urlscan.io logo urlscan.io
SecurityTrails logo

www.ndrsn.com Open in urlscan Pro
52.223.52.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ndrsn.com/
Effective URL: https://www.ndrsn.com/
Submission: On September 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 56 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is www.ndrsn.com.
TLS certificate: Issued by E6 on August 22nd 2024. Valid for: 3 months.
This is the only time www.ndrsn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.223.52.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com
www.ndrsn.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2600:9000:2724:c00:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
3    3.160.150.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-33.fra60.r.cloudfront.net
events.framer.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:223e:9800:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.framerstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    2600:9000:2156:4600:4:c45e:82c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
public.rive.app
Apex Domain
Subdomains		 Transfer
13 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 53381
625 KB
5 rive.app
public.rive.app — Cisco Umbrella Rank: 427599
3 MB
3 framer.com
events.framer.com — Cisco Umbrella Rank: 64216
7 KB
2 framerstatic.com
app.framerstatic.com — Cisco Umbrella Rank: 106919
40 KB
2 gstatic.com
fonts.gstatic.com
27 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
113 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
103 KB
1 ndrsn.com
www.ndrsn.com
17 KB
56 9
Domain Requested by
13 framerusercontent.com www.ndrsn.com
5 public.rive.app framerusercontent.com
3 events.framer.com www.ndrsn.com
events.framer.com
2 app.framerstatic.com www.ndrsn.com
2 fonts.gstatic.com www.ndrsn.com
1 unpkg.com framerusercontent.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.ndrsn.com
1 www.ndrsn.com
56 9

This site contains links to these domains. Also see Links.

Domain
www.botniaskincare.com
www.aliengang.com
Subject Issuer Validity Valid
www.ndrsn.com
E6		 2024-08-22 -
2024-11-20		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
framerstatic.com
Amazon RSA 2048 M02		 2023-10-23 -
2024-11-20		 a year crt.sh
unpkg.com
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
rive.app
Amazon RSA 2048 M02		 2023-11-11 -
2024-12-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.ndrsn.com/
Frame ID: 626BD93BEE8E52D24F487C2A5A701F21
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NDRSN ANIMATION

Page URL History Show full URLs

  1. http://www.ndrsn.com/ HTTP 307
    https://www.ndrsn.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

