urlscan.io logo urlscan.io
SecurityTrails logo

xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz Open in urlscan Pro Puny
бк-леонбет-зеркало3.xyz IDN
2606:4700:3033::ac43:dc40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz/
Effective URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Submission: On February 01 via automatic, source rescanner — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3033::ac43:dc40, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 23rd 2022. Valid for: a year.
This is the only time xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.240.102.32 211642 (ADMINVPS)
12 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 208722 (YNDX)
31 5
1    185.240.102.32 (Russian Federation)

ASN211642 (ADMINVPS, RU)
PTR: isp25.adminvps.ru
www.xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz
12    2606:4700:3033::ac43:dc40 (United States)

ASN13335 (CLOUDFLARENET, US)
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
Apex Domain
Subdomains		 Transfer
12 xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
668 KB
8 gstatic.com
fonts.gstatic.com
103 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 25627
2 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2853
68 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
1 xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz
www.xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz
254 B
0 Failed
function sub() { [native code] }. Failed
31 7
Domain Requested by
12 xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
8 fonts.gstatic.com fonts.googleapis.com
5 mc.yandex.com 2 redirects xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
2 mc.yandex.ru 1 redirects xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
1 fonts.googleapis.com xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
1 www.xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz 1 redirects
0 xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai Failed xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
31 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-23 -
2023-01-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Frame ID: 91427453F8F812D2DD81BC6BB7D3F949
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Бк Леонбетс зеркало работающее, официальный сайт leonbets, Леон ставки

Page URL History Show full URLs

  1. https://www.xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz/ HTTP 301
    https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

