urlscan.io logo urlscan.io
SecurityTrails logo

the-immediatex.com Open in urlscan Pro
2606:4700:3030::6815:27db  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://the-immediatex.com/
Effective URL: https://the-immediatex.com/
Submission Tags: scythethephish
Submission: On May 30 via api from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3030::6815:27db, located in United States and belongs to CLOUDFLARENET, US. The main domain is the-immediatex.com.
TLS certificate: Issued by GTS CA 1P5 on May 28th 2024. Valid for: 3 months.
This is the only time the-immediatex.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 26 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.222.232.99 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
39 6
26    2606:4700:3030::6815:27db (United States)

ASN13335 (CLOUDFLARENET, US)
the-immediatex.com
api.the-immediatex.com
1    52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
26 the-immediatex.com
the-immediatex.com
api.the-immediatex.com
245 KB
9 gstatic.com
fonts.gstatic.com
110 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
3 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
fonts.googleapis.com — Cisco Umbrella Rank: 33
7 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
39 5
Domain Requested by
23 the-immediatex.com 1 redirects the-immediatex.com
9 fonts.gstatic.com fonts.googleapis.com
3 api.the-immediatex.com the-immediatex.com
api.the-immediatex.com
2 cdnjs.cloudflare.com the-immediatex.com
cdnjs.cloudflare.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com the-immediatex.com
1 d3e54v103j8qbb.cloudfront.net the-immediatex.com
39 7

This site contains no links.

Subject Issuer Validity Valid
the-immediatex.com
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://the-immediatex.com/
Frame ID: 167420A184DAD3BBA472524123ED5027
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ImmediateX ™ - The Official App WebSite 2024 [UPDATED]

Page URL History Show full URLs

  1. http://the-immediatex.com/ HTTP 307
    https://the-immediatex.com/ Page URL
  2. https://the-immediatex.com/cdn-cgi/phish-bypass?atok=.6WgcTE3DuamuwdnoA.l76uYfmIoqfNABbjWOrsPW5A-171708... HTTP 301
    https://the-immediatex.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

395 kB
Transfer

719 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://the-immediatex.com/ HTTP 307
    https://the-immediatex.com/ Page URL
  2. https://the-immediatex.com/cdn-cgi/phish-bypass?atok=.6WgcTE3DuamuwdnoA.l76uYfmIoqfNABbjWOrsPW5A-1717086514-0.0.1.1-%2F HTTP 301
    https://the-immediatex.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://the-immediatex.com/ HTTP 307
  • https://the-immediatex.com/

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
the-immediatex.com/
Redirect Chain
  • http://the-immediatex.com/
  • https://the-immediatex.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53335fc7de197a23a9632360d62614e9372558b53157ae7435d2105c4a49b029
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cf-ray
88c0191c9a2092c9-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 16:28:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BxCg7Iln0EIuz74o7bbrDd3fktBtBV5IQIH7qIBCngY8qx9binxDSQfwwe8ux9SeSqbsebZUuGxYAYclybOL2NPbnAFXCBaW1%2BjRE14u1DHWN7FQBRb9bazbjlqpATOvpT2FFGhdnMzUfJb7EfNhY4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://the-immediatex.com/
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
the-immediatex.com/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 May 2024 15:04:03 GMT
server
cloudflare
etag
W/"6650ac63-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
88c0191cda6c92c9-FRA
expires
Thu, 30 May 2024 18:28:34 GMT
icon-exclamation.png
the-immediatex.com/cdn-cgi/images/ 		452 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/cdn-cgi/styles/cf.errors.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 May 2024 15:04:03 GMT
server
cloudflare
etag
"6650ac63-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
88c0191d0ab292c9-FRA
content-length
452
expires
Thu, 30 May 2024 18:28:34 GMT
favicon.ico
the-immediatex.com/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db377b66a86501467a6444c013564748b9f1a12c034af68cae4761e2f94e221