56
Requests

52 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

10
IPs

2
Countries

3494 kB
Transfer

6936 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ndrsn.com/ HTTP 307
    https://www.ndrsn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ndrsn.com/
Redirect Chain
  • http://www.ndrsn.com/
  • https://www.ndrsn.com/
124 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.52.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Framer/c7de6f5 /
Resource Hash
2bde538cca0d48bd80acf40ba3b5e7bd2bf5c3f022cb8d169d34af368bf90adc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
17241
content-type
text/html
date
Wed, 04 Sep 2024 01:13:50 GMT
etag
"df6f218d60f4c1456d20653d736140a3"
last-modified
Tue, 26 Mar 2024 01:40:36 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/c7de6f5
server-timing
region;desc="eu-west-1", cache;desc="not-cached", ssg-status;desc="optimized", version;desc="c7de6f5"
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://www.ndrsn.com/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		309 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XBQYS7MVLR
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3faf1c743fa352b3aeef2dc334cc06ac0c542640a443a260334b580055ed93af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:13:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104699
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 01:13:51 GMT
chunk-ZD5WZ3YE.mjs
framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/ 		237 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/chunk-ZD5WZ3YE.mjs
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1a181f04f598cbf4b3014f7b5304872de1eb1168ee27ba9b7886cfb459cc2a47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:34 GMT
x-amz-version-id
MtEyEhdjckbFMUnKQgh0rHb3nFns4EIb
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
200718
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="FHjyBavh_7wHgjMxFRN0HRsUDPAe-YqqqqZT7t79WTaqxzJ6975GkQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc
h3=":443"; ma=86400
content-length
237
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 01:40:35 GMT
server
CloudFront
etag
"b7df5cfdc9161009d2060d05692cc366"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
FHjyBavh_7wHgjMxFRN0HRsUDPAe-YqqqqZT7t79WTaqxzJ6975GkQ==
chunk-LEUYTMJL.mjs
framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/ 		540 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/chunk-LEUYTMJL.mjs
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a28d2e7bf35a50082a014b0916c5dfa1a3d9c5d293edf39bc19b33926878ee8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:34 GMT
x-amz-version-id
f4AooTogI7QQXvXbfraz7AwCnkDk32Ai
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
age
200718
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="GqVoPq4BUBOlkRXqdm9re1PGrIvfl-D1FOsfbWC4d2655qn8D3BKoA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=6
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 01:40:35 GMT
server
CloudFront
etag
W/"ccb6ca4c74b65afd84493178e52ae4e1"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
GqVoPq4BUBOlkRXqdm9re1PGrIvfl-D1FOsfbWC4d2655qn8D3BKoA==
chunk-OIST4OYN.mjs
framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/ 		454 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/chunk-OIST4OYN.mjs
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7944b060b2f607cd1df3d09c957818afa4869d807b6ff0349506ecf590a03daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:34 GMT
x-amz-version-id
Mw5Da09ksGO.YKCBgYDQKCScpI5r4b40
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
200718
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="d0MfbsqXTnUdBlSBGOZ83p4OjlatIopSIpCFYwyNjZX_kSE9fWBZSQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=15
alt-svc
h3=":443"; ma=86400
content-length
454
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 01:40:35 GMT
server
CloudFront
etag
"8af81548ac68e6596fe9853138d19471"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
d0MfbsqXTnUdBlSBGOZ83p4OjlatIopSIpCFYwyNjZX_kSE9fWBZSQ==
yTq74yxzQXddmpmDdpRVQSflGCR_ACsAJUgx8crd_CA.Z3EF2H66.mjs
framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/ 		148 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/yTq74yxzQXddmpmDdpRVQSflGCR_ACsAJUgx8crd_CA.Z3EF2H66.mjs
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6f5a3a88740db2ae5c15a31b3018e3fd33e513a425417311237ab7f8b0843256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:35 GMT
x-amz-version-id
fOfJwXFSXvTw6tr8ivBf8oYSMNhcevwj
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
age
200717
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="r0t_gCqq8TT03tvcO5QopJ3dlPc2RV7sVJWa5aHTqmoCU8535-iqvQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 01:40:35 GMT
server
CloudFront
etag
W/"83bc4b0483f354824dfba6a95fef105c"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
r0t_gCqq8TT03tvcO5QopJ3dlPc2RV7sVJWa5aHTqmoCU8535-iqvQ==
chunk-D5MSYTDY.mjs
framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/ 		798 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/chunk-D5MSYTDY.mjs
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8ddb7dda187e983147c0d36a199b103cd2703faacd32209be92be550112449c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:35 GMT
x-amz-version-id
tyN.h1GmI5qlpYwKfF2e1aHDC2yGH2PG
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
200717
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="uN958de9NvfRexyzOmNZl57-NKLGhPiixDCWzaIIwTvZOxYmTDXsLA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc
h3=":443"; ma=86400
content-length
798
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 01:40:35 GMT
server
CloudFront
etag
"de6f11729cd2602274eb0a9bfc19164e"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
uN958de9NvfRexyzOmNZl57-NKLGhPiixDCWzaIIwTvZOxYmTDXsLA==
chunk-TEY2JCFK.mjs
framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/ 		736 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/chunk-TEY2JCFK.mjs
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d32e6c4fdd55f9c1ab2c4dc288c7a9cac70d6a9f1a56ba3300c37b2f2fb360bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:35 GMT
x-amz-version-id
OFvEn_rAetNInN.Mo81DHqYMiPT8W_C5
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
200717
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="jvBxRcq9pvcPyqqGrxaO6PAajt0EGORCOoZKBOCbTfh9bZ4l94b7rw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc
h3=":443"; ma=86400
content-length
736
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 01:40:35 GMT
server
CloudFront
etag
"b1a96da1ffc19398a20d72b4cc5c0ce0"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
jvBxRcq9pvcPyqqGrxaO6PAajt0EGORCOoZKBOCbTfh9bZ4l94b7rw==
script
events.framer.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
/
Resource Hash
e2b66bb41dea8cdd13364842d89e35c84e5aeb99f8cea22c006195494fb33404
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:13:51 GMT
content-encoding
gzip
via
1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length
18499
x-amz-cf-pop
FRA60-P7
x-amzn-trace-id
Root=1-66d7b44f-75ab6f7971803330777807be
x-amzn-requestid
8b25f6e0-1fe6-47ad-bad9-262c559fc995
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Wed, 04 Sep 2024 01:10:09 GMT
x-amz-apigw-id
djkcfHzHIAMEvXA=
content-length
6338
x-amz-cf-id
KecFqvnsv4-gGKtj3wT9OeKCiq8KOZARBlhe-CZhoe4KFUUWMxK6FQ==
yoJrDA6UD95f1WDLX9vpdoE7WwQ.jpg
framerusercontent.com/images/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/yoJrDA6UD95f1WDLX9vpdoE7WwQ.jpg
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c04ee955e6d58e60a4b4d4e9a39f8c5791cb18539e59aa11361cca2541045136
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:26:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via
1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
1874819
x-amzn-requestid
233a5f66-2dca-4c9d-bb93-6a3f0da95050
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="8hCHVzSTl4qU8t_KtCFCrrLKIgZtClyFg5s5Yc1g2Eqla_qDfrHxug==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"268e629306d3e6d63ea32a71d4cb9a11"
x-amzn-trace-id
root=1-66bb18c7-6a98f73c6749a2324655a097;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
8hCHVzSTl4qU8t_KtCFCrrLKIgZtClyFg5s5Yc1g2Eqla_qDfrHxug==