74 %
HTTPS

80 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

841 kB
Transfer

2259 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz/ HTTP 301
    https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9536.Jh-OT1xqmkLbIV3QaNPyWwCiIYUR_FqZRMWZ4SYotzeZXAHUwGADRjga4JaIqt94.vRjAD7RiIlzGVT3Ym0Y_glqxW9M%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9536.8emlNwP_qU5It8n9JE9k581Q1QdJcDHUnVWIUdw9KcXzVwtWd0krkEunqGPDtI-PzyeqaS0TiokWdaYk985-0Q%2C%2C.ZPJ9w0FnBL5Tl-I-mooK7rDMR8g%2C
Request Chain 34
  • https://mc.yandex.com/watch/87245604?wmode=7&page-url=https%3A%2F%2Fxn----3-7cdcb1abbt1ahgiwpj6a8a.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1468%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A786310125890%3Ahid%3A637231042%3Az%3A0%3Ai%3A20220201122114%3Aet%3A1643718074%3Ac%3A1%3Arn%3A629308734%3Arqn%3A1%3Au%3A1643718074282732450%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643718072431%3Ads%3A0%2C49%2C325%2C5%2C976%2C0%2C%2C116%2C0%2C%2C%2C%2C1850%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643718075%3At%3A%D0%91%D0%BA%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B1%D0%B5%D1%82%D1%81%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%8E%D1%89%D0%B5%D0%B5%2C%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20leonbets%2C%20%D0%9B%D0%B5%D0%BE%D0%BD%20%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B8&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/87245604/1?wmode=7&page-url=https%3A%2F%2Fxn----3-7cdcb1abbt1ahgiwpj6a8a.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1468%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A786310125890%3Ahid%3A637231042%3Az%3A0%3Ai%3A20220201122114%3Aet%3A1643718074%3Ac%3A1%3Arn%3A629308734%3Arqn%3A1%3Au%3A1643718074282732450%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643718072431%3Ads%3A0%2C49%2C325%2C5%2C976%2C0%2C%2C116%2C0%2C%2C%2C%2C1850%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643718075%3At%3A%D0%91%D0%BA%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B1%D0%B5%D1%82%D1%81%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%8E%D1%89%D0%B5%D0%B5%2C%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20leonbets%2C%20%D0%9B%D0%B5%D0%BE%D0%BD%20%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Redirect Chain
  • https://www.xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz/
  • https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
159 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.23
Resource Hash
d6f4ad80615f340de75f5d743429300ed7aa37e5ef6f72a477b9796a53184c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 01 Feb 2022 12:21:13 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.23
vary
Accept-Encoding
cache-control
max-age=0
expires
Tue, 01 Feb 2022 12:21:13 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=marHqR8%2BlEJ3yWz1lz8RDd2Q80rcleTT0nQ%2BinsSv3PNWGMAhydxkn0dTUI6QTk%2F71m8r5VMPegS1xYkWF5EVHBy9T%2BF0vV%2Fndix5Hmv1oKs0os0dbTmtOsdcvM23CygQFlYOjcCGBjNbd5TxFIv4RNOER3m%2BALAL6ykT6mowFsI"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d6b23672d1e68e9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx/1.20.1
date
Tue, 01 Feb 2022 12:21:13 GMT
content-type
text/html; charset=UTF-8
content-length
0
x-powered-by
PHP/7.4.23
x-redirect-by
WordPress
location
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
cache-control
max-age=0
expires
Tue, 01 Feb 2022 12:21:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000;
b96f09c8d4e2ac364edaa9646c8c880f.css
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/ 		637 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/b96f09c8d4e2ac364edaa9646c8c880f.css
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f0ccf71408ac726f8188f8cd369a301ea5d3c5cad7082ca7d5bdc97cfe8d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Jan 2022 22:01:25 GMT
server
cloudflare
etag
W/"61ec7eb5-9f342"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BQUuGV1HPiLLm%2BWROb3GvLHGz3BBO02u46umnpwpMcBru8VNTtsjgXU82HTnmA4H0Xh1KK1AZb%2FjzRycLnpQ7W7ZGEEIcK%2Fh8sEg9RMrhyvivCkNM6A7TItRTMzJ09NqOHihXYHpKw%2FTQ16aBr35sIIFpPowGDC2TdRXteGAaVl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6d6b23694a5f68e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		45 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46a81d9eecf758da54f09983d052b2f0404104cd8bb4affeed2209c5481156d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 12:21:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Feb 2022 12:21:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Feb 2022 12:21:13 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e1ac0917893632cacc3840c9ba2317661508a5197a7853bae304b556271477f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62a816655d1b8bf20887b55d0b3884828e772f07fc94b9551757b585d5634cdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c90776a25f687eaae2209b1ae8dbcf55ee83fd0a4f955775bd55f38b18c9de3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
