urlscan.io logo urlscan.io
SecurityTrails logo

www.duoconfesso.com Open in urlscan Pro
52.48.196.218  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://duoconfesso.com/
Effective URL: https://www.duoconfesso.com/
Submission: On February 08 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 33 HTTP transactions. The main IP is 52.48.196.218, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.duoconfesso.com.
TLS certificate: Issued by R3 on January 27th 2023. Valid for: 3 months.
This is the only time www.duoconfesso.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.77.52.3 16509 (AMAZON-02)
2 52.48.196.218 16509 (AMAZON-02)
10 151.101.194.2 54113 (FASTLY)
14 151.101.66.2 54113 (FASTLY)
1 2 169.48.138.204 36351 (SOFTLAYER)
5 151.101.0.143 54113 (FASTLY)
1 52.19.119.238 16509 (AMAZON-02)
33 7
1    54.77.52.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-52-3.eu-west-1.compute.amazonaws.com
duoconfesso.com
2    52.48.196.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-196-218.eu-west-1.compute.amazonaws.com
www.duoconfesso.com
10    151.101.194.2 (United States)

ASN54113 (FASTLY, US)
assets.jimstatic.com
assets1.jimstatic.com
fonts.jimstatic.com
14    151.101.66.2 (United States)

ASN54113 (FASTLY, US)
u.jimcdn.com
image.jimcdn.com
fonts.jimstatic.com
2    169.48.138.204 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: cc.8a.30a9.ip4.static.sl-reverse.com
swiftype.com
cc.swiftype.com
5    151.101.0.143 (United States)

ASN54113 (FASTLY, US)
s.swiftypecdn.com
1    52.19.119.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-119-238.eu-west-1.compute.amazonaws.com
a.jimdo.com
Apex Domain
Subdomains		 Transfer
12 jimcdn.com
u.jimcdn.com — Cisco Umbrella Rank: 78302
image.jimcdn.com — Cisco Umbrella Rank: 58227
4 MB
12 jimstatic.com
assets.jimstatic.com — Cisco Umbrella Rank: 70790
assets1.jimstatic.com — Cisco Umbrella Rank: 314837
fonts.jimstatic.com — Cisco Umbrella Rank: 73966
337 KB
5 swiftypecdn.com
s.swiftypecdn.com — Cisco Umbrella Rank: 9306
67 KB
3 duoconfesso.com
duoconfesso.com
www.duoconfesso.com
17 KB
2 swiftype.com
swiftype.com — Cisco Umbrella Rank: 9536
cc.swiftype.com — Cisco Umbrella Rank: 10037
539 B
1 jimdo.com
a.jimdo.com — Cisco Umbrella Rank: 83091
288 B
33 6
Domain Requested by
8 image.jimcdn.com www.duoconfesso.com
u.jimcdn.com
8 assets.jimstatic.com www.duoconfesso.com
assets.jimstatic.com
5 s.swiftypecdn.com www.duoconfesso.com
swiftype.com
s.swiftypecdn.com
4 u.jimcdn.com www.duoconfesso.com
3 fonts.jimstatic.com u.jimcdn.com
fonts.jimstatic.com
2 www.duoconfesso.com assets.jimstatic.com
1 cc.swiftype.com www.duoconfesso.com
1 a.jimdo.com assets.jimstatic.com
1 swiftype.com 1 redirects
1 assets1.jimstatic.com www.duoconfesso.com
1 duoconfesso.com 1 redirects
33 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
cms.e.jimdo.com
a.jimdo.com
swiftype.com
Subject Issuer Validity Valid
www.duoconfesso.com
R3		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.jimstatic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-28 -
2023-11-29		 a year crt.sh
*.jimcdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-28 -
2023-11-29		 a year crt.sh
prod.jimdo.systems
Amazon RSA 2048 M01		 2023-01-04 -
2024-02-02		 a year crt.sh
s.swiftypecdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.swiftype.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-07 -
2023-06-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.duoconfesso.com/
Frame ID: 85AAEF207E33C791AA732F19A7D68DF4
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herzlich Willkommen auf unserer Website! - Duo Confesso - Oboe and Guitar

