urlscan.io logo urlscan.io
SecurityTrails logo

rodeks.xyz Open in urlscan Pro
157.230.4.182  Public Scan

Go To Rescan Add Verdict Report
URL: https://rodeks.xyz/17Ai/7.html
Submission: On September 27 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 157.230.4.182, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is rodeks.xyz.
TLS certificate: Issued by R3 on September 11th 2023. Valid for: 3 months.
This is the only time rodeks.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    157.230.4.182 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rodeks.xyz
1    2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2404:6800:4004:80f::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
translate.google.com
2    2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2404:6800:4004:827::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)
translate.googleapis.com
Apex Domain
Subdomains		 Transfer
8 rodeks.xyz
rodeks.xyz
50 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
58 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1951
88 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
ajax.googleapis.com — Cisco Umbrella Rank: 720
translate.googleapis.com — Cisco Umbrella Rank: 1953
109 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 2217
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
17 KB
21 6
Domain Requested by
8 rodeks.xyz rodeks.xyz
4 use.fontawesome.com rodeks.xyz
use.fontawesome.com
2 www.gstatic.com www.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
rodeks.xyz
1 translate.googleapis.com
1 translate.google.com rodeks.xyz
1 cdnjs.cloudflare.com rodeks.xyz
1 ajax.googleapis.com rodeks.xyz
1 fonts.googleapis.com rodeks.xyz
21 9

This site contains links to these domains. Also see Links.

Domain
track.mbstrk.com
Subject Issuer Validity Valid
rodeks.xyz
R3		 2023-09-11 -
2023-12-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-09-01 -
2023-11-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://rodeks.xyz/17Ai/7.html
Frame ID: 458C69FC8DA5AF11381F306A38E9D425
Requests: 21 HTTP requests in this frame

Frame: data://truncated
Frame ID: C3807D2C09BE17AD2A96AAA72DF16075
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Norton Antivirus subscription has expired

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

89 %
IPv6

6
Domains

9
Subdomains

10
IPs

2
Countries

354 kB
Transfer

715 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 7.html
rodeks.xyz/17Ai/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.230.4.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
aab24d5b1a3492fe52903ebe93d2818f67425fb03aef316b157215d27aa6ca37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 27 Sep 2023 08:23:27 GMT
etag
W/"6509832f-a4e"
last-modified
Tue, 19 Sep 2023 11:17:03 GMT
server
nginx
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9686aeea0055ab0c2b1f0eba66dec9b6dd487b4ec34b0fc9106edc7cd3a52cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 07:53:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Sep 2023 08:23:27 GMT
f182237388.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/f182237388.js
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc81f26f3ae5cce9fffb7bf98e91a71210defe0a685ba8eff16ce863524a131

