urlscan.io logo urlscan.io
SecurityTrails logo

detexify.kirelabs.org Open in urlscan Pro
54.237.133.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://detexify.kirelabs.org/
Effective URL: http://detexify.kirelabs.org/classify.html
Submission: On January 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 36 HTTP transactions. The main IP is 54.237.133.81, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is detexify.kirelabs.org.
This is the only time detexify.kirelabs.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    54.237.133.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-133-81.compute-1.amazonaws.com
detexify.kirelabs.org
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    2606:4700:3030::6815:13a8 (United States)

ASN13335 (CLOUDFLARENET, US)
gttp.co
3    2606:4700::6810:c119 (United States)

ASN13335 (CLOUDFLARENET, US)
gumroad.com
assets.gumroad.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6810:c019 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.gumroad.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::681a:bfb (United States)

ASN13335 (CLOUDFLARENET, US)
api.flattr.com
2    2606:4700:20::681a:afb (United States)

ASN13335 (CLOUDFLARENET, US)
api.flattr.com
button.flattr.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
229 KB
7 kirelabs.org
detexify.kirelabs.org
424 KB
5 gumroad.com
gumroad.com — Cisco Umbrella Rank: 80846
assets.gumroad.com — Cisco Umbrella Rank: 132739
140 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
10 KB
3 flattr.com
api.flattr.com
button.flattr.com — Cisco Umbrella Rank: 957825
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
2 gttp.co
gttp.co
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2512
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 6
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
82 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
2 KB
36 12
Domain Requested by
7 detexify.kirelabs.org 1 redirects detexify.kirelabs.org
6 pagead2.googlesyndication.com detexify.kirelabs.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 assets.gumroad.com detexify.kirelabs.org
gumroad.com
assets.gumroad.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 api.flattr.com 2 redirects
2 www.google-analytics.com detexify.kirelabs.org
www.google-analytics.com
2 gttp.co detexify.kirelabs.org
2 www.paypalobjects.com detexify.kirelabs.org
1 www.google.com tpc.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 button.flattr.com detexify.kirelabs.org
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com detexify.kirelabs.org
1 gumroad.com detexify.kirelabs.org
36 17
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
gumroad.com
E1		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://detexify.kirelabs.org/classify.html
Frame ID: 37B14326B4D8C49B2023F4340EB59372
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 50EAE3484A49C49802D806957871582D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&h=50&slotname=2804888725&adk=3049951324&adf=3076384377&pi=t.ma~as.2804888725&w=320&lmt=1585690282&format=320x50&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&wgl=1&dt=1705022573610&bpp=2&bdt=705&idt=244&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=3785067553800&frm=20&pv=2&ga_vid=416586520.1705022574&ga_sid=1705022574&ga_hid=472561221&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080353%2C95320894&oid=2&pvsid=3382613327515249&tmod=992419135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251
Frame ID: A824309D2F00E41FC8F4936057465D54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&adk=1812271804&adf=3025194257&lmt=1585690282&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x1080_r&format=0x0&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&dt=1705022573680&bpp=1&bdt=775&idt=183&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&nras=1&correlator=3785067553800&frm=20&pv=1&ga_vid=416586520.1705022574&ga_sid=1705022574&ga_hid=472561221&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080353%2C95320894&oid=2&pvsid=3382613327515249&tmod=992419135&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=188
Frame ID: 440DF8DC030F0C20BDF35DF5EF700AF6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B46F3F09277906878BB9A4792DA35D60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 364AB6529C21247A1CE7DC7CAF5ABE68
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Detexify LaTeX handwritten symbol recognition

Page URL History Show full URLs

  1. http://detexify.kirelabs.org/ HTTP 302
    http://detexify.kirelabs.org/classify.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

