urlscan.io logo urlscan.io
SecurityTrails logo

fxsteps.info Open in urlscan Pro
2606:4700:3034::6815:422e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fxsteps.info/
Effective URL: https://fxsteps.info/
Submission Tags: tranco_l324
Submission: On March 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3034::6815:422e, located in United States and belongs to CLOUDFLARENET, US. The main domain is fxsteps.info.
TLS certificate: Issued by GTS CA 1P5 on February 5th 2024. Valid for: 3 months.
This is the only time fxsteps.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
6 144.76.94.174 24940 (HETZNER-AS)
20 5
9    2606:4700:3034::6815:422e (United States)

ASN13335 (CLOUDFLARENET, US)
fxsteps.info
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
images.dmca.com
6    144.76.94.174 (Bad Bellingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.94.76.144.clients.your-server.de
protate.live
Apex Domain
Subdomains		 Transfer
9 fxsteps.info
fxsteps.info
331 KB
6 protate.live
protate.live
28 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14392
4 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1828
7 KB
20 5
Domain Requested by
9 fxsteps.info 1 redirects fxsteps.info
6 protate.live fxsteps.info
protate.live
3 fonts.googleapis.com fxsteps.info
protate.live
2 images.dmca.com fxsteps.info
1 maxcdn.bootstrapcdn.com fxsteps.info
20 5

This site contains links to these domains. Also see Links.

Domain
protate.live
www.dmca.com
Subject Issuer Validity Valid
fxsteps.info
GTS CA 1P5		 2024-02-05 -
2024-05-05		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
images.dmca.com
R3		 2024-03-07 -
2024-06-05		 3 months crt.sh
protate.live
R3		 2024-02-28 -
2024-05-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fxsteps.info/
Frame ID: B460D5296DFCC28BBB4EA8D6905211EF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FXsteps ▷ Учимся торговать на рынке Форекс шаг за шагом

Page URL History Show full URLs

  1. http://fxsteps.info/ HTTP 301
    https://fxsteps.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

