URL: https://ewers-demo.pages.dev/
Submission: On November 12 via api from US — Scanned from CA

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 21 HTTP transactions. The main IP is 172.66.47.102, located in United States and belongs to CLOUDFLARENET, US. The main domain is ewers-demo.pages.dev.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.
This is the only time ewers-demo.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 172.66.47.102 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2600:9000:24f... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
21 5
Apex Domain
Subdomains
Transfer
12 pages.dev
ewers-demo.pages.dev
154 KB
7 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 4286
423 KB
1 gstatic.com
fonts.gstatic.com
72 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
1 KB
21 4
Domain Requested by
12 ewers-demo.pages.dev ewers-demo.pages.dev
7 images.ctfassets.net ewers-demo.pages.dev
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ewers-demo.pages.dev
21 4

This site contains links to these domains. Also see Links.

Domain
www.brdr-ewers.dk
www.ewersonline.dk
ewersenergi.dk
www.ewerslandbutik.dk
Subject Issuer Validity Valid
ewers-demo.pages.dev
WE1
2024-11-11 -
2025-02-09
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M02
2023-12-19 -
2025-01-16
a year crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ewers-demo.pages.dev/
Frame ID: F16C97E10E78C812711AC5339F2DC046
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

Brødr. Ewers. Alt til landbruget. Se mere | brdr-ewers.dk

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

652 kB
Transfer

966 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ewers-demo.pages.dev/
25 KB
6 KB
Document
General
Full URL
https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97184af1d7d99d71c3049eb0b4f83872881a2d4a1717ae50fe4189a9ee9c777

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8e18bd3cb885aba8-YYZ
content-encoding
br
content-type
text/html
date
Tue, 12 Nov 2024 18:55:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wF2LnMsyIZTxrWosSxooT5mz4gdgLu5r5Hf%2FNuJr2M38YREmMRv6jqN2gbjntN1Dn5mYtguR85lS%2Fn7G1Ki4Gy40wojqiykf4NNuPbTbX1vmv2JAFUugxB2DsWikI0taps78M2GVdg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=33683&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4206&recv_bytes=5778&delivery_rate=527&cwnd=12000&unsent_bytes=0&cid=c7292a2dcb31184e&ts=397&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
root-DJZ2MvXv.css
ewers-demo.pages.dev/assets/
9 KB
3 KB
Stylesheet
General
Full URL
https://ewers-demo.pages.dev/assets/root-DJZ2MvXv.css
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f58f84a627e598dff38d8c68d0c98f198bc081824ca1dd9e8e1b97d011a7e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"743aa2acb11ae6ab8fcb2714cd32b987"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVWVM7mDw2svc9R8ZMIOF0WwdmMSss2x9gXy4FQa6T4UJbapXWd3qsVpcpqkKLgN6gLd%2B8qVz4jh%2FFp%2BWEmoYWNzgzevNaZu4%2FDIlef9EGXK0CMFHKMwP49podsEoZsP6B47cSZdig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31665&sent=50&recv=33&lost=0&retrans=0&sent_bytes=43578&recv_bytes=9240&delivery_rate=98589&cwnd=21600&unsent_bytes=0&cid=c7292a2dcb31184e&ts=624&x=1", cfExtPri, cfHdrFlush;dur=4
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d61aba8-YYZ
access-control-allow-origin
*
server
cloudflare
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&display=swap
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f090d8d164f2fc67945ebb12af1d676601f85beb10005e7402d49119f8b90c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 18:55:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 12 Nov 2024 17:17:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
block-ByNiLjPe.css
ewers-demo.pages.dev/assets/
14 KB
5 KB
Stylesheet
General
Full URL
https://ewers-demo.pages.dev/assets/block-ByNiLjPe.css
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29efcefa619cc0dc2611d3177c52e6bcdc6391d8527f26cf50a7ecbf9845087b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"008785252ca4d4054b22ce2de4d6867c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbVFfH8W2IY73WFRyy%2Bw9%2Fpr4l%2FK46ZWZgMJcL8dMtTsZ6EuvETEiDf%2FOxlO5RK7wE7jSEic2AW%2BlBibUcpVcTIimvoqyi0q3PYgaU07w2tXqz%2B2oCCvxD8rBnBZ24XQESWbdJkFdg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31665&sent=50&recv=33&lost=0&retrans=0&sent_bytes=43578&recv_bytes=9240&delivery_rate=98589&cwnd=21600&unsent_bytes=0&cid=c7292a2dcb31184e&ts=620&x=1", cfExtPri, cfHdrFlush;dur=8
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d64aba8-YYZ
access-control-allow-origin
*
server
cloudflare
ewers_logo-slogan-200x62.png
images.ctfassets.net/913v0m82f240/6NVIWnh4veffX8yOq9R5WY/f1c9ad397190c9bbb311a574b6ea64f7/
11 KB
12 KB
Image
General
Full URL
https://images.ctfassets.net/913v0m82f240/6NVIWnh4veffX8yOq9R5WY/f1c9ad397190c9bbb311a574b6ea64f7/ewers_logo-slogan-200x62.png
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
71e3b9820dd15e942b5ff8178c9349ec70634ab17498a66a69654c37c2cca651