Page URL History Show full URLs

  1. https://duoconfesso.com/ HTTP 301
    https://www.duoconfesso.com/ Page URL

Page Statistics

33
Requests

97 %
HTTPS

0 %
IPv6

6
Domains

11
Subdomains

7
IPs

2
Countries

4063 kB
Transfer

4864 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://duoconfesso.com/ HTTP 301
    https://www.duoconfesso.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://swiftype.com/embed.js HTTP 301
  • https://s.swiftypecdn.com/embed.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.duoconfesso.com/
Redirect Chain
  • https://duoconfesso.com/
  • https://www.duoconfesso.com/
35 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.duoconfesso.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.48.196.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-196-218.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3c52669a6d70980abed0a4258ba74b3c4245a9a40618092889cf6d3c7a950584
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 17:15:13 GMT
Server
nginx
Strict-Transport-Security
max-age=604800
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Jimdo-Instance
i-0a57134f9fca6a1eb
X-Jimdo-Wid
s46c9227138e7d05c

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 17:15:12 GMT
Location
https://www.duoconfesso.com/
Server
nginx
Transfer-Encoding
chunked
X-Jimdo-Instance
i-0bc31eef45d7b10bf
X-Jimdo-Wid
s46c9227138e7d05c
ckies.js.9fbbf4d2cdd6c26ee84e.js
assets.jimstatic.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/ckies.js.9fbbf4d2cdd6c26ee84e.js
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b81348afd2dc54526b800ae66c6f0ddaf2fe64308839512c1eae2d68b2583591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600023-LCY, cache-hhn-etou8220033-HHN
date
Wed, 08 Feb 2023 17:15:13 GMT
content-encoding
gzip
age
4936134
x-timer
S1675876514.802678,VS0,VE0
etag
"715c803a9da4318d85a64bc9ca311a2e"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
893
x-cache-hits
1, 110067
cookieControl.js.6a20677ade6879dca5b5.js
assets.jimstatic.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/cookieControl.js.6a20677ade6879dca5b5.js
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49bd984d7564c4ae9f4433ac1ed7e547d699f2c989ae479fc821145bef1705e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600038-LCY, cache-hhn-etou8220033-HHN
date
Wed, 08 Feb 2023 17:15:13 GMT
content-encoding
gzip
age
4936133
x-timer
S1675876514.802685,VS0,VE0
etag
"55ce256445513c57e03b220619326863"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8530
x-cache-hits
1, 110412
main.css
u.jimcdn.com/cms/o/s46c9227138e7d05c/layout/lcb66074b3a914f91/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://u.jimcdn.com/cms/o/s46c9227138e7d05c/layout/lcb66074b3a914f91/css/main.css?t=1675848324
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd9f96c872eba396f6ef5da832f27bd333abee205dcd792fc9ccfe937fbf5968
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:13 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
963
x-served-by
cache-hhn-etou8220021-HHN
server
nginx
x-timer
S1675876514.807718,VS0,VE60
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
x-cache-hits
0
layout.css
u.jimcdn.com/cms/o/s46c9227138e7d05c/layout/lcb66074b3a914f91/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://u.jimcdn.com/cms/o/s46c9227138e7d05c/layout/lcb66074b3a914f91/css/layout.css?t=1481798905
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
682acec0317007ffbd1e5c595a27e447ad2b7c02f324d41360fe18931fa2985e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:13 GMT
content-encoding
gzip
via
1.1 varnish
age
112683
x-cache
HIT
content-length
1129
x-served-by
cache-hhn-etou8220021-HHN
server
nginx
x-timer
S1675876514.808076,VS0,VE2
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
x-cache-hits
1
font.css
u.jimcdn.com/cms/o/s46c9227138e7d05c/layout/lcb66074b3a914f91/css/ 		1 KB
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://u.jimcdn.com/cms/o/s46c9227138e7d05c/layout/lcb66074b3a914f91/css/font.css?t=1675848324
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a1c8f3090093dcd4cc3d6f3448e309b0c0dccf2af42ae7cfc6eb229e7058b67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:13 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
415
x-served-by
cache-hhn-etou8220021-HHN
server
nginx
x-timer
S1675876514.808378,VS0,VE103
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
x-cache-hits
0
web_oldtemplate.css.484168258c63bd4f69a74e0370dc7ab9.css
assets.jimstatic.com/ 		210 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/web_oldtemplate.css.484168258c63bd4f69a74e0370dc7ab9.css
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
410923e6cf9b7fc4cbc2f86c227b3056b57e2c3ae5dadf6931501da5978fd868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600057-LCY, cache-hhn-etou8220033-HHN
date
Wed, 08 Feb 2023 17:15:13 GMT
content-encoding
gzip
age
5408992
x-timer
S1675876514.801941,VS0,VE0
etag
"405cad3e685876e6b90202dfaac32d48"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
52299
x-cache-hits
178, 8826
ownbgr.css.72b304e248c5b0dc046b611c132c3ad2.css
assets.jimstatic.com/ 		1 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/ownbgr.css.72b304e248c5b0dc046b611c132c3ad2.css
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b20b43a27cb5fd7d8e21664163bb9137a5adbde8b1209c719752480f034e0a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600028-LCY, cache-hhn-etou8220033-HHN
date
Wed, 08 Feb 2023 17:15:13 GMT
content-encoding
gzip
age
4980263
x-timer
S1675876514.802208,VS0,VE0
etag
"2fa597859180728e007b22bd7553777f"
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
512
x-cache-hits
0, 1263
web.js.12719f3724127512fa9f.js
assets.jimstatic.com/ 		696 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/web.js.12719f3724127512fa9f.js
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e599204fb2ffc048faa6c329f3f570616803b29e4f75af124c2371892f678f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600038-LCY, cache-hhn-etou8220033-HHN
date
Wed, 08 Feb 2023 17:15:13 GMT
content-encoding
gzip
age
2990106
x-timer
S1675876514.917087,VS0,VE0
etag
"08f33a4c66199696882e1ff758b363c5"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
233135
x-cache-hits
313, 291546
header.jpg
u.jimcdn.com/cms/o/s46c9227138e7d05c/emotion/crop/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.jimcdn.com/cms/o/s46c9227138e7d05c/emotion/crop/header.jpg?t=1405344443
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5086102ec3a269fd10765c97ed4ae1d79e87499312fbcc38ed56bc13455653e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220021-HHN
date
Wed, 08 Feb 2023 17:15:13 GMT
via
1.1 varnish
last-modified
Tue, 07 Feb 2023 09:57:11 GMT
server
nginx
age
112682
x-timer
S1675876514.953474,VS0,VE11
etag
"63e22077-8f32"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
content-length
36658
x-cache-hits
1
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=111x160:format=jpg/path/s46c9227138e7d05c/logo/version/1395064311/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=111x160:format=jpg/path/s46c9227138e7d05c/logo/version/1395064311/image.jpg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
f7e3483ea42e7ac13ceae2646529b2200c46c520ff2318db39a0abfd0bba2140