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:34 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 29 May 2024 10:35:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ivk5Rjg7xo55TBwjA5%2BaoiRQQcex9eGAqpq4z4kAQo%2F%2Bo%2F4thxTZwPm81I38svW1pwNx5XLIw64f%2BK96IrGfeoRHDR37lNIRnapvZMbGXtaA8nECWfR9ZNDGLapTC7nzRpIpErAXBj2Jpnm8yRCHkJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private
cf-ray
88c0191d2ae592c9-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
the-immediatex.com/
Redirect Chain
  • https://the-immediatex.com/cdn-cgi/phish-bypass?atok=.6WgcTE3DuamuwdnoA.l76uYfmIoqfNABbjWOrsPW5A-1717086514-0.0.1.1-%2F
  • https://the-immediatex.com/
71 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e3ee8013fb25f9e1b8e6bff6a59c540a3020efb0f457ca469f17c0ff4aa1a0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://the-immediatex.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88c0193c7f4092c9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 16:28:39 GMT
last-modified
Wed, 29 May 2024 10:35:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bkzj0zngs4NvF9deeVP7s3o3jxl7hH7zfkmjSx%2BJOnWIlenInpmbY6w1Gu5rwPmV0qT9Vm%2BAlwSUnbhT1cX35XmqyON1GKRd%2BC3eebFPYSHQ6%2Boi5%2BtnHh5hdeF8%2BoTE9CYa0CRKYm0KaFua7UGXjMU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache
cf-ray
88c0193c4f0a92c9-FRA
content-length
167
content-type
text/html
date
Thu, 30 May 2024 16:28:39 GMT
location
https://the-immediatex.com/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
logo.png
the-immediatex.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/logo.png
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e35a355b129060a4e4a1358681d20026b13f726c8da1a69226857873298d5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:39 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7f4-619954fbef4c0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDYLEYxHQ%2FOy9zB5uHnNaF877IUSUkPqYDUG2Ma0VX%2BK%2BsKQwpU6NJ0aN%2B9K%2FoY2W6c8%2Fi1Xu2gOihTUrJyubXYAque%2FfM4imxaZHUGIUsJQcm8aIEkRC7hBr8jaE9WmsUh0RmYhQeV%2FJHGOybTjiyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193d081a92c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
2036
normalize.css
the-immediatex.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/css/normalize.css
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d95ef29b3a8ea5e57fc7385f0b2f798c2843268c45b727d3a87eb5ef85504a4c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"747-619954fa07040-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APHJ513fauKQqQcAgppbiTIDkmHgcGM18F9vIfZePwgGxGWjaOe3nxvDxP9jz2Y2cXUhd67fKYLivGitipfSq9jJoCP2er3aOEySwd1n%2B8LHPbOTkuWtn5cNF40m8sGfN6Q2uNAb59ZGWt5ypTA5wcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193d081c92c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
884
components.css
the-immediatex.com/css/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/css/components.css
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b77ff7000752c0f9d1ac2a031002a2bd2a32ffad1f1ba7ce8e8c2bcdbca65cbe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"75bb-619954fa07040-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNJ%2BhOiacvrWDGOKJoJuyj7vgYyILroE2W1%2BfQrgNaigKfRoA34O6m%2FPO92aJIGwu4sd0AsEHUL2GjydO5mqho3UqF6Y2vmJS3lIlU8i7C1eOm4c0x7Eo0MuP%2F%2BbKhLyUBmRq7vMITSp1diZN1j6b6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193d081f92c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
7605
the-bitcoin-traders-app-new.css
the-immediatex.com/css/ 		43 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683b4ee2870a6037f1edbf50577bba751711f602c3f6497ab03f724c60b831c5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"aae9-619954fafb280-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcrznBPO3mRD1%2FDosDQkvhBkNNLdKH0a11QEfKoQo4sLAZa1z6EXOC0x%2BF4IWAaDkbFK0oYxMhBa6jU6v91EVM2NoL5OBCMbs7c%2F8dZHx4QxhJ5uG80WWojygqiVtMU1m6t45jyA2zeZFx4tIMOzvpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193d082092c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
8108
languageSwitcher.css
the-immediatex.com/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/assets/languageSwitcher.css
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea67b667dec3a3e1f29bed71a5f30c4338465e05f880586f2cb970159996e39