mUiEfHYU9PwHmbNHkIqrcZvhTE.jpg
framerusercontent.com/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/mUiEfHYU9PwHmbNHkIqrcZvhTE.jpg
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fb28c329fdf8c2d953bfeed2fb497e1caa45fca8015cde89ed91efa9d5f99825
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:26:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via
1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
1874822
x-amzn-requestid
435825f5-8381-4290-9e52-2237fae11768
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="Uu4BnBnTib0Y96ArLfHHinM9D844yNiwZ6_fg7EcfmX9Gjf7cZFWZA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"084883bc8d071c96188893e0e7e9cf72"
x-amzn-trace-id
root=1-66bb18c7-2971e93e302dd7a745fe1716;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
Uu4BnBnTib0Y96ArLfHHinM9D844yNiwZ6_fg7EcfmX9Gjf7cZFWZA==
6BE1KgNWqggxWpcZY7Yv3hzmXs.jpg
framerusercontent.com/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/6BE1KgNWqggxWpcZY7Yv3hzmXs.jpg
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bf0a2d63b2f20af9c6c7f202218ffa7a161aaf1f3e682046f787a5b48e57059
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 08:26:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via
1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
1874821
x-amzn-requestid
6476f578-16dc-41f6-86eb-15966cfda6d7
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="lncqZvVhSW4pkagaYLOj1iYVbPXCcxtuHjEHgzQfznW1lU8WLLlHxg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"4f4180de252bdce7e66759dcb66c078d"
x-amzn-trace-id
root=1-66bb18c7-202b9a8f7867463172b21396;parent=034bbff7b4593b2a;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
lncqZvVhSW4pkagaYLOj1iYVbPXCcxtuHjEHgzQfznW1lU8WLLlHxg==
6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
framerusercontent.com/images/ 		214 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/6tTbkXggWgQCAJ4DO2QEdXXmgM.svg
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 03 Jun 2024 12:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
7993971
x-amzn-requestid
287cb11d-cee8-4c57-ab46-862af731cfe1
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="-Hry4xbVAiY8GA9mH-mxHzEPZowDqR6mUtRt7MYUe8Q7aQtfWsoZAg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"a97b47fb394d0ff03e5b03f3e8770898"
x-amzn-trace-id
root=1-665db9dc-328707dd2530ef0b0da46ad7;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
-Hry4xbVAiY8GA9mH-mxHzEPZowDqR6mUtRt7MYUe8Q7aQtfWsoZAg==
11KSGbIZoRSg4pjdnUoif6MKHI.svg
framerusercontent.com/images/ 		215 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/11KSGbIZoRSg4pjdnUoif6MKHI.svg
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 31 May 2024 08:43:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
8267443
x-amzn-requestid
a3c947f9-e9c6-4b08-ae8d-e304bf927afe
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="vPCcwRjPXlLyLMh_F1A3YAMJm9Y3j45rVs0SV9Rf-lErQRDw1upChQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"a708cac1128e9b31af21c0c9dc3af441"
x-amzn-trace-id
root=1-66598d9c-484ff6b764d55c14758247ae;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
vPCcwRjPXlLyLMh_F1A3YAMJm9Y3j45rVs0SV9Rf-lErQRDw1upChQ==
default_script0.RQ5DPEDB.mjs
framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/default_script0.RQ5DPEDB.mjs
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f1f16a8ef1bb5f660cea0c2aff01d404368028401d989779db9532aebdbbe69f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:36 GMT
x-amz-version-id
Drtc8u2aixWeKolhxdvmkmKidctTlDSY
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
age
200716
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="E-sXNZrZOFrdrWKPMjwGPahnpHwL84fg435qe8BBQK9FGi9USBvi0Q==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=4
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 01:40:35 GMT
server
CloudFront
etag
W/"b6eb5dd75a6981b4b56f32d663c7230f"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
E-sXNZrZOFrdrWKPMjwGPahnpHwL84fg435qe8BBQK9FGi9USBvi0Q==
KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2
fonts.gstatic.com/s/architectsdaughter/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/architectsdaughter/v18/KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 00:42:29 GMT
x-content-type-options
nosniff
age
261082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13156
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Sep 2025 00:42:29 GMT
rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxRSW32.woff2
fonts.gstatic.com/s/dmsans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxRSW32.woff2
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
720546bd1109304dfb6076e22b74c2afeaca0b38c819d019eccb1a2e91e6f0be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 17:31:16 GMT
x-content-type-options
nosniff
age
286955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14308
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 23:59:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 17:31:16 GMT
Inter-Regular.latin-JLQMKCHE.woff2
app.framerstatic.com/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-Regular.latin-JLQMKCHE.woff2
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9800:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 12:39:27 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
19830865
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19024
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Jan 2024 12:38:30 GMT
server
CloudFront
etag
"e8e69f41b1da2a7b6e6fcb959e00e736"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
4ba8QWZbgHlZZhtenaAbNkGtrne0NPS8ReCcqcvzcPRZkcllgoNnhw==
Inter-SemiBold.latin-RDYY2AG2.woff2
app.framerstatic.com/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-SemiBold.latin-RDYY2AG2.woff2
Requested by
Host: www.ndrsn.com
URL: https://www.ndrsn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9800:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ndrsn.com/
Origin
https://www.ndrsn.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:33:39 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
19460413
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20072
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 18:17:04 GMT
server
CloudFront
etag
"6a7880ce1bd9abb417faf126dccfd935"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
RqxephQFZYvhgPdeWkKFN9rrHTtbS44sba2zl9aVf--jkFyhRPYYxw==
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XBQYS7MVLR&gtm=45je4930v9181102258za200&_p=1725412431250&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509156&cid=1356875312.1725412431&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725412431&sct=1&seg=0&dl=https%3A%2F%2Fwww.ndrsn.com%2F&dt=NDRSN%20ANIMATION&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=911
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XBQYS7MVLR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:13:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndrsn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rive.wasm
unpkg.com/@rive-app/canvas@1.1.7/ 		185 KB
113 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@rive-app/canvas@1.1.7/rive.wasm
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/yTq74yxzQXddmpmDdpRVQSflGCR_ACsAJUgx8crd_CA.Z3EF2H66.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f44a679f86497da14296ba9b7a38940954d3812a756d3969ba3f0d33fa893872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:13:51 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15042836
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWZHPDRF0NSNJKFKRVABMHD-fra
server
cloudflare
etag
"2e567-e0z5ClHhgy3MN5691cDNWX73Dfo"
vary
Accept-Encoding
content-type
application/wasm
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8bda1e9159654dbe-FRA
oVCmDH_jQEWgjqZHhU-8jQ.riv
public.rive.app/hosted/40977/132145/ 		2 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public.rive.app/hosted/40977/132145/oVCmDH_jQEWgjqZHhU-8jQ.riv
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/yTq74yxzQXddmpmDdpRVQSflGCR_ACsAJUgx8crd_CA.Z3EF2H66.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:4:c45e:82c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e3e35284144ebec2a393cc57b0a7bc3ca3558039c1f23f0c646a23015102cff