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-cache-hits
1, 0
date
Wed, 08 Feb 2023 17:15:14 GMT
via
1.1 varnish, 1.1 varnish
age
1916574
x-cache
HIT, MISS
fastly-restarts
1
content-length
4309
x-served-by
cache-lcy-eglc8600029-LCY, cache-hhn-etou8220021-HHN
server
Thumbor/6.1.3
x-timer
S1675876514.028029,VS0,VE25
etag
"f297dd9bf056959fdfa76ad59dc127a4aa8a98e5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Fri, 17 Feb 2023 12:52:20 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/none/path/s46c9227138e7d05c/image/ia9ca6d3ba7df1108/version/1530810941/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s46c9227138e7d05c/image/ia9ca6d3ba7df1108/version/1530810941/image.jpg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73345ac91faec4f9266f675ed59c22e6b76cbabd1f5d4b923b57804121a57cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 8 Feb 2023 20:00:30 GMT
x-amz-version-id
zaIr4dUP91j2nQTnH_Nm3eNclNHsPmMR
via
1.1 varnish, 1.1 varnish
date
Wed, 08 Feb 2023 17:15:14 GMT
x-amz-request-id
MHAM6SAPG6V9MGZR
age
0
x-cache
MISS, MISS
content-disposition
inline; filename*=UTF-8''1530810941.jpg
fastly-restarts
1
x-amz-id-2
55sD10mGI95/ZbdnOKFqDckVboyaSB4lYPT18otHmM8RCz7yzlK/8KgzawY9HrGokd0MUjKEcAw=
x-served-by
cache-lcy-eglc8600021-LCY, cache-hhn-etou8220021-HHN
content-length
254276
last-modified
Thu, 05 Jul 2018 16:58:50 GMT
server
AmazonS3
x-timer
S1675876514.095799,VS0,VE264
etag
"4431e68c7cc915a0ee7851a093c342e8"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0, 0
image.jpg
image.jimcdn.com/app/cms/image/transf/none/path/s46c9227138e7d05c/image/i87456463e4ce99e5/version/1530810945/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s46c9227138e7d05c/image/i87456463e4ce99e5/version/1530810945/image.jpg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e280e18b0777fcd90e03dc12d3b2413748c16e77a6031161bbd396a0d9d1ff3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 8 Feb 2023 20:00:30 GMT
x-amz-version-id
K9bewuRIvMi_BJQAAK1BuAqtnfhhVukJ
via
1.1 varnish, 1.1 varnish
date
Wed, 08 Feb 2023 17:15:14 GMT
x-amz-request-id
DT1224V9M4GMST7K
age
0
x-cache
HIT, MISS
content-disposition
inline; filename*=UTF-8''1530810945.jpg
fastly-restarts
1
x-amz-id-2
KEaA1P8VQdG5m78am3XXYfTYryZ3a5V7MDqzyyAKlwxmL5ABUiv/YR1I9bBVHhFNU15S0BYGfbs=
x-served-by
cache-lcy-eglc8600058-LCY, cache-hhn-etou8220021-HHN
content-length
93963
last-modified
Thu, 05 Jul 2018 17:11:28 GMT
server
AmazonS3
x-timer
S1675876514.140234,VS0,VE20
etag
"ccddd7f0061ee22ced46282af39d5622"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1, 0
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=2048x2048:format=jpg/path/s46c9227138e7d05c/image/i8541247f89ae35dc/version/1530810945/ 		651 KB
651 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=2048x2048:format=jpg/path/s46c9227138e7d05c/image/i8541247f89ae35dc/version/1530810945/image.jpg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
bf167cd3364b1e1797c9826804aadd422553716474d6ff1a1ba1ca17bf47544a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-cache-hits
1, 0
date
Wed, 08 Feb 2023 17:15:14 GMT
via
1.1 varnish, 1.1 varnish
age
594883
x-cache
HIT, MISS
fastly-restarts
1
content-length
666207
x-served-by
cache-lcy-eglc8600053-LCY, cache-hhn-etou8220021-HHN
server
Thumbor/6.1.3
x-timer
S1675876514.141484,VS0,VE26
etag
"5bf77ad79e494273de0c16d6d2f9dd670411ea55"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Sat, 04 Mar 2023 20:00:31 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=2048x2048:format=jpg/path/s46c9227138e7d05c/image/ie6e1c1214083fde6/version/1530810945/ 		500 KB
500 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=2048x2048:format=jpg/path/s46c9227138e7d05c/image/ie6e1c1214083fde6/version/1530810945/image.jpg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
3bee4bd5b49d3b0b038373e4e0bcc05c828f0576f145f77534477f007857bd14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Wed, 08 Feb 2023 17:15:16 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
fastly-restarts
1
content-length
511888
x-served-by
cache-lcy-eglc8600038-LCY, cache-hhn-etou8220021-HHN
server
Thumbor/6.1.3
x-timer
S1675876514.141706,VS0,VE2186
etag
"403f9d66413d75bea730b6e44e0816ea1fbb1b44"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Sat, 11 Mar 2023 17:15:16 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=2048x2048:format=jpg/path/s46c9227138e7d05c/image/i8bf2bee923b34d68/version/1530810943/ 		711 KB
711 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=2048x2048:format=jpg/path/s46c9227138e7d05c/image/i8bf2bee923b34d68/version/1530810943/image.jpg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
f8e68c90e7299ce38b5cdc97b240da834dc6bd1cde3cc57d2f0a43d432f9eeef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-cache-hits
1, 1
date
Wed, 08 Feb 2023 17:15:14 GMT
via
1.1 varnish, 1.1 varnish
age
2461085
x-cache
HIT, HIT
fastly-restarts
1
content-length
727840
x-served-by
cache-lcy-eglc8600021-LCY, cache-hhn-etou8220021-HHN
server
Thumbor/6.1.3
x-timer
S1675876514.141873,VS0,VE3
etag
"b470a1deade44e7697a8557c2d348187b126ea77"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
accept-ranges
bytes
expires
Sat, 11 Feb 2023 05:37:09 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/none/path/s46c9227138e7d05c/image/iafb256e780fb674e/version/1530810941/ 		439 KB