372 kB
Transfer

600 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fxsteps.info/ HTTP 301
    https://fxsteps.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fxsteps.info/
Redirect Chain
  • http://fxsteps.info/
  • https://fxsteps.info/
40 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fxsteps.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:422e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ad5cc6701153b2fc74313fa651003aa626b92ef5acf200e0c9aefe7c03267c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6371
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=14400, no-transform, must-revalidate
cf-cache-status
HIT
cf-ray
868cf4527e56368b-FRA
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 23 Mar 2024 08:12:04 GMT
expires
Mon, 22 Apr 2024 06:25:53 GMT
last-modified
Sat, 05 Feb 2022 01:50:16 +0300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=self
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GrB7OJnICJxVxcLvNLlK8ZRF4ZlvbS%2B3XZk8heb1hlJTaGOhKkMcB3AppTkmggDrdMbC5oz7%2FCF9uF0Gbh02nA1JZFhPz78E9PaTcAQ%2FU2V0WiTF2lrvM7dFNoJauXH8X%2B1NI%2FcSMRp93t8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
MISS
CF-RAY
868cf451bb2e373b-FRA
Cache-Control
max-age=14400
Connection
keep-alive
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html
Date
Sat, 23 Mar 2024 08:12:04 GMT
Location
https://fxsteps.info/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Permissions-Policy
geolocation=self
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v91e9EmFdI%2Fy%2FOLryTtCilMCqHuTsNmIJ9iU%2BbC6phpitB0UMPL8h%2BdXP%2BqamFyyHQokSuh28Q8fwjZIY6%2Bkb3koG8P1NBFZ%2BqgDWIN4qDf2pZtSOs4oWtkvvgUr9c4K7yFSjAuGTy5%2BRAk%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
master-only
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400
autoptimize_76f316c82202cc049bd7e23f02d118b1.css
fxsteps.info/wp-content/cache/autoptimize/css/ 		168 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fxsteps.info/wp-content/cache/autoptimize/css/autoptimize_76f316c82202cc049bd7e23f02d118b1.css
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:422e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d3629c166da037b660aebca4f824f447265ea5be3ef2ae8b7b17b793cb2a21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49617
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 21 Jul 2023 20:16:58 GMT
server
cloudflare
etag
W/"64bae7ba-29ff7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02rJcQvKSj%2BKAX3VZsKo%2FeHX3tAuujzyPhAXw4Ac0H6OT2CviMLw%2Bfs2pBvGRqdjUWd7sfbFMc2gLZYE3dMj%2B%2BJlBn7eilI4yR%2B0vjKXh%2B7hy6G8xtJ7ptQ66i2VFbsgoktikmS38aDdGDg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
868cf452ce8d368b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=2.50
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fxsteps.info/
Origin
https://fxsteps.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
837198
cdn-cachedat
10/31/2023 18:51:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9e0aa94258460cfcc35b9a7d714a1f08
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
868cf4531a2d9253-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a90883f719234b1d81de8d04fd7b4a80511f5e0c1c0a7eb2efae9be20f400b64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fxsteps.info/
Origin
https://fxsteps.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Mar 2024 08:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 08:12:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Mar 2024 08:12:04 GMT
forex_featured014.jpg
fxsteps.info/wp-content/uploads/2021/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fxsteps.info/wp-content/uploads/2021/12/forex_featured014.jpg
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:422e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb8d7891cfa743a8d87999527f401db031cc8de358c4ce3e6758503d16c7cf92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:04 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Dec 2021 20:34:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61c4dd53-bc0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkng7ndLx2BkKaTY0R%2BCLQZxzFo%2BahDJYzLy0zsIxzdcYrE2277wBJ81MBt2d%2BHYl3VydqBa%2F4ry6vEDJDlmr%2B9uAsozHDbQHCncRmW5P72nMn2aMcLAnFVkKBIgnlfwV45l%2BmP3oXzKcCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
868cf452ce8f368b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
dmca_protected_sml_120al.png
images.dmca.com/Badges/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/dmca_protected_sml_120al.png?ID=1565c85e-f11e-45dc-824b-6fc1c9a4af24
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 / ASP.NET
Resource Hash
413fab5c9fe05067d7254a9226405abcfeab66435e01901149bb61c0e471480b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:05 GMT
cdn-edgestorageid
1081
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:53:16
cdn-pullzone
1574055
content-length
2421
last-modified
Tue, 04 May 2010 23:19:12 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"9b99bd34e0ebca1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
a6f72c99fe45e09d4eca05c0b9572527
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:04 GMT
content-encoding
br
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
12/05/2023 19:29:27
cdn-pullzone
1574055
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"26b181f16d28d51:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
753d81058faf389bc6ddf7494e830d01
cdn-requestcountrycode
DE
link
<https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
autoptimize_7d5cfcfb386e29d6561ac99a4d5d5536.js