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:37 GMT
content-encoding
br
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
200714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 17 Mar 2024 18:08:38 GMT
server
AmazonS3
etag
W/"c7fbb43384aa6c8d3211224178472661"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=31536000, immutable
x-amz-cf-id
A9JTdWqYlvFRkmET-sTJm5liMKkmTycFctGgm5ICgY2rfNhDeORYeg==
AhuknOJvf0OGUWf4ETWjQA.riv
public.rive.app/hosted/40977/62314/ 		255 KB
244 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public.rive.app/hosted/40977/62314/AhuknOJvf0OGUWf4ETWjQA.riv
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/yTq74yxzQXddmpmDdpRVQSflGCR_ACsAJUgx8crd_CA.Z3EF2H66.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:4:c45e:82c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
553030ba6463c6dc9af92e3432a603c4e8c5b34034c58890ca8146a63addf561

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:37 GMT
content-encoding
br
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
200714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 May 2023 19:32:20 GMT
server
AmazonS3
etag
W/"5a74dbb16c6894fdd1de4af2c5f93adb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=31536000, immutable
x-amz-cf-id
3L00ppubMXct9oXr44bL-0UcSHLEkVdF-15AW1BV04nCPhzUMzGBuw==
u2DHUQkC2ECPrKgd8MS1Qw.riv
public.rive.app/hosted/40977/62299/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public.rive.app/hosted/40977/62299/u2DHUQkC2ECPrKgd8MS1Qw.riv
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/yTq74yxzQXddmpmDdpRVQSflGCR_ACsAJUgx8crd_CA.Z3EF2H66.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:4:c45e:82c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
651a0c5fa387c086aa52dabb185475a00667c7f5e01e95a03fde4a0d6335b62c