439 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s46c9227138e7d05c/image/iafb256e780fb674e/version/1530810941/image.jpg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bf17f77de3193f5a8ad0f253f641bba7fef2af2ea73162ddd257e48e72cccff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 8 Feb 2023 20:00:30 GMT
x-amz-version-id
MjPR4MbjR4osFp0kApz1F2G3v9.pki41
via
1.1 varnish, 1.1 varnish
date
Wed, 08 Feb 2023 17:15:14 GMT
x-amz-request-id
DT10NK7CFVNWC6PF
age
0
x-cache
HIT, MISS
content-disposition
inline; filename*=UTF-8''1530810941.jpg
fastly-restarts
1
x-amz-id-2
6MZELYEGLUoBCWZAPrBOcKY/DiIvXgfuSHg5okkylBZB39t3sXIBG3APK0OEUNWp4ciPbIzMwTM=
x-served-by
cache-lcy-eglc8600036-LCY, cache-hhn-etou8220021-HHN
content-length
449094
last-modified
Thu, 05 Jul 2018 17:12:57 GMT
server
AmazonS3
x-timer
S1675876514.142061,VS0,VE22
etag
"d095c3c84d2da753dce954494c0eea32"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1, 0
video-play.svg
assets1.jimstatic.com/s/img/web/module/video/ 		521 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.jimstatic.com/s/img/web/module/video/video-play.svg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0f9bf981727f3051d57faaa284cea812c875dde49460d5091d8dee473bc03a1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600025-LCY, cache-hhn-etou8220033-HHN
date
Wed, 08 Feb 2023 17:15:14 GMT
content-encoding
gzip
age
25730
x-timer
S1675876514.178098,VS0,VE0
etag
"4b17b3607eadc57de8473f66224e57ff"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
326
x-cache-hits
0, 609
css
fonts.jimstatic.com/ 		3 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?family=Oswald%3A400%7CLora%3A400
Requested by
Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s46c9227138e7d05c/layout/lcb66074b3a914f91/css/font.css?t=1675848324
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.23.0 /
Resource Hash
15383b8957fb06265bfc9d47f72a0c3bd782aa139f54f682c4caf24bae3fc265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.jimcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 17:15:14 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Feb 2023 17:15:14 GMT
via
1.1 varnish
x-cache
MISS
cross-origin-resource-policy
cross-origin
x-xss-protection
0
x-served-by
cache-hhn-etou8220033-HHN
last-modified
Wed, 08 Feb 2023 17:15:14 GMT
server
nginx/1.23.0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
image.jpg
image.jimcdn.com/app/cms/image/transf/none/path/s46c9227138e7d05c/background/ife7d161c227f901e/version/1383562282/ 		953 KB
954 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s46c9227138e7d05c/background/ife7d161c227f901e/version/1383562282/image.jpg
Requested by
Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s46c9227138e7d05c/layout/lcb66074b3a914f91/css/main.css?t=1675848324
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28ae945112040ac8abfa61bb2c17e68149e8cad9685212fffb8cf81a471eaea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.jimcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Feb 2023 09:57:11 GMT
x-amz-version-id
GcjsoQhLZ_jCxir3wXuBSyI8oEI.pJZh
via
1.1 varnish, 1.1 varnish
date
Wed, 08 Feb 2023 17:15:14 GMT
x-amz-request-id
CF68FCSSC2XDJ5JX
age
0
x-cache
HIT, MISS
content-disposition
inline; filename*=UTF-8''1383562282.jpg
fastly-restarts
1
x-amz-id-2
1YtE5DmCh6DQUHzd8Y2/gGzoFUvMQbmuGVn7EQQ4CUZO6C/f99WHEN8m2auzWJuyXvCNpZykTHo=
x-served-by
cache-lcy-eglc8600053-LCY, cache-hhn-etou8220021-HHN
content-length
976179
last-modified
Mon, 04 Nov 2013 10:51:23 GMT
server
AmazonS3
x-timer
S1675876514.158080,VS0,VE24
etag
"3485650451f92dea83aa705dd15e3e68"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1, 0
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.jimstatic.com/s/oswald/v49/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?family=Oswald%3A400%7CLora%3A400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
sffe /
Resource Hash
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.jimstatic.com/css?family=Oswald%3A400%7CLora%3A400
Origin
https://www.duoconfesso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Sat, 30 Dec 2023 17:47:35 GMT
date
Wed, 08 Feb 2023 17:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish
age
3454060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9863
x-xss-protection
0
x-served-by
cache-hhn-etou8220047-HHN
last-modified
Mon, 18 Jul 2022 19:24:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.jimstatic.com/s/lora/v26/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?family=Oswald%3A400%7CLora%3A400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
sffe /
Resource Hash
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.jimstatic.com/css?family=Oswald%3A400%7CLora%3A400
Origin
https://www.duoconfesso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 12 Dec 2023 19:52:55 GMT
date
Wed, 08 Feb 2023 17:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish
age
5001738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
19205
x-xss-protection
0
x-served-by
cache-hhn-etou8220047-HHN
last-modified
Mon, 15 Aug 2022 18:05:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
bfa0b4b8941d94d9d6d8bc6fe31ef9f9.woff
assets.jimstatic.com/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/bfa0b4b8941d94d9d6d8bc6fe31ef9f9.woff
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web_oldtemplate.css.484168258c63bd4f69a74e0370dc7ab9.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82421715ce7e4a050a4ea924e92fcfd9229326f0364c8ff85daca5afbbcaf6c9