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a46-619954f81ebc0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjP0PSfg3V3JQxcXr3YTBXtvIGjOr6ExJELwWAh8ZCut4DACdQHA%2FUr1eEFfOKxbbD2uG2AwntzqF%2F%2B2sDMJVvDaseM2LZup3jk22opHUtpi%2BVqja6PYM21c8%2BxeZw6Em6GTLSxGmbpAc4w9L5pvCe0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193d082292c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
729
poster_index.jpg
the-immediatex.com/images/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/poster_index.jpg
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a991d3c29bc73ec594f0407865ad91666270b73329c786ed3e4b5fda5710a07f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:39 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c50e-619954fbef4c0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4%2FzdxSxz5nInV%2F4%2BORCrCys%2BJ88oRwrMmMSDwAIncM3KhWFdaGuQuZIOuA3OvVWWd619DeXjRzuTJfSOlWAYIINZN6OaDkjB%2F2y5OOhPsbiMgM1pyR4mwOiWivCXj%2B9p6g1LkcNVCbwdWR4l3U91jg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193d082492c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
50446
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=632c33c83829ee13743e5bc2
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 18:02:13 GMT
content-encoding
br
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
age
80786
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
LrB-Fnk0G5d6hsF6kXsicme-chwQ0SgozV5sRHhp4_iKMMQbbCqTnA==
the-bitcoin-traders-app-new.js
the-immediatex.com/js/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/js/the-bitcoin-traders-app-new.js
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ee7efda89d3aac8247ba7c199b1e5f78870e4fbaf330bc109e1eefb04155d1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:39 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70795
alt-svc
h3=":443"; ma=86400
content-length
18345
last-modified
Wed, 29 May 2024 10:35:35 GMT
server
cloudflare
etag
"c9c0-619954f81ebc0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uRh1JdGbXhSV9Nhp2LUyxUNc%2FebsmUM5cjb8YRP%2F8rtlTVYlqjyzgGBxRWC4%2FmswcnP%2FtostaEHGzTA%2FdXyyH0Ye%2Bb687UngnR9%2BiGvmGVYqvaKHf0KMsA128pXVTcGGb6HMhCO%2FiCosXV%2BQ7qL2h0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193db8f792c9-FRA
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 19:43:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 19:43:01 GMT
languageSwitcher.js
the-immediatex.com/assets/ 		1 KB
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/assets/languageSwitcher.js
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65baaf73001c13bbb1ae1934c4267e35f27855d25a0f2d2ac3dd20f0df6d66ba

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:39 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70795
alt-svc
h3=":443"; ma=86400
content-length
306
last-modified
Wed, 29 May 2024 10:35:35 GMT
server
cloudflare
etag
"455-619954f81ebc0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGqsz8C4Nzd4hTkCf9nKZ95subFo6blS3Uss8D6eKvaQ70kssE3T%2FkjSFu3eJadU3TPopoj79M4zE2BuPIYGKNipSZ0pUpZsstZcRVxne0A2FEAMu1J0w0lmPlUpVvKpajhz%2BF3eXBxAowbiPsI4nI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dc91792c9-FRA
main-bg-2.png
the-immediatex.com/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/main-bg-2.png
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d601c03abac80f21c5757fa665b3aa9cb97618ca84b53f89d5081b988619add4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"dade-619954fce3700"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cahWRwTh%2BnIEzRdX2FwHWf%2Bkgo7Zk8Y9N8%2BgH7%2ByOS93bsKRxOKrjTK1gGu2L6%2FUY2z2aqAW5U3VHDUw%2Fd4cU6T4p4u1x62uGwO73yd%2FKyRbbasuwaQZVk%2FQdGEECybAOKDl5hDRGV2oNOtaNj34HNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dc93392c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
56030
main-bg-1.jpg
the-immediatex.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/main-bg-1.jpg
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313802727f4679d154d76da208cd24262a11f968e855cf0fe78b7ee88629076d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"173a-619954fbef4c0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GTGBa43EoqJqJDGp1nnRKPAIzEYxvAu9w3jarbX3UFXNQ4emhLB%2BrGzKGju860eS9udYyBGEhW5D1zTFZBJhKVc%2BYdT6xMn2sA5RXBMvMwBC8e59pL93%2FI1u2ojJ0ypwUnv9PVZuXXmwwwYpexPSFic%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dc93992c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
5946
trade-ico-1-.png
the-immediatex.com/images/ 		252 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/trade-ico-1-.png
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dad20e33d43b2d8abb476fd05b1c42a1b991a79620675cf6f046020c8657a15