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

cache-control
max-age=31536000
etag
"c11fa20314c1c6b52fb7642335e581c5"
via
1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
content-length
11735
x-amz-cf-id
gKw1A926ymVSFRj8L58kD51fWTurxBR7zOZcqfBE7m1gR9LTsnBi7w==
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
image/png
last-modified
Fri, 08 Nov 2024 12:23:55 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
house.svg
images.ctfassets.net/913v0m82f240/6n0nDhRxY25fttPfMecUuT/90d5a0621c09c9cecf3c3b161926a3fc/
390 B
752 B
Image
General
Full URL
https://images.ctfassets.net/913v0m82f240/6n0nDhRxY25fttPfMecUuT/90d5a0621c09c9cecf3c3b161926a3fc/house.svg
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
6c605223b18d1ef2b738ada3f31fea8d1636431d6eab6e7227ad0ac3a42f134a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

cache-control
max-age=31536000
etag
"135412acd35742ab64ee40fb95cc6059"
via
1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
390
x-amz-cf-id
7YZvwo6KJXtEnsgN8FRBoKHVQhQ71JfWafBz1oXXrSekDCO_f4Umrg==
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 08:37:11 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
shopping-cart.svg
images.ctfassets.net/913v0m82f240/3K85W8Vua5lZUNrpmIzeCT/ec3eb8276490a4a2e070405c6a5b2501/
376 B
738 B
Image
General
Full URL
https://images.ctfassets.net/913v0m82f240/3K85W8Vua5lZUNrpmIzeCT/ec3eb8276490a4a2e070405c6a5b2501/shopping-cart.svg
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
2023d743c72040fea5588f848dc2da39eaa3d62cbdf0571ddc9d7778eef13e6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

cache-control
max-age=31536000
etag
"61c956c906ae2ba50bcd5b126dc17f19"
via
1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
376
x-amz-cf-id
RKTGnING1Th6NCZuoM0S62cqonPAq5do9dDzlTQYtlYqxpYC8HuQDA==
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 08:39:49 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
flame.svg
images.ctfassets.net/913v0m82f240/6UxnCQcF4566DMuGrjlwhn/29f1c30113560e51a589175281ba0c35/
396 B
760 B
Image
General
Full URL
https://images.ctfassets.net/913v0m82f240/6UxnCQcF4566DMuGrjlwhn/29f1c30113560e51a589175281ba0c35/flame.svg
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
14a1d4be9cf0eb9cb2b63fbdcbdd62625c91679df041387b03597ed368338245