Request headers

Referer
https://assets.jimstatic.com/web_oldtemplate.css.484168258c63bd4f69a74e0370dc7ab9.css
Origin
https://www.duoconfesso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600032-LCY, cache-hhn-etou8220047-HHN
date
Wed, 08 Feb 2023 17:15:14 GMT
age
5409478
x-timer
S1675876514.233474,VS0,VE0
etag
"bfa0b4b8941d94d9d6d8bc6fe31ef9f9"
x-cache
HIT, HIT
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7944
x-cache-hits
100, 186775
truncated
/ 		88 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51ace2e6346bb2e76a17ecd4796a857b8193e3eea38de38ea5c781650af1cab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92166ad8cda85bb18e0c3c41b1ff921e7a09cdac76ac2508215b93135422379b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		458 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b698bb0143c271088dfe0e8c296a94ec336ec00236a0ab5ac9560d9afe4c1e64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
931bdb6b50816b03206c66921760b246.gif
assets.jimstatic.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jimstatic.com/931bdb6b50816b03206c66921760b246.gif
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web_oldtemplate.css.484168258c63bd4f69a74e0370dc7ab9.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.jimstatic.com/web_oldtemplate.css.484168258c63bd4f69a74e0370dc7ab9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600031-LCY, cache-hhn-etou8220033-HHN
date
Wed, 08 Feb 2023 17:15:14 GMT
age
5408167
x-timer
S1675876514.239943,VS0,VE0
etag
"931bdb6b50816b03206c66921760b246"
x-cache
HIT, HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8581
x-cache-hits
47, 16103
embed.js
s.swiftypecdn.com/
Redirect Chain
  • https://swiftype.com/embed.js
  • https://s.swiftypecdn.com/embed.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.swiftypecdn.com/embed.js
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
HTTP/1.1
Server
151.101.0.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa0b1e6b1dc318dd906b854dd43e35784606b73b4344d731c46ce29ab6c6d8b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:15:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 varnish
X-Permitted-Cross-Domain-Policies
none
Age
153
X-Cache
HIT
Status
200 OK
Connection
keep-alive
Content-Length
1037
X-XSS-Protection
1; mode=block
X-Request-Id
c68b713e0365e7c4435fa2ec8ef24053
X-Served-By
cache-hhn-etou8220090-HHN
X-Runtime
0.021789
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Digest
11fe2f2eaca06bfbc7794502012a8eaf6de219e8
X-Timer
S1675876515.038036,VS0,VE3
ETag
W/"aa0b1e6b1dc318dd906b854dd43e3578"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, public
Accept-Ranges
bytes
X-Rack-Cache
fresh
X-Cache-Hits
1

