
GET H2	200	rem.js Show response tduo.qcefpkznvvyj.site/js/	437 B 799 B	113ms 111ms	Script application/javascript	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tduo.qcefpkznvvyj.site/js/rem.js Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 871d1ef52c768ff1011543df317ac2f070e54697346f34a7e3f5904d464c56ef Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:06 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:50 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11178 etag "7d9fd8e981d77818f4d5a1066b9890bf" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 437 x-amz-cf-id NyPpIzEQIM_qpKpT-Q6YT9SE7szHK_ao6X44eorI3kApY1lMS84zaw==
GET H2	200	swiper.min.js Show response tduo.qcefpkznvvyj.site/js/	126 KB 32 KB	98ms 96ms	Script application/javascript	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tduo.qcefpkznvvyj.site/js/swiper.min.js Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash c51fcb73c911f8b85efa8ac61e1eb7a7d049fadf20a9b1ffc5e66a0f2b16a2e2 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:06 GMT content-encoding br via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:48 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11178 etag W/"bc50849111663577c0eab162d4271bca" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id CO9oBxDyurn_SaEN208NmKITzeXhpkVcVxmxN91q63XdnDUVHMrIVg==
GET H2	200	one.js Show response tduo.qcefpkznvvyj.site/js/	44 KB 14 KB	109ms 107ms	Script application/javascript	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tduo.qcefpkznvvyj.site/js/one.js Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash f4d2be344ef4504b1ac7c3e6e91df423e1d9b359afd29e78519fb6208a630770 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:07 GMT content-encoding br via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Mon, 20 Nov 2023 06:06:57 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11177 etag W/"a85bb5c7233f07e1e9eb979e858a314e" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id YF4AaOIAX2GGpQi1wJsEe5KWJ84og-xNQ67jujmQd5rjo5DvVe51_A==
GET H2	200	index.css tduo.qcefpkznvvyj.site/css/	3 KB 1 KB	54ms 52ms	Stylesheet text/css	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tduo.qcefpkznvvyj.site/css/index.css Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash ad0588be5475d55e15e4de0e77dc5181b60c7880d6ced0db13cdc9c631d2a270 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:07 GMT content-encoding br via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:29 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11177 etag W/"4439e14c9e1994dd3600b6b23a1e23d7" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id NT-y-XyeSJHx5SIsyj8im2_6yj5DbrGEp_F5ddKbQl2Uz9l58qtZ2w==
GET H2	200	swiper.min.css tduo.qcefpkznvvyj.site/css/	19 KB 3 KB	65ms 63ms	Stylesheet text/css	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tduo.qcefpkznvvyj.site/css/swiper.min.css Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 9a2b860be289fc8b54b37b74083c191b4981a79c73ed3acd141d3e60bccf94de Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:07 GMT content-encoding br via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:30 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11177 etag W/"6c1ec3a038a24ce46e374fc4ba26ea95" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id r73HefQYiJ9XJKEPJl-ZwXAsZCND8XtbT3fQor05pjtGT6rx3XU6fQ==
GET H2	200	title-left.png tduo.qcefpkznvvyj.site/img/	9 KB 9 KB	94ms 92ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/title-left.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 170bcbb030ed3df9a0ed3d9fb6c53ce57c43a8344d97a2a592c181cdd9298ff1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:07 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:31 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11176 etag "4bdfb694ab40efded8aa6693fee27fac" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 9349 x-amz-cf-id 1F4fdMTkBMDL9SkFZEHR321s7_TLWlsSyDJhps74pp0W1s8ATLZS-Q==
GET H2	200	download-btn.png tduo.qcefpkznvvyj.site/img/	5 KB 5 KB	94ms 93ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/download-btn.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 0e54d838cf872e1c13fcc49fa07cd18764384c5634ee8567964a4680b6ebced0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:07 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:33 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11176 etag "20bb3e1d0b28d079de8f57dcf49366de" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 4688 x-amz-cf-id oi2tNumurW-nRanWHM5I-mG_-xbkjEdnGnSOQSF6Z_afjcKxRXzXoQ==
GET H2	200	phone.png tduo.qcefpkznvvyj.site/img/	12 KB 12 KB	52ms 51ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/phone.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 2f7e9c300014778de47dff6ea127322ab733482e1baa1b89cd0720aad44432b2 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:08 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:44 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11177 etag "a0e083e29b2ac300853d70cd9b7c47a2" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 11874 x-amz-cf-id xpFPHaoErqKHdT465pV3QBJ-ZXYPPUsuUbnFgiG0l840PzDwxEsGNA==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	125ms 40ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 10 Jun 2024 11:27:24 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57975 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug eAJjA30mKPl6Vj3U9G7CovuVmIJfMQlQtWA077kkqnAyMpQbTg4y10eARyqQ9sAw5WtVb9XBwJiac36y3z44HA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tr www.facebook.com/	0 274 B	128ms 40ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr?id=undefined&ev=PageView&noscript=1 Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Mon, 10 Jun 2024 11:27:24 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	bg.png tduo.qcefpkznvvyj.site/img/	224 KB 225 KB	152ms 151ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/bg.