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fc-619954fce3700"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmZ0QaaYDxkZF%2Bq4m4keHkF7vMj6NH45861s0Ydbmc3nXMv7kBR1i%2BZdR705qVFcMHVEshBUEywdFl8fCKMKRYDzvjawfCx9G3NYElXQAsUmiWHmxnTgnllH407fNCkgkAdXM8j6j%2FFsqU6D%2FUUzZnw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dc93b92c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
252
trade-ico-2.png
the-immediatex.com/images/ 		358 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/trade-ico-2.png
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884c6035ed9bb01008e024041e4311443ccc42e1bb7887bd4e42da94c1e42af0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"166-619954fce3700"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbYDoPNyN7r2rprWDt%2Futt3e5kvaINVIkHg3MBiZVGVDbiaUB0EKY0a81%2Bs6EU%2BzlyqslVP%2FuDwMD8w9kbLmq39fjP2VBOqG6yrt4KOYUCQwhWoi%2BeRZyrpT5DI9uZrrph925Y6MrkEIOAixJLU%2Fdz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dc94092c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
358
trade-ico-3.png
the-immediatex.com/images/ 		254 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/trade-ico-3.png
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05df54644b330492beb3859c00b28436babfb866d3e0cc2c30c071ab372dce5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fe-619954fce3700"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JGxT8QucA5OnzRmXGn151VUt1%2FaSologv0mcHsu6whgR5IS164vN9QIKNUXgapNe3ebqovkTYRQxWCAeK88O1vXL1V8K%2FzQbBwndqqZJ3dCf2Edw%2FNk2Qgh4IGrstyl5vqziaTh3wIqGzyWiu3mbCIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dc94192c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
254
scam-bg.jpg
the-immediatex.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/scam-bg.jpg
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2402a83b871e572992428ad16faaa95842b00fea37273520feeb4869b4d929

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/css/the-bitcoin-traders-app-new.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"294c-619954fce3700"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEa6Qd792j8U9TmP5XhxAtTydsrbRx8CYEqyf8oOK%2BUc8HYiHdVdMzFm4xpesEG6XImLffw8JCia7G1LyHtAfywPqS32OIbjhC1Eb0hbLBUym%2F8zRN5b4ShyTe3rp69C9lj8sTgOaEjoFqRFVkp094A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dc94592c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
10572
login-ico_1login-ico.png
the-immediatex.com/images/ 		160 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/login-ico_1login-ico.png
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc273fb4ca58d238d33fb2850f6b4f85dfff7915a61b99c7f522137fb953eed4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a0-619954fbef4c0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbPeO5TRJbVQMAjVgXvGJDAiosQvaOuBFM9uC4%2B33MqNOT0KSb0XwdPKaeg3XEE6cwdQi0RwavVPg8iL4fpPT2qSCv6Vkt1jsFcX4AmfLuZoMdzsqf%2Bp0A%2FYcwQOtZEMEsQfhaou8qxomeALff4FzXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dd95092c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
160
sign.png
the-immediatex.com/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://the-immediatex.com/images/sign.png
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b5d6eed7782328de69d0109cbb42be7468805394d3a27a9d0954f388b34a60