fxsteps.info/wp-content/cache/autoptimize/js/ 		937 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fxsteps.info/wp-content/cache/autoptimize/js/autoptimize_7d5cfcfb386e29d6561ac99a4d5d5536.js
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:422e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e133b69e68d90b8952aa39068d197647f646682f5af1ca201ef97dec28228e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27053
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 21 Jul 2023 20:16:58 GMT
server
cloudflare
etag
W/"64bae7ba-3a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CmxZj1Ya8fhiaZ2BCbsw9TATytc67RZMWQCOJMbCopvesyyz8t%2Fg8XKdhV%2BSP9EjHv%2Fp0jpjdnFTqS3C75YPxWfJudE3WHoaHKmK1nXby9Ytp%2BiqVGpagcMsIAo8jvfXcbAWYVIyP63hxH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
868cf4535d29029a-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
urpa.php
protate.live/www/dlr/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protate.live/www/dlr/urpa.php?fl=asyncjs&lang=ru
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.94.174 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.94.76.144.clients.your-server.de
Software
nginx / PHP/7.3.11
Resource Hash
767cbd66ad28089a0429f91eea2827244db03d2cccb2c0fe587e68145b68a8b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:05 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.11
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/javascript;charset=UTF-8
cache-control
private, max-age=3600
expire
Sat, 23 Mar 2024 09:12:05 GMT
b5052f9f-f817-4268-9bf1-4b53ea03f716-1140x600.jpg
fxsteps.info/wp-content/uploads/2021/06/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fxsteps.info/wp-content/uploads/2021/06/b5052f9f-f817-4268-9bf1-4b53ea03f716-1140x600.jpg
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:422e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b48977f92a262ed23bd76a1f65da8e8ddf0b42eed4cdbcbac50218a46413b432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:05 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 11:32:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60be03d0-13c0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeW%2B4gyNH2Yxc1il6i4M%2FKv4frKay60%2FGNuTStkz7TczMlYKuv99GoJ0wXp6maAN1b9PjexFUhIWUxPwncX3HTKY4RPeluw5AkcL6akugNZ88TjIQIFND7LuhH3mWX%2BdYCNVmNUVomQjr60%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
868cf4536d31029a-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
9af8dc39-1354-4b41-a86f-283fd6830ec6-1140x600.jpg
fxsteps.info/wp-content/uploads/2021/08/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fxsteps.info/wp-content/uploads/2021/08/9af8dc39-1354-4b41-a86f-283fd6830ec6-1140x600.jpg
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:422e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189e344201914fce02f078b314b30f1feef92aa202d3168480977ebbd1824f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:05 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 04 Aug 2021 11:37:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"610a7c08-12483"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2ByjrKncj8FjeAL6ZTI2pzzDe4%2FqDm41gxgRRKRy1dOwHmNvhwc2Rj4l4gNFlh75Yh6tYPaxlZaWTNowP2th9xf8Px3lrGmfceSAE1Fet%2BAkroOK6rdMH5X5JMkXk8OwK5urk7ZnHW92zqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
868cf4536d37029a-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
e6f7d208-f838-404f-b552-517f75aaaaab-1140x600.jpg
fxsteps.info/wp-content/uploads/2021/05/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fxsteps.info/wp-content/uploads/2021/05/e6f7d208-f838-404f-b552-517f75aaaaab-1140x600.jpg
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:422e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5c2b3232f414c955977924c09eb1524618794bbe6e3e5f7436897b163d9d88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:05 GMT
cf-cache-status
MISS
last-modified
Fri, 14 May 2021 11:29:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"609e5f1b-40e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJSo1PodP8jnlEP7GFBegSjbUsrg9XxSsSzMpiLrz%2BD8zUWyLmUIhkgdpksQaH0zZ4mnKgXQNbyB00sj1pjzBn%2FOI0H7QkjWICB1utdSR81Uekc2q1yiGrdoFnG%2FjVf2BU4ycgmCAfZGdxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
868cf4536d3b029a-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
ca0fb962-e3f1-4b33-bac1-ccb3650436fd-1140x600.jpg
fxsteps.info/wp-content/uploads/2021/08/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fxsteps.info/wp-content/uploads/2021/08/ca0fb962-e3f1-4b33-bac1-ccb3650436fd-1140x600.jpg
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:422e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62582458e282021a0eef0980256ac27c5c4f0fb0c18d09e44a26aac7b18994ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:05 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 11 Aug 2021 11:29:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6113b4ad-14f2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjmgupbsowDPN5hGHr6%2BPiPprTMzwHlqwT79qFttnEUbE33FjwbYRyDP9qkfOCE4daBRf%2FSFPIt%2FK4r2SjcJBVMmxkkO7TSrXm9ARkksmL7RfZWiBDQROE4CXFtTPRapiOrrNNd2SpXKzF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
868cf4536d41029a-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
urpa.php
protate.live/www/dlr/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protate.live/www/dlr/urpa.php?fl=ajs&lang=ru&cuszi=333&cb=75753026110&charset=UTF-8&loc=https%3A//fxsteps.info/
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.94.174 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.94.76.144.clients.your-server.de
Software
nginx / PHP/7.3.11
Resource Hash
47e74d780162a9d68cd41fb7b558b736016f5de9944581705bcab440de0c2cf9