64 %
HTTPS

88 %
IPv6

12
Domains

17
Subdomains

17
IPs

3
Countries

959 kB
Transfer

1923 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://detexify.kirelabs.org/ HTTP 302
    http://detexify.kirelabs.org/classify.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 19
  • http://api.flattr.com/js/0.5.0/load.js?mode=auto HTTP 301
  • https://api.flattr.com/js/0.5.0/load.js?mode=auto HTTP 301
  • https://button.flattr.com/loader.js?mode=auto

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request classify.html
detexify.kirelabs.org/
Redirect Chain
  • http://detexify.kirelabs.org/
  • http://detexify.kirelabs.org/classify.html
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
thin /
Resource Hash
72112388fedc8d52c9056e2b947553d7e5b1bb79a78a936be2465ab20fbffbba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
9579
Content-Type
text/html
Date
Fri, 12 Jan 2024 01:22:52 GMT
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705022572&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=eyxIof5t1wZFf1ueu0CcPPkGd6QbupbKPSGKU7aP7xQ%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705022572&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=eyxIof5t1wZFf1ueu0CcPPkGd6QbupbKPSGKU7aP7xQ%3D
Server
thin
Via
1.1 vegur

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html;charset=utf-8
Date
Fri, 12 Jan 2024 01:22:52 GMT
Location
http://detexify.kirelabs.org/classify.html
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705022572&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=eyxIof5t1wZFf1ueu0CcPPkGd6QbupbKPSGKU7aP7xQ%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705022572&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=eyxIof5t1wZFf1ueu0CcPPkGd6QbupbKPSGKU7aP7xQ%3D
Server
thin
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
style-211700fe.css
detexify.kirelabs.org/stylesheets/ 		181 KB
182 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
thin /
Resource Hash
8683569e70ba56fe875c851c0644f88f4addbe753e299a710abc81f965052f71