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

cache-control
max-age=31536000
etag
"5df7df8e497b48468f1393b2c864da58"
via
1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
396
x-amz-cf-id
Xk0FK1EwGYNWDuJzK5fR4NZe-88M6EHPvihF-QORSfBbhdTiFm_ZVQ==
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 08:40:18 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
tractor.svg
images.ctfassets.net/913v0m82f240/BlJXXnzutm3fMieuKJfo0/28ca11d38a2c2594ffd4f7b88dabe1ab/
522 B
885 B
Image
General
Full URL
https://images.ctfassets.net/913v0m82f240/BlJXXnzutm3fMieuKJfo0/28ca11d38a2c2594ffd4f7b88dabe1ab/tractor.svg
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
f0040ed54cdae86028d30235acd623a648af86dcf4c47ef9a4835f0cf1bdd1ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

cache-control
max-age=31536000
etag
"0b642425747b9d7a69907ee7f2daa48d"
via
1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
522
x-amz-cf-id
bh8SRzcBow8r3cafIXV49nGK2jE_1uxyG5RvJq9puBxmXr4indskvQ==
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 08:40:49 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
entry.client-DxQNkdMl.js
ewers-demo.pages.dev/assets/
4 KB
2 KB
Script
General
Full URL
https://ewers-demo.pages.dev/assets/entry.client-DxQNkdMl.js
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844685c6b0e5e686ac04ab9e4738d8fbd607168e9620a173084185ad9c1b43de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"10140ef78333ffc8e5da6763e5439283"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2BGgusRX5Q%2BeyCFWVrQ8uYIDRBkkKlrJpDwf%2FRaecmBiAmyA%2FCcAqF8J7iVFuQ4F%2B5e5esKLxwKIqYfENr1LiaCoWPNx0%2FJNLteb6ZtO83Y5O1PNlACpQYasPYYh6IoXhdm5ApX0rw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31730&sent=19&recv=24&lost=0&retrans=0&sent_bytes=10068&recv_bytes=8847&delivery_rate=231074&cwnd=12000&unsent_bytes=0&cid=c7292a2dcb31184e&ts=573&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d68aba8-YYZ
access-control-allow-origin
*
server
cloudflare
components-BFcXdDce.js
ewers-demo.pages.dev/assets/
250 KB
82 KB
Script
General
Full URL
https://ewers-demo.pages.dev/assets/components-BFcXdDce.js
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58980f91971ddd01010c3dd11eabe0e1e3546a5d4477473552b4d2965e5ae52a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"eab0d7edffa7bc0c2432b24e6e695aa9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UsKEiqV8i9ThhLNBeTCJ%2B1APcmlM0c3hIWo2QLemZOPvPGnJkHv5Dp06GO%2Ffa8P4M6PgaSFJDjqsbpA8VUfdn8JspMWfZ8t6LbO9vP3y0e4icmQZbBwrsrum%2BXZspaGbl2ymCGL5tg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31730&sent=31&recv=24&lost=0&retrans=0&sent_bytes=21978&recv_bytes=8847&delivery_rate=231074&cwnd=12000&unsent_bytes=0&cid=c7292a2dcb31184e&ts=581&x=1", cfExtPri, cfHdrFlush;dur=18
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d6aaba8-YYZ
access-control-allow-origin
*
server
cloudflare
root-OKg8o1mn.js
ewers-demo.pages.dev/assets/
2 KB
2 KB
Script
General
Full URL
https://ewers-demo.pages.dev/assets/root-OKg8o1mn.js
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2dbd45213c586a455b55e030f602366367932361b435beef023b62d8bae4e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"641911fe102d819e07967a223b564d12"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpKEFKZejiWby3o0xT4F6LDP%2FbrkTYOEGo1tf9gHl8WHEFCNd6w3w5LOqEYYNRlqJgpr8GzVhOQ0kbrKiI13swotjyyuqqTRBjDKVKlII3Psu8d%2F48Cqw9%2F6tFH3%2FdAH7Zd9l6MRVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31730&sent=21&recv=24&lost=0&retrans=0&sent_bytes=12252&recv_bytes=8847&delivery_rate=231074&cwnd=12000&unsent_bytes=0&cid=c7292a2dcb31184e&ts=574&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d6daba8-YYZ
access-control-allow-origin
*
server
cloudflare
index-DMr4gurG.js
ewers-demo.pages.dev/assets/
21 KB
8 KB
Script
General
Full URL
https://ewers-demo.pages.dev/assets/index-DMr4gurG.js