Redirect headers

Location
https://s.swiftypecdn.com/embed.js
Date
Wed, 08 Feb 2023 17:15:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
175
Content-Type
text/html
getcookiesettingshtml
www.duoconfesso.com/app/module/cookiesettings/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.duoconfesso.com/app/module/cookiesettings/getcookiesettingshtml
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.js.12719f3724127512fa9f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.48.196.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-196-218.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b708f57c54bbfed9d77b11101513d02a6a67239240a9ad35b1f721e29bcbb31e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept
*/*
Referer
https://www.duoconfesso.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:15:14 GMT
Strict-Transport-Security
max-age=604800
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
X-Jimdo-Instance
i-0a32d9b1ade0fe26b
Cache-Control
no-cache, no-store, must-revalidate
X-Jimdo-Wid
s46c9227138e7d05c
Connection
keep-alive
loginstate
a.jimdo.com/app/web/ 		64 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jimdo.com/app/web/loginstate?callback=jQuery112001524232937033363_1675876514150&owi=s46c9227138e7d05c&_=1675876514151
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.js.12719f3724127512fa9f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.119.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-119-238.eu-west-1.compute.amazonaws.com
Software
nginx/1.23.0 /
Resource Hash
ffd6dd5fbe6cb5b3a09218997ea644e8c9f37e944b800b772cb3bf796e970bc8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:15:14 GMT
strict-transport-security
max-age=10886400
Server
nginx/1.23.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
f6772a0ceb0bd12c434d54a2bf8afb4c.svg
assets.jimstatic.com/ 		425 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jimstatic.com/f6772a0ceb0bd12c434d54a2bf8afb4c.svg
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
12438e788987a7b2073da70f66151b9dd05f0f53b3f72ee9c0fa90c79e4cc77d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600024-LCY, cache-hhn-etou8220033-HHN
date
Wed, 08 Feb 2023 17:15:14 GMT
content-encoding
gzip
age
5409926
x-timer
S1675876514.361613,VS0,VE0
etag
"f6772a0ceb0bd12c434d54a2bf8afb4c"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
268
x-cache-hits
735, 47026
swiftype_nocode-03c5d5afbe6adb16a6d1a207271ebd288b43a5fbc0978b9bc9d4ca89bed08486.js
s.swiftypecdn.com/assets/ 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.swiftypecdn.com/assets/swiftype_nocode-03c5d5afbe6adb16a6d1a207271ebd288b43a5fbc0978b9bc9d4ca89bed08486.js
Requested by
Host: swiftype.com
URL: https://swiftype.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03c5d5afbe6adb16a6d1a207271ebd288b43a5fbc0978b9bc9d4ca89bed08486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Wed, 08 Feb 2023 17:15:15 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
149462
X-Cache
HIT
Connection
keep-alive
Content-Length
48641
X-Served-By
cache-hhn-etou8220090-HHN
X-Timer
S1675876515.083903,VS0,VE2
ETag
"6234afef-be01"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Tue, 06 Feb 2024 23:44:13 GMT
swiftype_nocode-779aa7d8a53822416bcc719d336247921062b726e96c0d1b646e076b73c5fb72.css
s.swiftypecdn.com/assets/ 		31 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.swiftypecdn.com/assets/swiftype_nocode-779aa7d8a53822416bcc719d336247921062b726e96c0d1b646e076b73c5fb72.css
Requested by
Host: swiftype.com
URL: https://swiftype.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
779aa7d8a53822416bcc719d336247921062b726e96c0d1b646e076b73c5fb72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Wed, 08 Feb 2023 17:15:15 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