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 10:35:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8d16-619954fce3700"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MfNLjJbCyfi5Mj1zKQ5iOg1pItg9EIpLEOYnLDynGcdMBTi2GgKgUhwojSBXxakMXZGGi8IPlLyN1Rb4jcSqwnC9uqT9EQG8RpWRhyYu35HXCqE45O5Hheu3IEpnFjsDcxyLxgxBpUmAGvYwvvn9d%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=432000, must-revalidate
accept-ranges
bytes
cf-ray
88c0193dd95292c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
36118
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 16:28:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 May 2024 16:28:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 May 2024 16:28:40 GMT
loader.js
api.the-immediatex.com/dist/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.the-immediatex.com/dist/js/loader.js
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
080173141d4ba42bfe3a55b972586b014797305f510934f1d3cf8cdff0e4720b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 19 Oct 2023 12:40:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"26b2-6081110f19d00;608111100df40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pvrFGSjKvxexBkq38GYb%2Bq6qP90vQeFW2UW9MKlHPoggv3sjG%2BpQo3fxBLdhMk%2F8agb8BvSbYvLYWifSzw6RMmAMobyICgU5WNDDmB5BS1TPrz2plcduBY8rQmyWc8y4cWOn8bcAsEsZ1%2B8AxRcXuMdKHGB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000, public, must-revalidate, private
accept-ranges
bytes
cf-ray
88c0193e8a5092c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
3511
integration.css
api.the-immediatex.com/dist/css/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.the-immediatex.com/dist/css/integration.css
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029562b1a3178f34720b7ef0a798d61a171db1d3939c3292af7ef6486770b55c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Mon, 12 Feb 2024 23:03:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cc04-6113747847340;608111100df40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWcPTyHw0Ec9gtHa9rvHmu1nAEwd4zaMXiP0%2BMW1B%2F3sobB%2FEa5J6pQiY3WOjFg3zbN4zPJrRQ6dQOS4E2obTGyfG%2FJ%2FO3UwLWlANBZ0yQfvD%2Bo85vityFKeGcq1gvowzWRypJCbsHoe4brWlFAOzH3nB1Yk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000, public, must-revalidate, private
accept-ranges
bytes
cf-ray
88c0193e8a5192c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
9140
flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css
Requested by
Host: the-immediatex.com
URL: https://the-immediatex.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
71049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1466
last-modified
Mon, 04 May 2020 16:10:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5d-841a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gz0yWGY6NpeVOOR18wvgljoD%2FguiCgIqKY8JoWbP1Pq9mPFJONGt%2FOD1qTgdWSb%2FoI0htnnEeXRL1ppMXhNo2ubiLFtD51JGDtGma4IoP4j60s85fKNxPonHpXStefv7ZcpksyeZ5XFr1wlCaVE3ygN%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c0193e7dedbb32-FRA
expires
Tue, 20 May 2025 16:28:40 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:41:02 GMT
x-content-type-options
nosniff
age
179258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9576
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:41:02 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:48:23 GMT
x-content-type-options
nosniff
age
178817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:48:23 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:44:23 GMT
x-content-type-options
nosniff
age
179057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9840
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:44:23 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:45:11 GMT
x-content-type-options
nosniff
age
499409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 May 2025 21:45:11 GMT
KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdb12ceee3a402d3a54afe354552459dd3950e9c6dece06288e4cc0a7a7c060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 01:03:15 GMT
x-content-type-options
nosniff
age
228325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9700
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 01:03:15 GMT
gb.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/flags/4x3/ 		538 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/flags/4x3/gb.svg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
135168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
307
last-modified
Mon, 04 May 2020 16:10:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5d-21a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8gye8d2XMXPTLhdmL779JQOh7fODwDSOEiB%2BkWiWNaICQqh99im82WlRxUgpV42Fyc18M4KLfOk6abyQdulwzBQ6vqkLVoquEP5IGb1K%2FQ2urTvgFNG6yp66DkxhuizYLdSnE0PLJ0k29EyPIaI8Wai"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88c0193ece3bbb32-FRA
expires
Tue, 20 May 2025 16:28:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:38:44 GMT
x-content-type-options
nosniff
age
179396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:38:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 00:45:23 GMT
x-content-type-options
nosniff
age
488597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 May 2025 00:45:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 18:30:08 GMT
x-content-type-options
nosniff
age
251912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 May 2025 18:30:08 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://the-immediatex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 18:30:09 GMT
x-content-type-options
nosniff
age
251911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 May 2025 18:30:09 GMT
loader.svg
api.the-immediatex.com/images/ 		1 KB
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.the-immediatex.com/images/loader.svg?74ab3a4b65d04814e59a43543c8379f0
Requested by
Host: api.the-immediatex.com
URL: https://api.the-immediatex.com/dist/css/integration.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f319d450c3745ce3b0767b2402f9a26b57ffc4a49753d6726a208b70e6858fa5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://api.the-immediatex.com/dist/css/integration.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 19 Oct 2023 12:40:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4d4-6081110f19d00;608111100df40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=721%2BYs6YxfCSV3%2BSxcbg0LQq7wx7z0dyuro5r3SBF0xH%2FcZYQqgnLOFTY8bwJfusPmm4dhTenmqRGXqOS1Xyqc8Wm4BKglQmqo5yd5PI%2Bu6hkEw2NnrcFmKzjgmud1sFIUdDkMFZmMepKvgUw2FSDHN1GLuy"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=432000, must-revalidate
cf-ray
88c0193f1b1592c9-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
the-immediatex.com/images/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://the-immediatex.com/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:27db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
977e24242d08c6359878ec9b224e36b8608e35ecb15e009ed45569a7ade14080