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/css/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 195c86b3cea81305143ddac46b863046aa8ff30c2e46f449a2a4f14563fa0b27 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/css/index.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:09 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:47 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11176 x-amz-server-side-encryption AES256 etag "23a5dc99459cec8121a0676c689cc45b" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 229870 x-amz-cf-id KN2GfGy1Rg9LUFc2SQmX_JK9RuVTqgz69ht_eDWvnn__-BjCyqjFhQ==
GET H2	200	banner.png tduo.qcefpkznvvyj.site/img/	200 KB 200 KB	61ms 60ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/banner.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/css/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 1a1f8b4cd421463a02e23eea0bd52a7ad22d9ea81f7fa72e565f74fa3de07a6b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/css/index.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:09 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:35 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11176 x-amz-server-side-encryption AES256 etag "92b4ad1a1c60d119ff681aca92ff42f8" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 204635 x-amz-cf-id 47z4Zbgc6w5Kpu37X-qFA0Aw58mp0hCGtqRVxzeELqKpdojxoBAVwQ==
GET H2	200	download-btn2.png tduo.qcefpkznvvyj.site/img/	41 KB 41 KB	52ms 51ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/download-btn2.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/css/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 6054621a8223f2bdce9a8695e02745197c83070bd2e3c1ce43e9bbbfd1239212 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/css/index.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:09 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:37 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11175 x-amz-server-side-encryption AES256 etag "87b41a0bc26761e12c7d3bac9e8a34c8" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 42053 x-amz-cf-id 3cPNk9gSJL_yU4C50PdoeT5JniFSXFLIAjxNkDQYxjAyBjVSVBpLZg==
GET H2	200	swiper1.png tduo.qcefpkznvvyj.site/img/	150 KB 150 KB	68ms 67ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/swiper1.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/css/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash ba0724584540c94b30249f5f448a08aafa28a22852b3b23c76c0e221f7804172 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/css/index.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:10 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:42 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11175 x-amz-server-side-encryption AES256 etag "323bc74b3ebfb17a908c4c0240235233" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 153486 x-amz-cf-id wYPmzFLLv46XRgyfDwXvvW_GJeVvyzJAMyI9m1ynuDEWVYZe1W6s9g==
GET H2	200	safe.png tduo.qcefpkznvvyj.site/img/	53 KB 53 KB	60ms 60ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/safe.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/css/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 4da32a1a673953727c4e3d0ca1b048acc4eb9f7da86b37cc6874671a145801db Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/css/index.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:09 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:39 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11176 x-amz-server-side-encryption AES256 etag "59401420aca2e1aa2554f48d8a53ebd1" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 54124 x-amz-cf-id OBoGqbGiGPonat8zs72UZnEEKVs8bdD9hnAaRZT556V8LyFjn7v6zQ==
GET H2	200	download-btn3.png tduo.qcefpkznvvyj.site/img/	14 KB 15 KB	84ms 83ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/download-btn3.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/css/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash f8082fbebdfc86e842c54db85e13a067df182f732a593b949740c0a091e1d3ca Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/css/index.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:10 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:36 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11175 x-amz-server-side-encryption AES256 etag "8689a9f4c166ae647e8e6034486a4f25" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 14825 x-amz-cf-id wGKxpq9JxPYQbUf_CLIdGbEwRU-RvLif-VW8i3mOrHX44WPkM2f2dw==
GET H2	200	swiper2.png tduo.qcefpkznvvyj.site/img/	194 KB 195 KB	126ms 126ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/swiper2.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash ffee6758030f589aa6a76e633d328386dc0c6e57d02a7b91779072eb2ccdcb35 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:10 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:46 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11175 x-amz-server-side-encryption AES256 etag "440f7e9f436cfb1a743516f683e508e1" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 198847 x-amz-cf-id XOUjFBNu2aziw6cUmTLS_FAoTAZ_HDRS8c0IDhWe7LGjDPw2qozxRQ==