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c0cce846a6dc2152e3b7284ef8783b198745fe880da4ede784ca86027de851
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"2c3916c56eae30b014576f2721539ff4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6dgvBq0Yf82ENcee0oRUMKl%2BaU83HpRETd2QbcflmM2ETlkFTR%2BWrTrNrtHmuqh%2FQpf8w6yuJ8%2BMvA%2BklALSKYEV98sy3k8yI5QB8B6yDn7syoybAKO0wCbkXJjyVgz6tL3TilSMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31730&sent=24&recv=24&lost=0&retrans=0&sent_bytes=13925&recv_bytes=8847&delivery_rate=231074&cwnd=12000&unsent_bytes=0&cid=c7292a2dcb31184e&ts=581&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d6eaba8-YYZ
access-control-allow-origin
*
server
cloudflare
_layout-_t-j8N6R.js
ewers-demo.pages.dev/assets/
5 KB
3 KB
Script
General
Full URL
https://ewers-demo.pages.dev/assets/_layout-_t-j8N6R.js
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa430974f3d67f4ebb814a8d9ea534d059fce29a07ba0d535ef3e63e6973a75b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"7f7c04d3a551a4805edbc74cfd8297b1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HEsvW2bnqDgmrHQDb%2BON3W47rsW6hAofEdynlU0hTGe9p%2FZhFDBerdQdDCRO4%2FL%2BBIYBVjDlQZki0s9NMkQmGCF2IfTiJiei%2FC3dsGQMTQlySYAOqEcMBISd2vVsT860bNFsGukpbA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31730&sent=31&recv=24&lost=0&retrans=0&sent_bytes=21978&recv_bytes=8847&delivery_rate=231074&cwnd=12000&unsent_bytes=0&cid=c7292a2dcb31184e&ts=582&x=1", cfExtPri, cfHdrFlush;dur=17
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d72aba8-YYZ
access-control-allow-origin
*
server
cloudflare
block-KIvRYpHV.js
ewers-demo.pages.dev/assets/
121 KB
38 KB
Script
General
Full URL
https://ewers-demo.pages.dev/assets/block-KIvRYpHV.js
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643736a111470f464ba0d23a7393bbf18c3d6aad8a56c075b32091ea4026f2a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"ba4310ce57737aea712ba3747d7ed266"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAAjRq5iVThWgDFpneBo%2BVFy5GnAdvTYJvdHb5uC7obOhtxNAwYF%2FNQZhJA7%2B0FIkZlrtlocta19LV9Pz6xvTgS7CFSZWWaoo%2BOdZOb3D50MQUGZJP2B6Xfv4cDoxpMj%2ByX%2BvLPzYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31665&sent=50&recv=33&lost=0&retrans=0&sent_bytes=43578&recv_bytes=9240&delivery_rate=98589&cwnd=21600&unsent_bytes=0&cid=c7292a2dcb31184e&ts=608&x=1", cfExtPri, cfHdrFlush;dur=24
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d75aba8-YYZ
access-control-allow-origin
*
server
cloudflare
index-Eur7QDaX.js
ewers-demo.pages.dev/assets/
413 B
968 B
Script
General
Full URL
https://ewers-demo.pages.dev/assets/index-Eur7QDaX.js
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ccec78c8ba202a81b226ac3f45b3bdc5782e81d98a055e5ce5bb7bff6f7c664
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"1ee1904daf2379996068d31c3d3d8569"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2F0cYap4DlWAOL2c%2BLjnelQU1mMu6HYhUYTV%2BySoSLG9T%2BGQLar7XgPCh8agzadVzoyjzbMGkRNXTVh%2FN7iEFpSUx7xExiYStd1xXM9NLFxcqiUHdoZrnjn6WHbhUx%2FOTPMA7qOkBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31730&sent=31&recv=24&lost=0&retrans=0&sent_bytes=21978&recv_bytes=8847&delivery_rate=231074&cwnd=12000&unsent_bytes=0&cid=c7292a2dcb31184e&ts=582&x=1", cfExtPri, cfHdrFlush;dur=19
date
Tue, 12 Nov 2024 18:55:57 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd3f5d77aba8-YYZ
access-control-allow-origin
*
server
cloudflare
ewers_mark.jpg
images.ctfassets.net/913v0m82f240/41izVe8poGXLCIgJcrnGyq/01d1853a0833e54fadb54a33f2d07f6b/
318 KB
318 KB
Image
General
Full URL
https://images.ctfassets.net/913v0m82f240/41izVe8poGXLCIgJcrnGyq/01d1853a0833e54fadb54a33f2d07f6b/ewers_mark.jpg
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
cc5b146e712e614932776c95d38898f79b454b672fbc0e113c3aab0f46356c62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