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://the-immediatex.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:28:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 May 2024 10:35:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
70796
etag
W/"9e9-619954f81ebc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14XcG28SD896%2FxMp4Sefap%2F5906dac2lwsq3YJpp%2BW%2B8HCxl8lLfdl2Ttga4nCvMpeO33YJdXLQ4iMF4%2Fxvk7KSPikq%2F5cDk4OE6gBvOnDH9XtwYn%2F44gh7AffKMLrUdGA2JMYWlGBEKEK%2BoRvgWGBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=432000, must-revalidate
cf-ray
88c0193f9bab92c9-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| funnel function| $ function| jQuery function| tram object| Webflow function| setFlagIcon function| setCountryName object| WebFont function| startTimer

3 Cookies

Domain/Path Name / Value
the-immediatex.com/ Name: SERVERID
Value: 4
.the-immediatex.com/ Name: __cf_mw_byp
Value: .6WgcTE3DuamuwdnoA.l76uYfmIoqfNABbjWOrsPW5A-1717086514-0.0.1.1-/
api.the-immediatex.com/ Name: SERVERID
Value: 4

1 Console Messages

Source Level URL
Text
network error URL: https://the-immediatex.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.the-immediatex.com
cdnjs.cloudflare.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
the-immediatex.com
2606:4700:3030::6815:27db
2606:4700::6811:180e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:81d::200a
52.222.232.99
029562b1a3178f34720b7ef0a798d61a171db1d3939c3292af7ef6486770b55c
05df54644b330492beb3859c00b28436babfb866d3e0cc2c30c071ab372dce5f
080173141d4ba42bfe3a55b972586b014797305f510934f1d3cf8cdff0e4720b
0db377b66a86501467a6444c013564748b9f1a12c034af68cae4761e2f94e221
1dad20e33d43b2d8abb476fd05b1c42a1b991a79620675cf6f046020c8657a15
313802727f4679d154d76da208cd24262a11f968e855cf0fe78b7ee88629076d
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
53335fc7de197a23a9632360d62614e9372558b53157ae7435d2105c4a49b029
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c
65baaf73001c13bbb1ae1934c4267e35f27855d25a0f2d2ac3dd20f0df6d66ba
683b4ee2870a6037f1edbf50577bba751711f602c3f6497ab03f724c60b831c5
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b2402a83b871e572992428ad16faaa95842b00fea37273520feeb4869b4d929
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81b5d6eed7782328de69d0109cbb42be7468805394d3a27a9d0954f388b34a60
825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
884c6035ed9bb01008e024041e4311443ccc42e1bb7887bd4e42da94c1e42af0
8ea67b667dec3a3e1f29bed71a5f30c4338465e05f880586f2cb970159996e39
977e24242d08c6359878ec9b224e36b8608e35ecb15e009ed45569a7ade14080
98e3ee8013fb25f9e1b8e6bff6a59c540a3020efb0f457ca469f17c0ff4aa1a0
9fdb12ceee3a402d3a54afe354552459dd3950e9c6dece06288e4cc0a7a7c060
a991d3c29bc73ec594f0407865ad91666270b73329c786ed3e4b5fda5710a07f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b77ff7000752c0f9d1ac2a031002a2bd2a32ffad1f1ba7ce8e8c2bcdbca65cbe
bc273fb4ca58d238d33fb2850f6b4f85dfff7915a61b99c7f522137fb953eed4
d601c03abac80f21c5757fa665b3aa9cb97618ca84b53f89d5081b988619add4
d95ef29b3a8ea5e57fc7385f0b2f798c2843268c45b727d3a87eb5ef85504a4c
e6ee7efda89d3aac8247ba7c199b1e5f78870e4fbaf330bc109e1eefb04155d1
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f319d450c3745ce3b0767b2402f9a26b57ffc4a49753d6726a208b70e6858fa5
f3e35a355b129060a4e4a1358681d20026b13f726c8da1a69226857873298d5a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d