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BV9CCHE03HTJSGY2
age
6441
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5fMfphY9ns6rr45YeQdeBkAdmPbwrMShE13wFmCYx/MoT+SHpvxpClSpFt2GFt6mvDTE5fNJZFQ0oRyO139TDQ==
last-modified
Tue, 16 Nov 2021 19:21:22 GMT
server
cloudflare
etag
W/"642925e489914ab3dd425cb843636667"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKIlS2K%2FImGrBBgQunYnf9Zf8iLKbZ0CwFw1kMqmeGOdmn8DSWPn5mIuZbCPZFphhrfAR7NMMg3S9F92FNYfKvFeIL5ssr9FbhHyJAG868S9Mlf2HUseY6%2FVl%2Bhh0YEqFiR86XehSyGTe3AYroz92QXA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
80d2583b6b348a84-NRT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 07:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Sep 2024 07:40:06 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment.min.js
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1000732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16837
last-modified
Wed, 06 Jul 2022 23:03:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62c614dc-41c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sO4HOXjs89TSzOt6DSlog9F6f9OYgoIJeBPwjHeq5PozCZAXekiBV%2FaVxW%2Fpc44mSWeCY8lNA8fDyXf6Y3YWLBH8SSAIeOx56QNB%2Fk6eiGiOz3kAa%2F3VBz7W4R54rzpkwfow%2BB9zqIYFkNSF1nZ%2BNm2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80d2583b7dbb8a6e-NRT
expires
Mon, 16 Sep 2024 08:23:27 GMT
cookie.js
rodeks.xyz/17Ai/folder/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rodeks.xyz/17Ai/folder/js/cookie.js
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.230.4.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/17Ai/7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 15:40:44 GMT
server
nginx
etag
W/"6375047c-896"
vary
Accept-Encoding
content-type
application/javascript
langs.js
rodeks.xyz/17Ai/folder/js/ 		1 KB
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rodeks.xyz/17Ai/folder/js/langs.js
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.230.4.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/17Ai/7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 15:40:46 GMT
server
nginx
etag
W/"6375047e-485"
vary
Accept-Encoding
content-type
application/javascript
custom.js
rodeks.xyz/17Ai/folder/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rodeks.xyz/17Ai/folder/js/custom.js
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.230.4.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
186af4fd69fd97535fa422f3225cd0ff7622b9b48806af64372e9b2704dcd9e5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/17Ai/7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
gzip
last-modified
Mon, 25 Sep 2023 11:37:20 GMT
server
nginx
etag
W/"651170f0-e48"
vary
Accept-Encoding
content-type
application/javascript
logo.png
rodeks.xyz/17Ai/folder/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rodeks.xyz/17Ai/folder/img/logo.png
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.230.4.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfbc6791d4ed87f4b07fe1a29f8f79ad06ce950b7b3add90fbe67abbdd5081e6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/17Ai/7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
last-modified
Tue, 19 Sep 2023 09:45:20 GMT
server
nginx
accept-ranges
bytes
etag
"65096db0-38e6"
content-length
14566
content-type
image/png
favicon.png
rodeks.xyz/17Ai/folder/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rodeks.xyz/17Ai/folder/img/favicon.png
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.230.4.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1857734f589cccaf1d90d045e64816e1b1f7c8b2293bfd4b18bea35665292ab2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/17Ai/7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
last-modified
Tue, 19 Sep 2023 09:45:54 GMT
server
nginx
accept-ranges
bytes
etag
"65096dd2-5211"
content-length
21009
content-type
image/png
gray.png
rodeks.xyz/17Ai/folder/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rodeks.xyz/17Ai/folder/img/gray.png
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.230.4.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ca46703728161890813fa2fd11055c06a6fa753e02ee331c560f843c5c09167d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/17Ai/7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
last-modified
Tue, 19 Sep 2023 09:47:38 GMT
server
nginx
accept-ranges
bytes
etag
"65096e3a-257c"
content-length
9596
content-type
image/png
f182237388.css
use.fontawesome.com/ 		1 KB
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/f182237388.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/f182237388.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95881e5529a4da2df42f5440134b3aab3834b3e4090771980f59876a0af6c10f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FMTDMZB7ZKPZ7FT2
age
3554
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5NUosYB0VYlUGvLg+VVGas8n4gJ8Dq5CMVS4H3lUXf3KvWIoMJBevdkQjJ4WqhuXtk84zoralkw=
last-modified
Tue, 16 Nov 2021 19:21:22 GMT
server
cloudflare
etag
W/"c34c69a9993e345a33d3899b6f063f04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQbIYXZXTFOoh0%2F73u5v1xPwbLTA0hLzs%2FITSmvf1xqgBcMJddOQFYmRk6cfGyTOTlJDPnXIYYXz09M6TxUKIp59pNVRs%2Bxo6K1KM8wYrKMMzINYJFbosl%2BRyKYoy1E4JcYB9EzTUw4qbsnthytX6%2Fl%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
80d2583c1c138a84-NRT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/f182237388.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://use.fontawesome.com/f182237388.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
91G0TXRXZN05Q3YF
age
206691
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dpF8+HyB4uoYWeRftKqaB3ZXSYMygGDZo/xSzIhzB7Z8QgiG3cL8o+Uw8cqnYzPvkogsmg1jTvA=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3rXpLY%2FHQ70xHx9kuiShe8sLCEi6o18p5S%2FRBsCkoWSB9kw%2F2ZN2zbfR75gz%2B%2BQx2SdVszloRsI2BTN668xPnkFe4hGJaE1ZXIuLiB5TWpn5BZ0jxJA7Dxk9AYIHGCtSmLPpGGe5lqwSbmIm25Q9SNu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
80d2583c2e60dfdd-NRT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/f182237388.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/f182237388.css
Origin
https://rodeks.xyz
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S8YSFKV3RET838EN
age
598035
alt-svc
h3=":443"; ma=86400
content-length
77160
x-amz-id-2
PQanL+YrFN/mbSxq96oFSjw7JiSVL0H5XOzPqZde5AcBYzGMjfvggBwbM8a6lZOG2zk6dPjh7cA=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oO7q5wId7naQBk6sPNFSiQ%2Fbc9ws8q9SsxBmIB0rtp%2FRTF0bA%2FSGpaCtWgEX756upeSPQf%2FmndZTyHKi1LvjoTjUk8HgjFyOhNauoOM4k3zBGO4lhv1jmIxlM0FjOMb3WNjvej1cCh1g4%2FsJWhltoTLo"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
80d2583c4fc1afff-NRT
element.js
translate.google.com/translate_a/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/folder/js/langs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18ce7089b72fc6a3c2d3fb6d1efd81a8b07a8771a13c5f970c4ce4df394ad19e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
custom.css
rodeks.xyz/17Ai/folder/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rodeks.xyz/17Ai/folder/css/custom.css
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/folder/js/custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.230.4.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a61ecf93b34c200b395648af86d5e78f32e0bf04bc56d8c54ab403c24193a1d6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/17Ai/7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:23:27 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:37 GMT
server
nginx
etag
W/"65097b95-1448"
vary
Accept-Encoding
content-type
text/css
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rodeks.xyz
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 06:58:47 GMT
x-content-type-options
nosniff
age
91480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 06:58:47 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ja.WldVt4Yy3Vc.O/d=1/rs=AN8SPfpKFpPNUpV3M-7U3bpbvaWyGJjgyg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Sep 2024 08:05:16 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ja.WldVt4Yy3Vc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpKFpPNUpV3M-7U3bpbvaWyGJjgyg/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ja.WldVt4Yy3Vc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpKFpPNUpV3M-7U3bpbvaWyGJjgyg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ja.WldVt4Yy3Vc.O/d=1/rs=AN8SPfpKFpPNUpV3M-7U3bpbvaWyGJjgyg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01d82e2af447877a0c7e89bbc9cc2cc5039ffa9be7495b210de073bbcd6957c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 19:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78266
x-xss-protection
0
last-modified
Sat, 23 Sep 2023 03:10:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Sep 2024 19:19:12 GMT
truncated
/ Frame C380 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: rodeks.xyz
URL: https://rodeks.xyz/17Ai/7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rodeks.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 07:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Sep 2024 07:46:40 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 13:08:44 GMT
x-content-type-options
nosniff
age
69283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 25 Sep 2024 13:08:44 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| FontAwesomeCdnConfig string| cssUrl function| $ function| jQuery function| moment function| Cookies function| googleTranslateElementInit string| lang function| _0x2b6e function| _0x239223 function| detectOSAndDevice function| detectOS function| _0x39b1 object| linkElem function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| closure_lm_713426