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:37 GMT
content-encoding
br
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
200714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 May 2023 19:09:54 GMT
server
AmazonS3
etag
W/"6bcde6b85a481d79473425477d4d410f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=31536000, immutable
x-amz-cf-id
NiYM9fSyr3dA4tLBkFxQVvi9I1XPzOwHJ4-YOfXkVE6WF6htV3XFeg==
fPhNDm_-m0O7d4WRCnHt6A.riv
public.rive.app/hosted/40977/62301/ 		90 KB
72 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public.rive.app/hosted/40977/62301/fPhNDm_-m0O7d4WRCnHt6A.riv
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/yTq74yxzQXddmpmDdpRVQSflGCR_ACsAJUgx8crd_CA.Z3EF2H66.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:4:c45e:82c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf1a24b3dff6b600a4c87a6928febae2c486b4077e39f015496e85c639fd300e

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:37 GMT
content-encoding
br
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
200714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 May 2023 19:11:49 GMT
server
AmazonS3
etag
W/"db56244042afa49f5ab0f2eed1b471eb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=31536000, immutable
x-amz-cf-id
ZxEFujh3NNem8z2wJnZ_24YAMKf-sf-L2pQ1sZw7J_Kgbd9emOyZRA==
yKlC3okPL0StEKguYBNj5A.riv
public.rive.app/hosted/40977/62306/ 		90 KB
72 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public.rive.app/hosted/40977/62306/yKlC3okPL0StEKguYBNj5A.riv
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/5KDKWCfZ2pzs1kFlmOqDkQ/yTq74yxzQXddmpmDdpRVQSflGCR_ACsAJUgx8crd_CA.Z3EF2H66.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:4:c45e:82c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
098974d0a481e8cfe55b4af0531be614388826970f7f148bef6bd84a89e68eab

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:28:37 GMT
content-encoding
br
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
200714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 May 2023 19:18:19 GMT
server
AmazonS3
etag
W/"b5fdca08e4db4bf941f2a25bbf8140cd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=31536000, immutable
x-amz-cf-id
-cxCQkIMPiKVbRA5rhHLWV7H6p-N0sB5e53KWN7aSQkRlHr2KdLx7g==
anonymous
events.framer.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Sep 2024 01:13:52 GMT
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
x-amzn-trace-id
Root=1-66d7b450-6987d7ca6fd59c8306e8a4f8;Parent=7e36900e203192f0;Sampled=0;lineage=1:c457ad49:0
x-amzn-requestid
a39238cc-18ef-457b-ab50-bd63a5c8f532
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
djkclEZ5oAMEcVw=
content-length
0
x-amz-cf-id
zDsAJo6nlD0l0t9qmAS2Nvmz4Fnm9ws68Hf5yh-ZlA8FBnYlHYXotQ==
anonymous
events.framer.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ndrsn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 04 Sep 2024 01:13:52 GMT
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
x-amz-apigw-id
djkcjEpXIAMEU4w=
x-amz-cf-id
LNc8k4B77uPNmXlue9lBs3-KF6QmoGnBqwBbrqRJ9ZUoTMbPlSWPIw==
x-amz-cf-pop
FRA60-P7
x-amzn-requestid
f00f9156-9c52-42bd-bfc6-d421ede075aa
x-cache
Miss from cloudfront
OwrKxGHMmqe90xRwCqFMBra71UI.png
framerusercontent.com/images/ 		316 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/images/OwrKxGHMmqe90xRwCqFMBra71UI.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2724:c00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
463595e304ad34d396d68d9eaa22a1439d366d46f88c0fc0d651e01f4ebd74cd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://www.ndrsn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 17:29:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via
1.1 a9a00cd74e5659e3b49c7fab5dc2863a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
200635
x-amzn-requestid
19c21205-a9ec-4f7d-aab2-17603f164de2
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="REC",cdn-rid;desc="WkxtG_ZgD9295ZWLdJCF6V6Ji6cXRxKZppFufV5FpHT2-_u4nqTZTA==",cdn-downstream-fbl=4
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"ac80ef585610cd99846219c6a180b2f9"
x-amzn-trace-id
root=1-66d4a494-05dae95d47807ee01dbe3428;parent=1fd400b51bff8104;sampled=0;lineage=1:f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
WkxtG_ZgD9295ZWLdJCF6V6Ji6cXRxKZppFufV5FpHT2-_u4nqTZTA==
5b6ed65c-50f2-4655-9994-a64ef22da86d
https://www.ndrsn.com/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/5b6ed65c-50f2-4655-9994-a64ef22da86d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f650784c1e1b8bba1fd9b43f2cce47bcb647085cfb3c1761d96578df90d3221

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
51745
Content-Type
image/png
de1ff0ba-a9ff-4cb8-aa7d-0fa75271b65e
https://www.ndrsn.com/ 		81 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/de1ff0ba-a9ff-4cb8-aa7d-0fa75271b65e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea3f99a3929542df0788e8de068d06590f8cc8e02528a7e165246b180dde57af