162998
X-Cache
HIT
Connection
keep-alive
Content-Length
15711
X-Served-By
cache-hhn-etou8220085-HHN
X-Timer
S1675876515.163164,VS0,VE2
ETag
"621d0c16-3d5f"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Tue, 06 Feb 2024 19:58:36 GMT
embed_mag-56db080d1a54459315b2b49213feee58b73b8e9aa199d465aaf7e18826848e36.png
s.swiftypecdn.com/assets/embed/ 		406 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.swiftypecdn.com/assets/embed/embed_mag-56db080d1a54459315b2b49213feee58b73b8e9aa199d465aaf7e18826848e36.png
Requested by
Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/assets/swiftype_nocode-779aa7d8a53822416bcc719d336247921062b726e96c0d1b646e076b73c5fb72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56db080d1a54459315b2b49213feee58b73b8e9aa199d465aaf7e18826848e36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.swiftypecdn.com/assets/swiftype_nocode-779aa7d8a53822416bcc719d336247921062b726e96c0d1b646e076b73c5fb72.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Wed, 08 Feb 2023 17:15:15 GMT
Via
1.1 varnish
Expires
Tue, 06 Feb 2024 19:58:43 GMT
Age
162992
X-Timer
S1675876515.256846,VS0,VE1
ETag
"5c927b7e-196"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
406
X-Served-By
cache-hhn-etou8220085-HHN
cc.js
s.swiftypecdn.com/ 		376 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.swiftypecdn.com/cc.js
Requested by
Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/assets/swiftype_nocode-03c5d5afbe6adb16a6d1a207271ebd288b43a5fbc0978b9bc9d4ca89bed08486.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6abefb6d09cc0305793204985ae74596668f40336404367e0c8be080729df9a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:15:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 varnish
X-Permitted-Cross-Domain-Policies
none
Age
75
X-Cache
HIT
Status
200 OK
Connection
keep-alive
Content-Length
237
X-XSS-Protection
1; mode=block
X-Request-Id
ae56b6fba20605c3fccc11cd2cb6a7ac
X-Served-By
cache-hhn-etou8220090-HHN
X-Runtime
0.015147
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Digest
a94b15c49e5474a41aa0c5ce25d6c9f9f895130a
X-Timer
S1675876515.235890,VS0,VE3
ETag
W/"6abefb6d09cc0305793204985ae74596"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, public
Accept-Ranges
bytes
X-Rack-Cache
fresh
X-Cache-Hits
1
cc
cc.swiftype.com/ 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.swiftype.com/cc?url=https%3A%2F%2Fwww.duoconfesso.com%2F&engine_key=C25j21j26LaWMJimVoSn
Requested by
Host: www.duoconfesso.com
URL: https://www.duoconfesso.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
169.48.138.204 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
cc.8a.30a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.duoconfesso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 08 Feb 2023 17:15:15 GMT
Cache-Control
no-cache
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Connection
keep-alive
Content-Length
43
Expires
Wed, 08 Feb 2023 17:15:14 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange function| ckies object| __core-js_shared__ object| CookieControlSet object| CookieControl function| loadCss function| loadCSS function| onloadCSS object| jimdoData object| __regModuleBuffer function| regModule function| loadJimdoWebJsonp object| picturefillCFG function| picturefill function| jimdoGen002 object| Mustache object| Modernizr object| _jimBlob function| _jmdlg object| jQuery112001524232937033363 object| ModalWindow function| changeCaptcha function| _ function| $f function| Froogaloop function| _onLoadGooglePlus object| jsonCallback string| PAYMILL_PUBLIC_KEY object| _jimDoge function| setSrcSetImgWidth function| gaOptOut object| Swiftype object| _gaq undefined| $ undefined| jQuery function| $stjq undefined| Cookies object| _InternalSwiftype object| Hashcode