483784ecdf80ccaffd50869e23e2efdbeed9343b1b4c7dae837667e4984a68a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bca71285d96c3d92bd595dbd9df29c35652f0b1afdc72ed77f9aee73283928b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
email-decode.min.js
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Jan 2022 18:50:50 GMT
server
cloudflare
etag
W/"61f1980a-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5%2BminVHeem0X8813Gi28SRd5OWKDbCxuilajtoINzL14OhDTWCVZnt2CfDdhgarhQuVLD9OIvyVpAeVsgAEBH%2Bjm3UMP2lRBrIPmPtvgTc4gx0VTF7K6fMzQ1AUocn8%2BKyjIBPavg7uq%2ByU%2B1g8RxmkSnzXn6TzurfV8opg3nMh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d6b23696a8868e9-FRA
vary
Accept-Encoding
expires
Thu, 03 Feb 2022 12:21:13 GMT
jquery.min.js
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Jan 2022 21:56:52 GMT
server
cloudflare
etag
W/"61ec7da4-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAETkRIksKmPprUEvbUO9301B7SluARaR3bMd5GeJT3yq4xRzSCc4J%2F4%2FaMNrAOxF3jUkRLYgg4n1SD50SjSRhpkfPH2gylvdmR4IqkplOWPJZ%2BmI3JpalTKRoZFQ1fkuCiZa3kG4Ijniel1KC5KQkgE95QcRBAbCnMOY0WhCO9p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6d6b23696a9068e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lazyload.min.js
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Jan 2022 21:56:50 GMT
server
cloudflare
etag
W/"61ec7da2-1ed2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQ13mhXdKW8OdgXkifewKyxPN7MeiJATQvxeZkd1m8K9DSls19k32TuYGLZ92nZzh0wtEq5fkdsL%2FDmobN1RBMVV620Z8b0ZKNjDfjYSesTFdMruNcZYQ2bDVRcA%2FGy%2FIz7woORXj8qs3qt9aXPhCJSGcI%2FCd%2FKsGN8jhms0pZhb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6d6b23696a9d68e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7344001969e15406e22e6b1fb56389d1.js
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/ 		677 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/7344001969e15406e22e6b1fb56389d1.js
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a6c86538ec2d88110e52a265b38816f0472427068ab8645a87a5b93675d7702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Jan 2022 22:16:18 GMT
server
cloudflare
etag
W/"61ec8232-a92a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Su7n2XxD%2BLERcHEmWP7A5QqOlvENqC1Gc6qOhnUcu7w4IbG2hbUXOtdU62WKPI0C7CqitIQqsCvfmHxtKyPVVg25yONYdworxy5kMTDkulbJ2Z%2BOmkz6xTDMv7nF4yFGMMYbFu4z9v6jEoGS8C3%2FS3MiFir2tKbOCBtsK1O6d4Vh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6d6b23696aa368e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
eicons.woff2
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.10.0
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
772a939fe72b662d152060e58932d5a64a8eeb3ec32c39335da803ad4e5d4ca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
cf-cache-status
MISS
last-modified
Sat, 22 Jan 2022 21:56:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj5Fi5jDLZzaui5w2dvrnWSekLeDDEvIdP4pdLUAWhwNWdwN%2F1Ws2RRPjI%2BPyIwmMFEBwlguch36RR0YEJvtZIpvw8U3PYyt3aQMCVxDKgoVmbZO27G27pHs7ief7JK%2BYPWjycSa5zNjpHrR8WfY4m3ve2E0tCHbTAjEpycXlzIb"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6d6b23696aa768e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 03 Mar 2022 12:21:14 GMT
fa-solid-900.woff2
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
fa-brands-400.woff2
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
fa-solid-900.woff
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
fa-brands-400.woff
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
598754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 14:02:00 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 10:03:58 GMT
x-content-type-options
nosniff
age
526636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 10:03:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
340886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 28 Jan 2023 13:39:48 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 04:11:53 GMT
x-content-type-options
nosniff
age
374961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 28 Jan 2023 04:11:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
498295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 17:56:19 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:15:28 GMT
x-content-type-options
nosniff
age
54346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17004
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 31 Jan 2023 21:15:28 GMT
KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdf807ebbe9d0ed29fb79a69096514e260a236b3b68e51e9a21aad536c622587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 13:52:37 GMT
x-content-type-options
nosniff
age
340117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10144