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
82655
Content-Type
image/png
7a884892-21f8-4974-b47a-f88acecae166
https://www.ndrsn.com/ 		85 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/7a884892-21f8-4974-b47a-f88acecae166
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e2ae296ef009ccb4af4002059e174dee8359181690770c6fa47b9ca4c2b40d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
87072
Content-Type
image/png
da0e69eb-43ee-474e-bb6e-395aea35fa59
https://www.ndrsn.com/ 		84 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/da0e69eb-43ee-474e-bb6e-395aea35fa59
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a7996a523b11a9b52dab642ea62cd1c8697a8bc93ee78f21ee37bda4514940c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
86247
Content-Type
image/png
0dad051c-60f0-411f-b2a4-c8de1b88cf16
https://www.ndrsn.com/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/0dad051c-60f0-411f-b2a4-c8de1b88cf16
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f650784c1e1b8bba1fd9b43f2cce47bcb647085cfb3c1761d96578df90d3221

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
51745
Content-Type
image/png
1a3f9c68-b511-4484-adbf-9ecf46c7da09
https://www.ndrsn.com/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/1a3f9c68-b511-4484-adbf-9ecf46c7da09
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82cf1c684987e7a8c2d245eb561a03aa3adc363cb5aeb1370846369b5b41a947

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
4043
Content-Type
image/png
e1816d79-10ea-4541-87d4-4fc2809be5dd
https://www.ndrsn.com/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/e1816d79-10ea-4541-87d4-4fc2809be5dd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f839b0cef3559cc600e168a7038f33c3df9ac6b088a7d14e694f317d4a7bb2fc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
24091
Content-Type
image/png
5cca9c24-f729-4ad3-b80e-f4c8ea35b4f1
https://www.ndrsn.com/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/5cca9c24-f729-4ad3-b80e-f4c8ea35b4f1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f672a071e2e8872f1864c901400a92ad455e541f3ce6e88cda09b20eeb37c87

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
20009
Content-Type
image/png
b3835e66-b410-426e-9ab7-3f46fbf10d4f
https://www.ndrsn.com/ 		52 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/b3835e66-b410-426e-9ab7-3f46fbf10d4f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a17877d87176cfee4de0d21f60850ec1ccbe10848653f289b9af24765766d3cf

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
52874
Content-Type
image/png
83366e38-3265-4327-b6a5-be5dedfd6957
https://www.ndrsn.com/ 		33 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/83366e38-3265-4327-b6a5-be5dedfd6957
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc5c499b267dbfc908529264499fa9523ee21109b3e5f608f8b55e7f9d444b0a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
33317
Content-Type
image/png
f1af1910-9721-4f92-8b9e-a42768df53f1
https://www.ndrsn.com/ 		118 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/f1af1910-9721-4f92-8b9e-a42768df53f1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a400f0f6fcf1a3c4cd16e29c8ce7dd20df290370688d8a457ad32d640b17b19f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
120764
Content-Type
image/png
e5676757-dc75-4f6d-8d47-2aece981c31b
https://www.ndrsn.com/ 		59 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/e5676757-dc75-4f6d-8d47-2aece981c31b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
624523dda534a9d3830c73df713a3fccdd0fc60bc4379f84379fd7659923ff12

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
60245
Content-Type
image/png
b32eb73b-fd5b-419a-b8ae-19bdae0a8674
https://www.ndrsn.com/ 		305 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/b32eb73b-fd5b-419a-b8ae-19bdae0a8674
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab1c715dfaf0fabbc92e07305350261a8c9e5a050972d2825b5480c563af03c3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
311935
Content-Type
image/png
f355dd08-6798-47d8-936d-5f3e2ddb20cb
https://www.ndrsn.com/ 		307 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/f355dd08-6798-47d8-936d-5f3e2ddb20cb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6f31b0bb71496a08047ffe7e9699d58c2dbb9f918937996bbbfdc993ff64834

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
314396
Content-Type
image/png
24d940ec-5d91-4853-bb29-847e30969023
https://www.ndrsn.com/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/24d940ec-5d91-4853-bb29-847e30969023
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5680778220fc79d1eb635238d0f25b32819f5221af9fe6dee30fd0b9955b4581