0 Cookies

1 Console Messages

Source Level URL
Text
rendering info URL: https://www.duoconfesso.com/
Message:
Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.jimdo.com
assets.jimstatic.com
assets1.jimstatic.com
cc.swiftype.com
duoconfesso.com
fonts.jimstatic.com
image.jimcdn.com
s.swiftypecdn.com
swiftype.com
u.jimcdn.com
www.duoconfesso.com
151.101.0.143
151.101.194.2
151.101.66.2
169.48.138.204
52.19.119.238
52.48.196.218
54.77.52.3
03c5d5afbe6adb16a6d1a207271ebd288b43a5fbc0978b9bc9d4ca89bed08486
0f9bf981727f3051d57faaa284cea812c875dde49460d5091d8dee473bc03a1f
12438e788987a7b2073da70f66151b9dd05f0f53b3f72ee9c0fa90c79e4cc77d
15383b8957fb06265bfc9d47f72a0c3bd782aa139f54f682c4caf24bae3fc265
1a1c8f3090093dcd4cc3d6f3448e309b0c0dccf2af42ae7cfc6eb229e7058b67
28ae945112040ac8abfa61bb2c17e68149e8cad9685212fffb8cf81a471eaea7
2b20b43a27cb5fd7d8e21664163bb9137a5adbde8b1209c719752480f034e0a4
3bee4bd5b49d3b0b038373e4e0bcc05c828f0576f145f77534477f007857bd14
3c52669a6d70980abed0a4258ba74b3c4245a9a40618092889cf6d3c7a950584
3e599204fb2ffc048faa6c329f3f570616803b29e4f75af124c2371892f678f6
410923e6cf9b7fc4cbc2f86c227b3056b57e2c3ae5dadf6931501da5978fd868
49bd984d7564c4ae9f4433ac1ed7e547d699f2c989ae479fc821145bef1705e5
4bf17f77de3193f5a8ad0f253f641bba7fef2af2ea73162ddd257e48e72cccff
51ace2e6346bb2e76a17ecd4796a857b8193e3eea38de38ea5c781650af1cab4
56db080d1a54459315b2b49213feee58b73b8e9aa199d465aaf7e18826848e36
682acec0317007ffbd1e5c595a27e447ad2b7c02f324d41360fe18931fa2985e
6abefb6d09cc0305793204985ae74596668f40336404367e0c8be080729df9a2
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
73345ac91faec4f9266f675ed59c22e6b76cbabd1f5d4b923b57804121a57cf0
779aa7d8a53822416bcc719d336247921062b726e96c0d1b646e076b73c5fb72
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
82421715ce7e4a050a4ea924e92fcfd9229326f0364c8ff85daca5afbbcaf6c9
92166ad8cda85bb18e0c3c41b1ff921e7a09cdac76ac2508215b93135422379b
aa0b1e6b1dc318dd906b854dd43e35784606b73b4344d731c46ce29ab6c6d8b2
b698bb0143c271088dfe0e8c296a94ec336ec00236a0ab5ac9560d9afe4c1e64
b708f57c54bbfed9d77b11101513d02a6a67239240a9ad35b1f721e29bcbb31e
b81348afd2dc54526b800ae66c6f0ddaf2fe64308839512c1eae2d68b2583591
bf167cd3364b1e1797c9826804aadd422553716474d6ff1a1ba1ca17bf47544a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5086102ec3a269fd10765c97ed4ae1d79e87499312fbcc38ed56bc13455653e
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
e280e18b0777fcd90e03dc12d3b2413748c16e77a6031161bbd396a0d9d1ff3e
f7e3483ea42e7ac13ceae2646529b2200c46c520ff2318db39a0abfd0bba2140
f8e68c90e7299ce38b5cdc97b240da834dc6bd1cde3cc57d2f0a43d432f9eeef
fd9f96c872eba396f6ef5da832f27bd333abee205dcd792fc9ccfe937fbf5968
ffd6dd5fbe6cb5b3a09218997ea644e8c9f37e944b800b772cb3bf796e970bc8