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 28 Jan 2023 13:52:37 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=cyrillic&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 18:07:18 GMT
x-content-type-options
nosniff
age
497636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 18:07:18 GMT
fa-solid-900.ttf
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
cropped-cropped-cropped-logo-leonbet.png
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/07/cropped-cropped-cropped-logo-leonbet.png
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f6d948675ba269577f0300fcefeba56985ef4a9c035dea021f343edf199faa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7182
last-modified
Sat, 22 Jan 2022 21:56:49 GMT
server
cloudflare
etag
"61ec7da1-1c0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WI2MrIzi3KVN%2FBMsthuJup4DDkIEIqBGep8Pwf8UtKHSJw586ze66f6YFoneqjmUZvZSBS4QVsqMFELUifNLev0OELfjDr9FqGfp%2Bx84WwQyLP0xG4z5gZor5tqvqTqgSfFg13uwZIM2m5Dve%2ByV1Qso7FiZVfHRJQfxxIwluQRE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d6b236b0b6490c7-FRA
%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B8%CC%86-%D1%81%D0%B0%D0%B8%CC%86%D1%82-%D0%BB%D0%B5%D0%BE%D0%BD-1024x496.jpg
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/09/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/09/%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B8%CC%86-%D1%81%D0%B0%D0%B8%CC%86%D1%82-%D0%BB%D0%B5%D0%BE%D0%BD-1024x496.jpg
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883b12f8684bb1c0e38e17d5b8f6f6bce6ea5671f32a22d0af1a071d068e97f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65978
last-modified
Sat, 22 Jan 2022 21:56:49 GMT
server
cloudflare
etag
"61ec7da1-101ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0yk7%2B%2FFcWgzX5zKPmaL2ajvEquac8cdxJYLNGpohCIpbZsaI0e4ujYtscWPxBi03qSuB2hffYIKBfybDpYfT058JPza3%2Ftd%2FxMW0J0cTzklaBpuyR%2B%2B0xW%2F3L1u0YDzXZBq%2BzT10HcX1G8ThE%2Fb6pzsyQM9TDjIsMpZBE%2BYk14j"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d6b236b0b6890c7-FRA
unnamed-file.png
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/07/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/uploads/2021/07/unnamed-file.png
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e9ee869a43b469f5c007a3f413f113857cc28da0af92075efbc79a0f435be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36315
last-modified
Sat, 22 Jan 2022 21:56:49 GMT
server
cloudflare
etag
"61ec7da1-8ddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdJLFvC0nvdTlO1gI1y4JUL15DAstlJw38aNKNwWxBwG7SvwBc2MDkXmQFcrzxqgdfmtCiQnRMdOYRVUlnl14Aw3HnBfzfC0tJNtCvFIqLr1%2FeMWUNj%2Bz7A07kAProTucSFOSBux%2F3%2FRZifZ5gksKTzm6ekZDx9Bw7ElDLfDmNlF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d6b236b0b6a90c7-FRA
fa-brands-400.ttf
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
fa-solid-900.woff2
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/b96f09c8d4e2ac364edaa9646c8c880f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/b96f09c8d4e2ac364edaa9646c8c880f.css
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Jan 2022 21:56:50 GMT
server
cloudflare
age
262616
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmjEKzkC%2B4EOdf7ipIh46L%2BnZ4jvNwla58P2YoT082r%2FhI2qloiehH1uUj7i1RIV68TOHCmYiGf8VSQdGguDHZXu%2BC%2BawEJehuiQQI%2B5E%2BPHSEKm6wKYnKeIT90fLqGkpCFHRiUEY1ZtvFq05hg%2FCIoRxYwgDgLlmglb0oQ4t6%2FZ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6d6b236bbcf090c7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 28 Feb 2022 11:24:18 GMT
fa-brands-400.woff2
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/b96f09c8d4e2ac364edaa9646c8c880f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:dc40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/b96f09c8d4e2ac364edaa9646c8c880f.css
Origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Jan 2022 21:56:50 GMT
server
cloudflare
age
274191
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXXCg%2FMmtkYo1QfEfaYDB%2FU4L%2BCz%2BPM7zyeTvybhhZ5nqkEjkFER5wsrdHuhn2DBCYJ84Uli5%2B8GOWa2JVPMTwmdby%2BbCMP9xrv6%2F57H8ZfSuAD0Gi5E5Ye3P5CyyQG2Aq4GTosE5Fe3oQOD293hiohKxvBtowAxG52EuNWfy0vK"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6d6b236bbcf790c7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 28 Feb 2022 08:11:23 GMT
tag.js
mc.yandex.ru/metrika/ 		198 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/wp-content/cache/min/1/7344001969e15406e22e6b1fb56389d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 15:48:14 GMT
etag
"61f1430e-10e38"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69176
expires