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
7441
Content-Type
image/png
2dc3d793-d55c-4707-814b-a626722f4a19
https://www.ndrsn.com/ 		123 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/2dc3d793-d55c-4707-814b-a626722f4a19
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1373e6dae73422a849d19277b02a2ef6dea5cda983c5e4396dc7b92860012d3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
125769
Content-Type
image/png
0daa34bb-e0ac-4909-9b29-971f2885b4ce
https://www.ndrsn.com/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/0daa34bb-e0ac-4909-9b29-971f2885b4ce
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf164aa72d9eb95bdbad86fda2a89b7040afb2a0c55ab2e61368b88093a262d6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
10869
Content-Type
image/png
6e10dd63-28c3-4172-841b-f2090f1df0d7
https://www.ndrsn.com/ 		167 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/6e10dd63-28c3-4172-841b-f2090f1df0d7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d502f9042b3e3f45da01f688cf63a4fe6ca2fc2d2c995beae5887201af8cdcfc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
171311
Content-Type
image/png
03d52303-19b7-4629-acf1-21ce0641702e
https://www.ndrsn.com/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/03d52303-19b7-4629-acf1-21ce0641702e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe4a8423245c1a2dc7b1db3a5f557070ef774ff70d7c5aa5e1fa1d2ae714771f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
9784
Content-Type
image/png
e8828fdd-f186-4a70-8733-8e989f8e61f7
https://www.ndrsn.com/ 		44 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/e8828fdd-f186-4a70-8733-8e989f8e61f7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
129e30b7aa9e92fe4c0f773f55663b45c079da455d7ba2c1f957d0641da159b6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
45143
Content-Type
image/png
bf3edece-fdea-4304-900d-9881e3fd6ee4
https://www.ndrsn.com/ 		45 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/bf3edece-fdea-4304-900d-9881e3fd6ee4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82d0b9402d0fcf306f52ce3ff07307cdc5f1ac543ee41c319344aa111b9c35f7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
45597
Content-Type
image/png
6589f1e1-c347-46d3-a54a-38ad64c167c5
https://www.ndrsn.com/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/6589f1e1-c347-46d3-a54a-38ad64c167c5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d49a2fb1f9f4b56ca2c19c7759fcbde952c7f6ea1ba1fd24de2c0971690b9b3a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
31376
Content-Type
image/png
2a334ea1-007f-4c93-888c-dc96919c90c0
https://www.ndrsn.com/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/2a334ea1-007f-4c93-888c-dc96919c90c0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
530c74f56cd74fb3f12250459cbf68bb6d0bde5e0c9598391389e96d76b26c56

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
2809
Content-Type
image/png
4c962858-f2b5-42f1-9c81-b23a9927757a
https://www.ndrsn.com/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/4c962858-f2b5-42f1-9c81-b23a9927757a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62698997caac2a6c088dafd0033474e2479e0bcd75f4586a676180b12b664487

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
31831
Content-Type
image/png
8204c8c3-698d-494d-911b-c3dd26d5daf9
https://www.ndrsn.com/ 		73 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/8204c8c3-698d-494d-911b-c3dd26d5daf9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6a5e60dd1e292410b0854727d6851cb5c00e093ba2acffc8867c252c85fd957

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
74316
Content-Type
image/png
983887d7-2756-4d78-95da-02f390b12680
https://www.ndrsn.com/ 		635 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/983887d7-2756-4d78-95da-02f390b12680
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ae61579e6441cf8e5ba259e9ce82a142b035b8f192c70b9de4e8251313b8f19

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
649775
Content-Type
image/png
322b1a64-5695-4fa3-807a-c6ce2e5de401
https://www.ndrsn.com/ 		37 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ndrsn.com/322b1a64-5695-4fa3-807a-c6ce2e5de401
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a60dbf0f9849220dc12700b0f85952613108aae8e9a7c9f90358df8618209f4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
37456
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| animator function| HandoffAppearAnimations function| __framer_importFromPackage object| process object| __framer_events object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal boolean| HandoffComplete function| __send_framer_event

2 Cookies

Domain/Path Name / Value
.ndrsn.com/ Name: _ga_XBQYS7MVLR
Value: GS1.1.1725412431.1.0.1725412431.0.0.0
.ndrsn.com/ Name: _ga
Value: GA1.1.1356875312.1725412431