GET H2	200	swiper3.png tduo.qcefpkznvvyj.site/img/	156 KB 157 KB	129ms 129ms	Image image/png	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tduo.qcefpkznvvyj.site/img/swiper3.png Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 7be19a87a84c1c11dce7c82132c71f31f7a3e0da3e7afac603177878fdfb8c46 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 08:21:10 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 01:35:43 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 11174 x-amz-server-side-encryption AES256 etag "50803c3be1941e7b88a2a0fe156279e3" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 159965 x-amz-cf-id HSc3T3H6srtra4dGBBdRRI_2OnIPYbMi-3bjru0e2mSo06oJgIG20g==
GET H/1.1	200 OK	GetApk_Channel_Info Show response api.vzvueivatlvs.com/api/Apk/	47 B 324 B	816ms 314ms	XHR application/json	15.228.14.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.vzvueivatlvs.com/api/Apk/GetApk_Channel_Info?channel=undefined&fbClid=undefined Requested by Host: tduo.qcefpkznvvyj.site URL: https://tduo.qcefpkznvvyj.site/js/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.228.14.157 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-228-14-157.sa-east-1.compute.amazonaws.com Software nginx/1.21.7.2 WhiteHorse / PHP/7.3.4 Resource Hash 2cc6d2bdd8310fcf102fb4c0183c55bb1ced396e487f4b856012e85dcb2be8a6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept */* Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 10 Jun 2024 11:27:26 GMT Server nginx/1.21.7.2 WhiteHorse X-Powered-By PHP/7.3.4 Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, private Connection keep-alive
GET H2	403	favicon.ico tduo.qcefpkznvvyj.site/	255 B 495 B	882ms 882ms	Other application/xml	18.65.39.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tduo.qcefpkznvvyj.site/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-66.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 9c8aeddbe5b078cffe620973df07f11509270229347fcbdd3f7f8f2918bb6c34 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tduo.qcefpkznvvyj.site/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 11:27:24 GMT via 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop AMS1-P1 x-amz-cf-id oIM7PMcKuHpLReRQRgvACMz2Hq9Ojm75uWb6_ztSNYNPuC5VqH6N7g== x-cache Error from cloudfront content-type application/xml

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Swiper function| _iterableToArrayLimit function| ownKeys function| _objectSpread2 function| _typeof function| _defineProperty function| _slicedToArray function| _arrayWithHoles function| _unsupportedIterableToArray function| _arrayLikeToArray function| _nonIterableRest function| _toPrimitive function| _toPropertyKey string| AF_URL_SCHEME number| VALID_AF_URL_PARTS_LENGTH string| GOOGLE_CLICK_ID string| ASSOCIATED_AD_KEYWORD string| AF_KEYWORDS object| AF_CUSTOM_EXCLUDE_PARAMS_KEYS object| GCLID_EXCLUDE_PARAMS_KEYS object| LOCAL_STORAGE_VALUES function| isSkippedURL function| getGoogleClickIdParameters function| stringifyParameters function| getParameterValue function| isIOS function| isUACHSupported function| getQueryParamsAndSaveToLocalStorage function| isValidUrl function| getCurrentUrl function| getReferrerUrl function| isSameOrigin function| saveWebReferrer function| removeExpiredLocalStorageItems function| aggregateValuesFromParameters function| getCurrentURLParams function| isOneLinkURLValid function| validatedMs function| isSkipListsValid function| extractCustomParams function| validateAndMappedParams function| isPlatformValid function| getUserAgentData function| createImpressionsLink function| getHexColorAfterValidation function| QRCode string| version string| formatVersion object| AF_SMART_SCRIPT function| fbq function| _fbq object| mySwiper2

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tduo.qcefpkznvvyj.site/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.vzvueivatlvs.com
connect.facebook.net
tduo.qcefpkznvvyj.site
www.facebook.com
15.228.14.157
18.65.39.66
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
0e54d838cf872e1c13fcc49fa07cd18764384c5634ee8567964a4680b6ebced0
0ed18f312d2a7b992fc6c812500c4609e22eb497e8625c796e8ce99fc470a523
170bcbb030ed3df9a0ed3d9fb6c53ce57c43a8344d97a2a592c181cdd9298ff1
195c86b3cea81305143ddac46b863046aa8ff30c2e46f449a2a4f14563fa0b27
1a1f8b4cd421463a02e23eea0bd52a7ad22d9ea81f7fa72e565f74fa3de07a6b
292241c671ce958f30e4b2f2e1448c65723bdcf606eb68f2270ea7a89ab1a5a3
2cc6d2bdd8310fcf102fb4c0183c55bb1ced396e487f4b856012e85dcb2be8a6
2f7e9c300014778de47dff6ea127322ab733482e1baa1b89cd0720aad44432b2
4da32a1a673953727c4e3d0ca1b048acc4eb9f7da86b37cc6874671a145801db
6054621a8223f2bdce9a8695e02745197c83070bd2e3c1ce43e9bbbfd1239212
7be19a87a84c1c11dce7c82132c71f31f7a3e0da3e7afac603177878fdfb8c46
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
871d1ef52c768ff1011543df317ac2f070e54697346f34a7e3f5904d464c56ef
9a2b860be289fc8b54b37b74083c191b4981a79c73ed3acd141d3e60bccf94de
9c8aeddbe5b078cffe620973df07f11509270229347fcbdd3f7f8f2918bb6c34
ad0588be5475d55e15e4de0e77dc5181b60c7880d6ced0db13cdc9c631d2a270
ba0724584540c94b30249f5f448a08aafa28a22852b3b23c76c0e221f7804172
c51fcb73c911f8b85efa8ac61e1eb7a7d049fadf20a9b1ffc5e66a0f2b16a2e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4d2be344ef4504b1ac7c3e6e91df423e1d9b359afd29e78519fb6208a630770
f8082fbebdfc86e842c54db85e13a067df182f732a593b949740c0a091e1d3ca
ffee6758030f589aa6a76e633d328386dc0c6e57d02a7b91779072eb2ccdcb35