Tue, 01 Feb 2022 13:21:14 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9536.Jh-OT1xqmkLbIV3QaNPyWwCiIYUR_FqZRMWZ4SYotzeZXAHUwGADRjga4JaIqt94.vRjAD7RiIlzGVT3Ym0Y_glqxW9M%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9536.8emlNwP_qU5It8n9JE9k581Q1QdJcDHUnVWIUdw9KcXzVwtWd0krkEunqGPDtI-PzyeqaS0TiokWdaYk985-0Q%2C%2C.ZPJ9w0FnBL5Tl-I-mooK7rDMR8g%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9536.8emlNwP_qU5It8n9JE9k581Q1QdJcDHUnVWIUdw9KcXzVwtWd0krkEunqGPDtI-PzyeqaS0TiokWdaYk985-0Q%2C%2C.ZPJ9w0FnBL5Tl-I-mooK7rDMR8g%2C
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9536.8emlNwP_qU5It8n9JE9k581Q1QdJcDHUnVWIUdw9KcXzVwtWd0krkEunqGPDtI-PzyeqaS0TiokWdaYk985-0Q%2C%2C.ZPJ9w0FnBL5Tl-I-mooK7rDMR8g%2C
date
Tue, 01 Feb 2022 12:21:14 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:21:14 GMT
last-modified
Wed, 26 Jan 2022 15:48:14 GMT
etag
"61f1430e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 01 Feb 2022 13:21:14 GMT
1
mc.yandex.com/watch/87245604/
Redirect Chain
  • https://mc.yandex.com/watch/87245604?wmode=7&page-url=https%3A%2F%2Fxn----3-7cdcb1abbt1ahgiwpj6a8a.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1468%3Afu%3...
  • https://mc.yandex.com/watch/87245604/1?wmode=7&page-url=https%3A%2F%2Fxn----3-7cdcb1abbt1ahgiwpj6a8a.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1468%3Afu...
331 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/87245604/1?wmode=7&page-url=https%3A%2F%2Fxn----3-7cdcb1abbt1ahgiwpj6a8a.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1468%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A786310125890%3Ahid%3A637231042%3Az%3A0%3Ai%3A20220201122114%3Aet%3A1643718074%3Ac%3A1%3Arn%3A629308734%3Arqn%3A1%3Au%3A1643718074282732450%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643718072431%3Ads%3A0%2C49%2C325%2C5%2C976%2C0%2C%2C116%2C0%2C%2C%2C%2C1850%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643718075%3At%3A%D0%91%D0%BA%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B1%D0%B5%D1%82%D1%81%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%8E%D1%89%D0%B5%D0%B5%2C%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20leonbets%2C%20%D0%9B%D0%B5%D0%BE%D0%BD%20%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
17c3b67aa648baa5aec2d53cf7abbc57a5bce2d2c0b6aca684b0e03a86a217d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 12:21:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 01-Feb-2022 12:21:14 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Tue, 01-Feb-2022 12:21:14 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 12:21:14 GMT
last-modified
Tue, 01-Feb-2022 12:21:14 GMT
location
/watch/87245604/1?wmode=7&page-url=https%3A%2F%2Fxn----3-7cdcb1abbt1ahgiwpj6a8a.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1468%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A786310125890%3Ahid%3A637231042%3Az%3A0%3Ai%3A20220201122114%3Aet%3A1643718074%3Ac%3A1%3Arn%3A629308734%3Arqn%3A1%3Au%3A1643718074282732450%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643718072431%3Ads%3A0%2C49%2C325%2C5%2C976%2C0%2C%2C116%2C0%2C%2C%2C%2C1850%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643718075%3At%3A%D0%91%D0%BA%20%D0%9B%D0%B5%D0%BE%D0%BD%D0%B1%D0%B5%D1%82%D1%81%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%8E%D1%89%D0%B5%D0%B5%2C%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20leonbets%2C%20%D0%9B%D0%B5%D0%BE%D0%BD%20%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 01-Feb-2022 12:21:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai
URL
https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Domain
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai
URL
https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Domain
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai
URL
https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff
Domain
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai
URL
https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff
Domain
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai
URL
https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf
Domain
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai
URL
https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loadCSS object| astra function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| ElementorProFrontendConfig object| elementorFrontendConfig object| lazyLoadOptions function| wprRemoveCPCSS function| LazyLoad undefined| $ function| jQuery function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| lazyLoadThumb function| lazyLoadYoutubeIframe function| ym function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| wp object| webpackChunkelementor_pro object| webpackChunkelementor object| __core-js_shared__ object| core object| elementorModules object| elementorProFrontend function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| regeneratorRuntime object| elementorFrontend function| Sticky object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| Ya object| yaCounter87245604