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/classify.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 01:22:52 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705022572&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=eyxIof5t1wZFf1ueu0CcPPkGd6QbupbKPSGKU7aP7xQ%3D"}]}
Content-Type
text/css
Connection
keep-alive
Content-Length
185202
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705022572&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=eyxIof5t1wZFf1ueu0CcPPkGd6QbupbKPSGKU7aP7xQ%3D
shared-82878c38.js
detexify.kirelabs.org/javascripts/ 		155 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://detexify.kirelabs.org/javascripts/shared-82878c38.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
thin /
Resource Hash
c6309b8d07470d8662dfa822f4f5aabd278ae570e4907a5e44299a6f1795d26f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/classify.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 01:22:52 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705022573&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=jKCJrVJL4KME8G5ai01z4uiYOWfqmmboOqpSaQ7vfz4%3D"}]}
Content-Type
application/javascript
Connection
keep-alive
Content-Length
158683
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705022573&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=jKCJrVJL4KME8G5ai01z4uiYOWfqmmboOqpSaQ7vfz4%3D
classify-deb1263c.js
detexify.kirelabs.org/javascripts/ 		834 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://detexify.kirelabs.org/javascripts/classify-deb1263c.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
thin /
Resource Hash
37c48d82d0ba43adc99686a5575f9c5e0887729d3f191e7b0cbdc14d201e65bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/classify.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 01:22:52 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705022573&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=jKCJrVJL4KME8G5ai01z4uiYOWfqmmboOqpSaQ7vfz4%3D"}]}
Content-Type
application/javascript
Connection
keep-alive
Content-Length
834
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705022573&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=jKCJrVJL4KME8G5ai01z4uiYOWfqmmboOqpSaQ7vfz4%3D
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35474f3edacc79f052b2860eeaa0bd40c3dbf426a84c7381a5f80eb723c3aacc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 01:22:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54382
X-XSS-Protection
0
Server
cafe
ETag
14078166369026993300
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Expires
Fri, 12 Jan 2024 01:22:53 GMT
btn_donate_LG.gif
www.paypalobjects.com/en_GB/i/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
4df41d841402fedbee9fb11981ccbc96eb3143097a2a1fcd741e81a6366e1a6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
e0a5cf07bccb2
dc
ccg11-origin-www-1.paypal.com
content-length
1714
last-modified
Mon, 03 Apr 2023 20:22:08 GMT
server
ECAcc (frc/4D07)
traceparent
00-0000000000000000000e0a5cf07bccb2-8e351439263e10fa-01
etag
"642b3570-6b2"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 12 Jan 2024 02:22:52 GMT
pixel.gif
www.paypalobjects.com/de_DE/i/scr/ 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
13c2b544fdf07
dc
ccg11-origin-www-1.paypal.com
content-length
43
last-modified
Fri, 16 Aug 2019 04:57:26 GMT
server
ECAcc (frc/4CFA)
traceparent
00-000000000000000000013c2b544fdf07-57ebc16264b3280e-01
etag
"5d5637b6-2b"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 12 Jan 2024 02:22:53 GMT
v1.js
gttp.co/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://gttp.co/v1.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
2606:4700:3030::6815:13a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
gumroad.js
gumroad.com/js/ 		511 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumroad.com/js/gumroad.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d48c3654cc181a7c572f32a2c63af7f752f00decf77052ff9986c5c7312730b
Security Headers
Name Value
Content-Security-Policy default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
content-security-policy
default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
x-revision
5c0a82cf188f
x-xss-protection
1; mode=block
x-request-id
8908b925-40db-4daf-8dfd-ee5267d40424
x-runtime
0.004248
server
cloudflare
etag
W/"0d48c3654cc181a7c572f32a2c63af7f"
x-download-options
noopen
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=3600
cf-ray
84419749c8842c5a-FRA
link
<https://assets.gumroad.com/packs/css/overlay-7514443f.css>; rel=preload; as=style; nopush
x-gr
PROD
expires
Fri, 12 Jan 2024 02:22:53 GMT
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d74a3db55720dc2f492b65c2234033db1ec80ffe72f9c01b7f22b09c0472dd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 01:22:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 12 Jan 2024 01:22:53 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 12 Jan 2024 01:22:53 GMT
overlay-7514443f.css
assets.gumroad.com/packs/css/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/css/overlay-7514443f.css
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d8669ecf184c18fee97f4a035da96784c4cb3aaab1b87cb443a0515d5ae18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:53 GMT
via
1.1 c67feb477d254fde2981dc0574086454.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MRS52-P1
age
3782739
cf-polished
origSize=39494
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Fri, 24 Nov 2023 09:00:00 GMT
server
cloudflare
etag
W/"cdea631409653e5dd6db622ecb9abc57"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8441974c09742c5a-FRA
x-amz-cf-id
RWEipoRqOv6iZ9e7abIMzYT-wKHh7bUqsRow8tXQPgAG_oNJlSPH_w==
expires
Sat, 11 Jan 2025 01:22:53 GMT
overlay-35993addac6808bc1e47.js
assets.gumroad.com/packs/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/js/overlay-35993addac6808bc1e47.js
Requested by
Host: gumroad.com
URL: https://gumroad.com/js/gumroad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b532d25e5a7cf5a30ca7381038ab815c7548dcab62c4c73b20c5433aad9571

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:53 GMT
via
1.1 b071197ca0cdda2953c667503cd2c778.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-P3
age
1759281
cf-polished
origSize=5573
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Fri, 22 Dec 2023 16:24:19 GMT
server
cloudflare
etag
W/"5a1a31869ecceec5b802c7ea143a0b6e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8441974cea082c5a-FRA
x-amz-cf-id
isWx55zmAirGp5n-QJbqcGoDB28FUkz4153rUA644a9a_8EAYZ0hmQ==
expires
Sat, 11 Jan 2025 01:22:53 GMT
v1.js
gttp.co/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://gttp.co/v1.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
2606:4700:3030::6815:13a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
draw_here-fb29231f.png
detexify.kirelabs.org/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://detexify.kirelabs.org/images/draw_here-fb29231f.png
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Protocol
HTTP/1.1
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
thin /
Resource Hash
3b2286e41fb8ddb39d9e34d94255edc34e4d209e23291abf5bcdc17c59df4580