cache-control
max-age=31536000
etag
"465b6f6c2be8d0fed77cce1e00e0a477"
via
1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
content-length
325221
x-amz-cf-id
RRksXjy1XajKSUeX1rdQBYqB0fHmhiZqlGfkcxKxr9jhsehpeWIaBA==
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 10:18:53 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
Ewers-kvaeg-3-scaled.jpg
images.ctfassets.net/913v0m82f240/0JiW0y6v8W0hJoBEQuMaM/ff61cf0bd461f996bcbe7e884160703a/
89 KB
89 KB
Image
General
Full URL
https://images.ctfassets.net/913v0m82f240/0JiW0y6v8W0hJoBEQuMaM/ff61cf0bd461f996bcbe7e884160703a/Ewers-kvaeg-3-scaled.jpg
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a3be7e78269b26d59983ca78025b80c266c1c6b389d615e7929bddcb0baf8f94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

cache-control
max-age=31536000
etag
"d3307813bd9dc70f4465a1e95075bb19"
via
1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
91093
x-amz-cf-id
coZzR37uOxCyoq3q-W5SKVf2-YQcvZ3HM9_0PcCjS8ZKtmx1wCS6uw==
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 10:19:46 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
UcCo3FwrK3iLTcviYwY.woff2
fonts.gstatic.com/s/inter/v18/
71 KB
72 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
427289
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 20:14:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 20:14:29 GMT
last-modified
Mon, 29 Jul 2024 22:45:17 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
73080
x-xss-protection
0
server
sffe
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ewers-demo.pages.dev
Referer

Response headers

Content-Type
application/font-woff;charset=utf-8
__manifest
ewers-demo.pages.dev/
1 KB
970 B
Fetch
General
Full URL
https://ewers-demo.pages.dev/__manifest?p=%2F&p=%2Fmark&p=%2Fmark%2Fsasaed&version=6ad4844f
Requested by
Host: ewers-demo.pages.dev
URL: https://ewers-demo.pages.dev/assets/components-BFcXdDce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3df0352806fe2ec14c88064a341f9daa3f1703f641a1356507cab26bd73442