10 Cookies

Domain/Path Name / Value
.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ Name: _ym_uid
Value: 1643718074282732450
.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ Name: _ym_d
Value: 1643718074
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3436494233fake
.xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1254927800fake
.yandex.com/ Name: yandexuid
Value: 6321830971643718074
.yandex.com/ Name: yuidss
Value: 6321830971643718074
mc.yandex.com/ Name: yabs-sid
Value: 272535891643718074
.yandex.com/ Name: i
Value: 3jKphvjXPxz2KAjmnKUInO19o8DQR5usnu8mTMrU67umbLsnzz4Yw0P8UlfyzHlaTYOBIU3qrB1PDSkiEzaCP+SmlGM=
.yandex.com/ Name: ymex
Value: 1675254074.yrts.1643718074#1675254074.yrtsi.1643718074

13 Console Messages

Source Level URL
Text
javascript error URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Message:
Access to font at 'https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2' from origin 'https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Message:
Access to font at 'https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2' from origin 'https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Message:
Access to font at 'https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff' from origin 'https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Message:
Access to font at 'https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff' from origin 'https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Message:
Access to font at 'https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf' from origin 'https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz/
Message:
Access to font at 'https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf' from origin 'https://xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9536.8emlNwP_qU5It8n9JE9k581Q1QdJcDHUnVWIUdw9KcXzVwtWd0krkEunqGPDtI-PzyeqaS0TiokWdaYk985-0Q%2C%2C.ZPJ9w0FnBL5Tl-I-mooK7rDMR8g%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
www.xn----4-7cdcb1abbt1ahgiwpj6a8a.xyz
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai
xn----3-7cdcb1abbt1ahgiwpj6a8a.xyz
xn-----8kcbbxbbryhfiuoj4a6a.xn--p1ai
185.240.102.32
2606:4700:3033::ac43:dc40
2a00:1450:4001:802::2003
2a00:1450:4001:82a::200a
2a02:6b8::1:119
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0a6c86538ec2d88110e52a265b38816f0472427068ab8645a87a5b93675d7702
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
17c3b67aa648baa5aec2d53cf7abbc57a5bce2d2c0b6aca684b0e03a86a217d8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
46a81d9eecf758da54f09983d052b2f0404104cd8bb4affeed2209c5481156d4
483784ecdf80ccaffd50869e23e2efdbeed9343b1b4c7dae837667e4984a68a7
4bca71285d96c3d92bd595dbd9df29c35652f0b1afdc72ed77f9aee73283928b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
62a816655d1b8bf20887b55d0b3884828e772f07fc94b9551757b585d5634cdd
6c90776a25f687eaae2209b1ae8dbcf55ee83fd0a4f955775bd55f38b18c9de3
6e1ac0917893632cacc3840c9ba2317661508a5197a7853bae304b556271477f
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
772a939fe72b662d152060e58932d5a64a8eeb3ec32c39335da803ad4e5d4ca8
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
883b12f8684bb1c0e38e17d5b8f6f6bce6ea5671f32a22d0af1a071d068e97f9
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d6f4ad80615f340de75f5d743429300ed7aa37e5ef6f72a477b9796a53184c45
d6f6d948675ba269577f0300fcefeba56985ef4a9c035dea021f343edf199faa
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
e8f0ccf71408ac726f8188f8cd369a301ea5d3c5cad7082ca7d5bdc97cfe8d75
f3e9ee869a43b469f5c007a3f413f113857cc28da0af92075efbc79a0f435be6
fdf807ebbe9d0ed29fb79a69096514e260a236b3b68e51e9a21aad536c622587