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/stylesheets/style-211700fe.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 01:22:52 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705022573&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=jKCJrVJL4KME8G5ai01z4uiYOWfqmmboOqpSaQ7vfz4%3D"}]}
Content-Type
image/png
Connection
keep-alive
Content-Length
7862
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705022573&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=jKCJrVJL4KME8G5ai01z4uiYOWfqmmboOqpSaQ7vfz4%3D
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 16:06:58 GMT
X-Content-Type-Options
nosniff
Age
33355
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
48236
X-XSS-Protection
0
Last-Modified
Thu, 14 Dec 2023 02:08:40 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 10 Jan 2025 16:06:58 GMT
fontawesome-webfont-638c652d.woff2
detexify.kirelabs.org/fonts/font-awesome/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://detexify.kirelabs.org/fonts/font-awesome/fontawesome-webfont-638c652d.woff2?v=4.5.0
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Protocol
HTTP/1.1
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
thin /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 01:22:53 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705022573&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=jKCJrVJL4KME8G5ai01z4uiYOWfqmmboOqpSaQ7vfz4%3D"}]}
Content-Type
application/font-woff2
Connection
keep-alive
Content-Length
66624
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705022573&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=jKCJrVJL4KME8G5ai01z4uiYOWfqmmboOqpSaQ7vfz4%3D
19db990205089207b039.woff2
assets.gumroad.com/packs/static/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/static/19db990205089207b039.woff2
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/css/overlay-7514443f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da3a4a9ffefbd4c563fc28b1cb72a6b2cec089285f571e6c682e35a825d1ff76

Request headers

Referer
https://assets.gumroad.com/packs/css/overlay-7514443f.css
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:53 GMT
via
1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
VIE50-C2
age
741187
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
67176
last-modified
Fri, 01 Dec 2023 13:08:47 GMT
server
cloudflare
etag
"d64a48ba0b9752af91d3858d8a95d2ec"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag, Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
public, max-age=31536000
vary
Origin, Accept-Encoding
accept-ranges
bytes
cf-ray
8441974d3b8d1e68-FRA
x-amz-cf-id
52_PDZa_4lCHEZSILerjaK8lbd-Dd2b6cfVshbqRHcYM2b0w53_7Tw==
expires
Sat, 11 Jan 2025 01:22:53 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31080353
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e0aca1e4984208f842c6ea49f1752c4ced0b425581ef16864283e502b0e4a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139392
x-xss-protection
0
server
cafe
etag
4885258498496781455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 01:22:53 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 50EA 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 23:45:01 GMT
etag
9219409622527106327
expires
Thu, 25 Jan 2024 23:45:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 01:22:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
26
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 12 Jan 2024 03:22:27 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
loader.js
button.flattr.com/
Redirect Chain
  • http://api.flattr.com/js/0.5.0/load.js?mode=auto
  • https://api.flattr.com/js/0.5.0/load.js?mode=auto
  • https://button.flattr.com/loader.js?mode=auto
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://button.flattr.com/loader.js?mode=auto
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Server
2606:4700:20::681a:afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