2 Cookies

Domain/Path Name / Value
rodeks.xyz/ Name: GoogleAccountsLocale_session
Value: en
rodeks.xyz/ Name: googtrans
Value: /en/en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
rodeks.xyz
translate.google.com
translate.googleapis.com
use.fontawesome.com
www.gstatic.com
157.230.4.182
2404:6800:4004:80f::200a
2404:6800:4004:81e::200a
2404:6800:4004:821::200e
2404:6800:4004:823::200a
2404:6800:4004:824::2003
2404:6800:4004:827::2003
2606:4700::6811:180e
2606:4700:e0::ac40:660b
01d82e2af447877a0c7e89bbc9cc2cc5039ffa9be7495b210de073bbcd6957c5
081737985335af4be15fc676ed4ccc0703c7446c6b5cbc9317e40bcdc6428e5d
1857734f589cccaf1d90d045e64816e1b1f7c8b2293bfd4b18bea35665292ab2
186af4fd69fd97535fa422f3225cd0ff7622b9b48806af64372e9b2704dcd9e5
18ce7089b72fc6a3c2d3fb6d1efd81a8b07a8771a13c5f970c4ce4df394ad19e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920
491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5fc81f26f3ae5cce9fffb7bf98e91a71210defe0a685ba8eff16ce863524a131
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
95881e5529a4da2df42f5440134b3aab3834b3e4090771980f59876a0af6c10f
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a61ecf93b34c200b395648af86d5e78f32e0bf04bc56d8c54ab403c24193a1d6
aab24d5b1a3492fe52903ebe93d2818f67425fb03aef316b157215d27aa6ca37
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ca46703728161890813fa2fd11055c06a6fa753e02ee331c560f843c5c09167d
dfbc6791d4ed87f4b07fe1a29f8f79ad06ce950b7b3add90fbe67abbdd5081e6
e9686aeea0055ab0c2b1f0eba66dec9b6dd487b4ec34b0fc9106edc7cd3a52cb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d