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tHUYwYkUrkqEE8f6RoS%2BlInGzZlvYO%2FwaYWKCpMsNRvibpyQD1hI%2FvyhH6Pv2BNV%2Fvci8goZ3YRHBxfPLxPgxy6ccFL4QFO3iC01bhnlnZNUuxYCKi2nmEqRC1fA%2BiAH0XHnEsyxFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e18bd456e62aba8-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30943&sent=156&recv=93&lost=0&retrans=0&sent_bytes=159861&recv_bytes=12516&delivery_rate=1798320&cwnd=79500&unsent_bytes=0&cid=c7292a2dcb31184e&ts=1479&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
favicon.ico
ewers-demo.pages.dev/
17 KB
5 KB
Other
General
Full URL
https://ewers-demo.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ff6fa1450c106b5bbc2b7368d888e70f6e799df8f117fccee2a469926b4417
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ewers-demo.pages.dev/

Response headers

content-encoding
br
etag
W/"1e3e5c3f2f2cc7c647122e8da1f85fd9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1WfBiEScKiut5khMUOdzAAoslDaIAIMmm3SmR5lRieg95AdUmmfS2%2ByteusE6KOyL03XoTQVSu%2Bmpa%2F7FIgRw6iSHR7fe7R6iW0HPfhpyFRKnL3WKPHe4ywh92nTpz4U86oFjNGgA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31369&sent=157&recv=94&lost=0&retrans=0&sent_bytes=160854&recv_bytes=12561&delivery_rate=11120&cwnd=79500&unsent_bytes=0&cid=c7292a2dcb31184e&ts=1559&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 18:55:58 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=3600, s-maxage=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e18bd459ed1aba8-YYZ
access-control-allow-origin
*
server
cloudflare

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __remixContext string| __reactRouterVersion object| __remixManifest object| __remixRouteModules object| __remixRouter

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ewers-demo.pages.dev
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
172.66.47.102
2600:9000:24f0:4400:12:94b3:c380:93a1
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c0b::5f
14a1d4be9cf0eb9cb2b63fbdcbdd62625c91679df041387b03597ed368338245
1f2dbd45213c586a455b55e030f602366367932361b435beef023b62d8bae4e3
2023d743c72040fea5588f848dc2da39eaa3d62cbdf0571ddc9d7778eef13e6d
21f58f84a627e598dff38d8c68d0c98f198bc081824ca1dd9e8e1b97d011a7e3
29efcefa619cc0dc2611d3177c52e6bcdc6391d8527f26cf50a7ecbf9845087b
39ff6fa1450c106b5bbc2b7368d888e70f6e799df8f117fccee2a469926b4417
58980f91971ddd01010c3dd11eabe0e1e3546a5d4477473552b4d2965e5ae52a
643736a111470f464ba0d23a7393bbf18c3d6aad8a56c075b32091ea4026f2a3
6a3df0352806fe2ec14c88064a341f9daa3f1703f641a1356507cab26bd73442
6c605223b18d1ef2b738ada3f31fea8d1636431d6eab6e7227ad0ac3a42f134a
71e3b9820dd15e942b5ff8178c9349ec70634ab17498a66a69654c37c2cca651
844685c6b0e5e686ac04ab9e4738d8fbd607168e9620a173084185ad9c1b43de
94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a
9ccec78c8ba202a81b226ac3f45b3bdc5782e81d98a055e5ce5bb7bff6f7c664
a3be7e78269b26d59983ca78025b80c266c1c6b389d615e7929bddcb0baf8f94
aa430974f3d67f4ebb814a8d9ea534d059fce29a07ba0d535ef3e63e6973a75b
b5c0cce846a6dc2152e3b7284ef8783b198745fe880da4ede784ca86027de851
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
cc5b146e712e614932776c95d38898f79b454b672fbc0e113c3aab0f46356c62
d97184af1d7d99d71c3049eb0b4f83872881a2d4a1717ae50fe4189a9ee9c777
f0040ed54cdae86028d30235acd623a648af86dcf4c47ef9a4835f0cf1bdd1ab
f090d8d164f2fc67945ebb12af1d676601f85beb10005e7402d49119f8b90c92