date
Fri, 12 Jan 2024 01:22:53 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc45xiY4rwtw6jGNaXajEIjqF8a4iNYiOkQFl%2B25GCKUpLlq4%2B2IetlPZJ6seLQlYREYdqhuYOKUfvsgrS2PT%2F683iYtgo7C41zdm69uLO%2F7moiJn%2FRcWBDQg9n1MiIlyC0%2BX%2BMyKeOTs9Lc"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://button.flattr.com/loader.js?mode=auto
cf-ray
8441974ec96e65d4-FRA
alt-svc
h3=":443"; ma=86400
content-length
178
collect
www.google-analytics.com/j/ 		16 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=472561221&t=pageview&_s=1&dl=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ul=en-us&de=UTF-8&dt=Detexify%20LaTeX%20handwritten%20symbol%20recognition&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1900865930&gjid=592554396&cid=416586520.1705022574&tid=UA-8668142-3&_gid=647290760.1705022574&_r=1&_slc=1&z=110135584
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9099aeba23edeb9b363856abf07dad409c2319ddc624551d990455573b7b5ac6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://detexify.kirelabs.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 01:22:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://detexify.kirelabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A824 		719 B
527 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&h=50&slotname=2804888725&adk=3049951324&adf=3076384377&pi=t.ma~as.2804888725&w=320&lmt=1585690282&format=320x50&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&wgl=1&dt=1705022573610&bpp=2&bdt=705&idt=244&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=3785067553800&frm=20&pv=2&ga_vid=416586520.1705022574&ga_sid=1705022574&ga_hid=472561221&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080353%2C95320894&oid=2&pvsid=3382613327515249&tmod=992419135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31080353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca6184b7733c4e767a5f48223e4085ac51e562944fd074c721a51cf026ee6503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
354
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 01:22:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 440D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&adk=1812271804&adf=3025194257&lmt=1585690282&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x1080_r&format=0x0&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&dt=1705022573680&bpp=1&bdt=775&idt=183&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&nras=1&correlator=3785067553800&frm=20&pv=1&ga_vid=416586520.1705022574&ga_sid=1705022574&ga_hid=472561221&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080353%2C95320894&oid=2&pvsid=3382613327515249&tmod=992419135&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=188
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31080353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2afc179923a143621b5347dd3ba0c98a3db7fdb3ea184dffa34ad6d4e4fe09d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
4579
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 01:22:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8668142-3&cid=416586520.1705022574&jid=1900865930&gjid=592554396&_gid=647290760.1705022574&_u=IEBAAEAAAAAAACAAI~&z=334434436
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://detexify.kirelabs.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 12 Jan 2024 01:22:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://detexify.kirelabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P837L6ZG89&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e62974feae330b0af5a9d7135ee9f6144ec8bf40aa8d3ea9f1a052f6b6803d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83983
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 01:22:53 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P837L6ZG89&gtm=45je41a0v9134576085&_p=1705022573879&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=416586520.1705022574&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&dt=Detexify%20LaTeX%20handwritten%20symbol%20recognition&sid=1705022574&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1559
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P837L6ZG89&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 01:22:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://detexify.kirelabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
design-5d6684ff.css
assets.gumroad.com/packs/css/ 		397 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/css/design-5d6684ff.css
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/js/overlay-35993addac6808bc1e47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce39096bafd054c37ebb95e158315d89ad2e303606fea4c1a05f90455d9ae25f

Request headers

Referer
http://detexify.kirelabs.org/
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:54 GMT
via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
PHL50-C1
age
2041948
cf-polished
origSize=424974
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Tue, 19 Dec 2023 06:47:38 GMT
server
cloudflare
etag
W/"ae237622459368c900a3b2851cee9c1f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag, Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
public, max-age=31536000
vary
Origin, Accept-Encoding
cf-ray
84419750bd351e68-FRA
x-amz-cf-id
xIV3Lt4uiTm2MaUZdStgMZg9pGkLvYuwsxBmm6EdAZjC4ClJStoJ9w==
expires
Sat, 11 Jan 2025 01:22:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31080353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
835b2d088adf01edf2a87f469305e9c63af726158e6d5bc4aa38d89f3646f577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12262
x-xss-protection
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2065258c5093f1e788ba7c67392446216e7280565a620edafc1badb0e0a1d229