Request headers

Referer
https://fxsteps.info/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 08:12:05 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.11
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-cache, no-store, must-revalidate
expires
0
css2
fonts.googleapis.com/ 		5 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: protate.live
URL: https://protate.live/www/dlr/urpa.php?fl=ajs&lang=ru&cuszi=333&cb=75753026110&charset=UTF-8&loc=https%3A//fxsteps.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Mar 2024 08:12:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 06:33:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Mar 2024 08:12:05 GMT
css2
fonts.googleapis.com/ 		2 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat&display=swap
Requested by
Host: fxsteps.info
URL: https://fxsteps.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e37b616b4dfba2c95070068b1f9811becb1f042c5eb0199ed38dcfd1f0960cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Mar 2024 08:12:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Mar 2024 06:45:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Mar 2024 08:12:05 GMT
urpa.php
protate.live/www/dlr/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protate.live/www/dlr/urpa.php?fl=lg&amp;bannerid=1155&campaignid=184&zoneid=333&loc=https%253A%2F%2Ffxsteps.info%2F&cb=dc1688c806
Requested by
Host: protate.live
URL: https://protate.live/www/dlr/urpa.php?fl=ajs&lang=ru&cuszi=333&cb=75753026110&charset=UTF-8&loc=https%3A//fxsteps.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.94.174 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.94.76.144.clients.your-server.de
Software
nginx / PHP/7.3.11
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 08:12:05 GMT
server
nginx
x-powered-by
PHP/7.3.11
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-cache, no-store, must-revalidate
content-length
43
expires
0
urpa.php
protate.live/www/dlr/ 		932 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protate.live/www/dlr/urpa.php?fl=asyncspc&zones=152&prefix=revive-0-&source=https%253A%252F%252Ffxsteps.info%252F&ct0=%7Bclickurl_enc%7D&loc=https%3A%2F%2Ffxsteps.info%2F&lang=ru
Requested by
Host: protate.live
URL: https://protate.live/www/dlr/urpa.php?fl=asyncjs&lang=ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.94.174 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.94.76.144.clients.your-server.de
Software
nginx / PHP/7.3.11
Resource Hash
67f54fe70357af66ac8fcdfca60731039f215cfc3a5aefb8e2d85dd75fb31c06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 08:12:05 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.11
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://fxsteps.info
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
45b073006afc3df0ba65622e4107becc.jpg
protate.live/www/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protate.live/www/images/45b073006afc3df0ba65622e4107becc.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.94.174 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.94.76.144.clients.your-server.de
Software
nginx /
Resource Hash
cfdab697c3ddf2ab24461bf4c120ad79ed1c8e23a2734113b79b74e4bb8a3b97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 08:12:05 GMT
last-modified
Fri, 23 Jul 2021 18:28:54 GMT
server
nginx
etag
"60fb0a66-49f5"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
18933
expires
Thu, 31 Dec 2037 23:55:55 GMT
urpa.php
protate.live/www/dlr/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protate.live/www/dlr/urpa.php?fl=lg&amp;bannerid=797&campaignid=148&zoneid=152&source=https%3A%2F%2Ffxsteps.info%2F&loc=https%253A%252F%252Ffxsteps.info%252F&cb=bf3a755bfa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.94.174 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.94.76.144.clients.your-server.de
Software
nginx / PHP/7.3.11
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fxsteps.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 08:12:05 GMT
server
nginx
x-powered-by
PHP/7.3.11
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-cache, no-store, must-revalidate
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getCurrentTranslation function| runTranslate function| afterRegistration string| m3_u number| m3_r object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync string| OX_9d7b82a8 function| lazyEmbed

2 Cookies

Domain/Path Name / Value
protate.live/ Name: OAGEO
Value: 2%7CDE%7CEU%7C1%7C%7C%7C51.2993%7C9.491%7C200%7CEurope%2FBerlin%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
protate.live/ Name: OAID
Value: 07bed05ee7f700928238013c429c4e94

15 Console Messages

Source Level URL
Text
javascript warning URL: https://fxsteps.info/(Line 623)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://protate.live/www/dlr/urpa.php?fl=ajs&lang=ru&cuszi=333&cb=75753026110&charset=UTF-8&loc=https%3A//fxsteps.info/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/(Line 624)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/(Line 624)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/(Line 624)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fxsteps.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fxsteps.info
images.dmca.com
maxcdn.bootstrapcdn.com
protate.live
144.76.94.174
2400:52e0:1e00::1081:1
2606:4700:3034::6815:422e
2606:4700::6812:bcf
2a00:1450:4001:803::200a
189e344201914fce02f078b314b30f1feef92aa202d3168480977ebbd1824f59
1e37b616b4dfba2c95070068b1f9811becb1f042c5eb0199ed38dcfd1f0960cb
413fab5c9fe05067d7254a9226405abcfeab66435e01901149bb61c0e471480b
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
47e74d780162a9d68cd41fb7b558b736016f5de9944581705bcab440de0c2cf9
4d5c2b3232f414c955977924c09eb1524618794bbe6e3e5f7436897b163d9d88
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
62582458e282021a0eef0980256ac27c5c4f0fb0c18d09e44a26aac7b18994ab
67f54fe70357af66ac8fcdfca60731039f215cfc3a5aefb8e2d85dd75fb31c06
767cbd66ad28089a0429f91eea2827244db03d2cccb2c0fe587e68145b68a8b2
76d3629c166da037b660aebca4f824f447265ea5be3ef2ae8b7b17b793cb2a21
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a90883f719234b1d81de8d04fd7b4a80511f5e0c1c0a7eb2efae9be20f400b64
b48977f92a262ed23bd76a1f65da8e8ddf0b42eed4cdbcbac50218a46413b432
cfdab697c3ddf2ab24461bf4c120ad79ed1c8e23a2734113b79b74e4bb8a3b97
e133b69e68d90b8952aa39068d197647f646682f5af1ca201ef97dec28228e19
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e9ad5cc6701153b2fc74313fa651003aa626b92ef5acf200e0c9aefe7c03267c
eb8d7891cfa743a8d87999527f401db031cc8de358c4ce3e6758503d16c7cf92