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
events.framer.com
fonts.gstatic.com
framerusercontent.com
public.rive.app
region1.google-analytics.com
unpkg.com
www.googletagmanager.com
www.ndrsn.com
2001:4860:4802:32::36
2600:9000:2156:4600:4:c45e:82c0:93a1
2600:9000:223e:9800:d:6b42:4ec0:93a1
2600:9000:2724:c00:d:ada1:a280:93a1
2606:4700::6811:f7cb
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::2008
3.160.150.33
52.223.52.2
098974d0a481e8cfe55b4af0531be614388826970f7f148bef6bd84a89e68eab
0a60dbf0f9849220dc12700b0f85952613108aae8e9a7c9f90358df8618209f4
129e30b7aa9e92fe4c0f773f55663b45c079da455d7ba2c1f957d0641da159b6
1a181f04f598cbf4b3014f7b5304872de1eb1168ee27ba9b7886cfb459cc2a47
1a7996a523b11a9b52dab642ea62cd1c8697a8bc93ee78f21ee37bda4514940c
1e3e35284144ebec2a393cc57b0a7bc3ca3558039c1f23f0c646a23015102cff
284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3
2bde538cca0d48bd80acf40ba3b5e7bd2bf5c3f022cb8d169d34af368bf90adc
2f672a071e2e8872f1864c901400a92ad455e541f3ce6e88cda09b20eeb37c87
3ae61579e6441cf8e5ba259e9ce82a142b035b8f192c70b9de4e8251313b8f19
3faf1c743fa352b3aeef2dc334cc06ac0c542640a443a260334b580055ed93af
463595e304ad34d396d68d9eaa22a1439d366d46f88c0fc0d651e01f4ebd74cd
48e2ae296ef009ccb4af4002059e174dee8359181690770c6fa47b9ca4c2b40d
530c74f56cd74fb3f12250459cbf68bb6d0bde5e0c9598391389e96d76b26c56
553030ba6463c6dc9af92e3432a603c4e8c5b34034c58890ca8146a63addf561
5680778220fc79d1eb635238d0f25b32819f5221af9fe6dee30fd0b9955b4581
5f650784c1e1b8bba1fd9b43f2cce47bcb647085cfb3c1761d96578df90d3221
624523dda534a9d3830c73df713a3fccdd0fc60bc4379f84379fd7659923ff12
62698997caac2a6c088dafd0033474e2479e0bcd75f4586a676180b12b664487
651a0c5fa387c086aa52dabb185475a00667c7f5e01e95a03fde4a0d6335b62c
6f5a3a88740db2ae5c15a31b3018e3fd33e513a425417311237ab7f8b0843256
6fce5a0604a6267ad769dd5e7afbfcf8bd0390897f682aec71f6307999a5b67e
720546bd1109304dfb6076e22b74c2afeaca0b38c819d019eccb1a2e91e6f0be
7944b060b2f607cd1df3d09c957818afa4869d807b6ff0349506ecf590a03daa
82cf1c684987e7a8c2d245eb561a03aa3adc363cb5aeb1370846369b5b41a947
82d0b9402d0fcf306f52ce3ff07307cdc5f1ac543ee41c319344aa111b9c35f7
8bf0a2d63b2f20af9c6c7f202218ffa7a161aaf1f3e682046f787a5b48e57059
8ddb7dda187e983147c0d36a199b103cd2703faacd32209be92be550112449c9
a17877d87176cfee4de0d21f60850ec1ccbe10848653f289b9af24765766d3cf
a28d2e7bf35a50082a014b0916c5dfa1a3d9c5d293edf39bc19b33926878ee8d
a400f0f6fcf1a3c4cd16e29c8ce7dd20df290370688d8a457ad32d640b17b19f
ab1c715dfaf0fabbc92e07305350261a8c9e5a050972d2825b5480c563af03c3
bc5c499b267dbfc908529264499fa9523ee21109b3e5f608f8b55e7f9d444b0a
c04ee955e6d58e60a4b4d4e9a39f8c5791cb18539e59aa11361cca2541045136
c1373e6dae73422a849d19277b02a2ef6dea5cda983c5e4396dc7b92860012d3
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
ca764b5867087d3c5ffc2bb0497a50b2ecf18ae7252169951ec97e18a592973d
cf164aa72d9eb95bdbad86fda2a89b7040afb2a0c55ab2e61368b88093a262d6
cf1a24b3dff6b600a4c87a6928febae2c486b4077e39f015496e85c639fd300e
d32e6c4fdd55f9c1ab2c4dc288c7a9cac70d6a9f1a56ba3300c37b2f2fb360bb
d49a2fb1f9f4b56ca2c19c7759fcbde952c7f6ea1ba1fd24de2c0971690b9b3a
d502f9042b3e3f45da01f688cf63a4fe6ca2fc2d2c995beae5887201af8cdcfc
e2b66bb41dea8cdd13364842d89e35c84e5aeb99f8cea22c006195494fb33404
e6a5e60dd1e292410b0854727d6851cb5c00e093ba2acffc8867c252c85fd957
e6f31b0bb71496a08047ffe7e9699d58c2dbb9f918937996bbbfdc993ff64834
ea3f99a3929542df0788e8de068d06590f8cc8e02528a7e165246b180dde57af
f1f16a8ef1bb5f660cea0c2aff01d404368028401d989779db9532aebdbbe69f
f44a679f86497da14296ba9b7a38940954d3812a756d3969ba3f0d33fa893872
f839b0cef3559cc600e168a7038f33c3df9ac6b088a7d14e694f317d4a7bb2fc
fb28c329fdf8c2d953bfeed2fb497e1caa45fca8015cde89ed91efa9d5f99825
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157
fe4a8423245c1a2dc7b1db3a5f557070ef774ff70d7c5aa5e1fa1d2ae714771f