Request headers

Referer
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31080353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 01:22:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B46F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18729
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 20:10:45 GMT
expires
Fri, 10 Jan 2025 20:10:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 364A 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cb2bbc78764c0414ed0e6aa23492da00f43d5c9fa5e344a750d875ad86abe355
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2TEzkbzjBnQC8EyYL29MPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2TEzkbzjBnQC8EyYL29MPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 01:22:54 GMT
expires
Fri, 12 Jan 2024 01:22:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame B46F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
18791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:09:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 364A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=3382613327515249&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B46F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Vvxr5Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:22:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=3382613327515249&bg=!0dKl0p3NAAaumcC-jpk7ADQBe5WfOFRoYtwfgfMHTL4WLS6LqxrUMcnFh_cLg8gqOZpbcLjC5OO1jXVLs5Xk-4oBmmtaAgAAADxSAAAAAmgBB5kCxz6px3gMzNhwtCinokzC_7U6HPfGMeyI9_YA2r7elm_XrT8spcOyyLSQ9rhBqlA0mLvHZVxLUK8ST1ffDLvnaT0cU9uXRz2kVjE2FMWjZ-B00OyY9ZUwKBqnt5SNdkHHqxtEYlS6BBrjMvpmZC3GIlKp5aTEzkCP2IbiDjo-CnvIkAskqn249buDmV5hwo-LWAX6ySajEQOU_F_Zft0qWflXg1UUPZZuK6C9NMdePGECdTebEP0BVWQ_MRGq0D4eEySHUJMdIBPAB54_3KoCTurwKbivDugLsdNJ7RG6XLIdtFKbI2x_3gBSLKMUZtNSx6XER5YvutPqLEYmupjGzmWw1DS5nTCKduq5_c46BSDR5xv3ya_-rheMk_rTNkSPJkBBWX-iOk7gLTl5HidzTfZw1KUrNM5iz0bqWLvISIgpp3A8pxXUlDECkrlFoYsI-s9FbegfdwMHwfirv_-ky5pKEdZrdl_WN-KvNFJz6iXaB056p0OlnQcTcct-uVFfo-biUDoc20d-KPeIOlNi5b6F0P6A_rX-uYSvSlPYOSS_8urbEPx0JoNQpmPrX9rZaBNJXx7E2YRhYCeN2X55kA-cWTx5bIy4gPMXg8Y25okx9S4P93ji7YyXHwIqpUzf15NNktmDXf0uRD8jG_bJcw2eGsyA8dccJWGsSfvfSeLTwBisspzm3UQ_Zu5_5hGrbWDFIiAPJJklqMYKsVPXEEzlxGVX3papwI1uxOCPq8k2B-9LVsyl6AuuD8fQAyR8VKSFoS1Ae3vlFs5hAkKN5pskHH6CJyZNKAyHfWIbVxcnbC8JWMlUL1M5UyMx4L91trxlMBSto4ix6sZVib6RkISi93E2iO7n0mmgS4OfZX1vAba1Kj4WW6k9_H-Cr_CNnzl5V6AJIaICxMNC1vcWfX18BKGyPt0D2CcaJZImfAfQxl375RIIxQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| Detexify function| $ function| jQuery function| Canvassified function| Raphael function| _ function| populateSymbolList object| adsbygoogle function| trackOutboundLink object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| GoogleAnalyticsObject function| ga object| google_ama_state number| google_rum_task_id_counter object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| dataLayer object| google_tag_manager object| googletag object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.kirelabs.org/ Name: _ga
Value: GA1.2.416586520.1705022574
.kirelabs.org/ Name: _gid
Value: GA1.2.647290760.1705022574
.kirelabs.org/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.kirelabs.org/ Name: _ga_P837L6ZG89
Value: GS1.2.1705022574.1.0.1705022574.0.0.0
.kirelabs.org/ Name: __gads
Value: ID=789c94ec017f3c03:T=1705022573:RT=1705022573:S=ALNI_MaomguZ92aWyGUTTZGkKNhGy2FAnQ
.kirelabs.org/ Name: __gpi
Value: UID=00000d3facfc70bc:T=1705022573:RT=1705022573:S=ALNI_MYFF35dALCwkKmBKtiTheE6nQA3vQ

5 Console Messages

Source Level URL
Text
network error URL: http://gttp.co/v1.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gttp.co/v1.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&adk=1812271804&adf=3025194257&lmt=1585690282&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x1080_r&format=0x0&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&dt=1705022573680&bpp=1&bdt=775&idt=183&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&nras=1&correlator=3785067553800&frm=20&pv=1&ga_vid=416586520.1705022574&ga_sid=1705022574&ga_hid=472561221&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080353%2C95320894&oid=2&pvsid=3382613327515249&tmod=992419135&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=188
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&h=50&slotname=2804888725&adk=3049951324&adf=3076384377&pi=t.ma~as.2804888725&w=320&lmt=1585690282&format=320x50&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&wgl=1&dt=1705022573610&bpp=2&bdt=705&idt=244&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=3785067553800&frm=20&pv=2&ga_vid=416586520.1705022574&ga_sid=1705022574&ga_hid=472561221&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080353%2C95320894&oid=2&pvsid=3382613327515249&tmod=992419135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://button.flattr.com/loader.js?mode=auto
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.flattr.com
assets.gumroad.com
button.flattr.com
detexify.kirelabs.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gttp.co
gumroad.com
pagead2.googlesyndication.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypalobjects.com
192.229.221.25
2001:4860:4802:32::36
2606:4700:20::681a:afb
2606:4700:20::681a:bfb
2606:4700:3030::6815:13a8
2606:4700::6810:c019
2606:4700::6810:c119
2a00:1450:4001:801::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
54.237.133.81
0d48c3654cc181a7c572f32a2c63af7f752f00decf77052ff9986c5c7312730b
1e0aca1e4984208f842c6ea49f1752c4ced0b425581ef16864283e502b0e4a8a
2065258c5093f1e788ba7c67392446216e7280565a620edafc1badb0e0a1d229
2afc179923a143621b5347dd3ba0c98a3db7fdb3ea184dffa34ad6d4e4fe09d8
2d74a3db55720dc2f492b65c2234033db1ec80ffe72f9c01b7f22b09c0472dd0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
35474f3edacc79f052b2860eeaa0bd40c3dbf426a84c7381a5f80eb723c3aacc
37c48d82d0ba43adc99686a5575f9c5e0887729d3f191e7b0cbdc14d201e65bd
3b2286e41fb8ddb39d9e34d94255edc34e4d209e23291abf5bcdc17c59df4580
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4df41d841402fedbee9fb11981ccbc96eb3143097a2a1fcd741e81a6366e1a6c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72112388fedc8d52c9056e2b947553d7e5b1bb79a78a936be2465ab20fbffbba
835b2d088adf01edf2a87f469305e9c63af726158e6d5bc4aa38d89f3646f577
8683569e70ba56fe875c851c0644f88f4addbe753e299a710abc81f965052f71
9099aeba23edeb9b363856abf07dad409c2319ddc624551d990455573b7b5ac6
c6309b8d07470d8662dfa822f4f5aabd278ae570e4907a5e44299a6f1795d26f
c6b532d25e5a7cf5a30ca7381038ab815c7548dcab62c4c73b20c5433aad9571
ca6184b7733c4e767a5f48223e4085ac51e562944fd074c721a51cf026ee6503
cb2bbc78764c0414ed0e6aa23492da00f43d5c9fa5e344a750d875ad86abe355
ce39096bafd054c37ebb95e158315d89ad2e303606fea4c1a05f90455d9ae25f
da3a4a9ffefbd4c563fc28b1cb72a6b2cec089285f571e6c682e35a825d1ff76
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62974feae330b0af5a9d7135ee9f6144ec8bf40aa8d3ea9f1a052f6b6803d48
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
f3d8669ecf184c18fee97f4a035da96784c4cb3aaab1b87cb443a0515d5ae18c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995