urlscan.io logo urlscan.io
SecurityTrails logo

jd82.xyz Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jd82.xyz/step2.php#1677949154952
Effective URL: https://jd82.xyz/step2.php
Submission: On March 04 via manual from TR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is jd82.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 22nd 2022. Valid for: a year.
This is the only time jd82.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 146.75.120.193 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 103.235.46.191 55967 (BAIDU Bei...)
3 2a00:1450:400... 15169 (GOOGLE)
22 9
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
jd82.xyz
2    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2606:4700:3035::ac43:83a9 (United States)

ASN13335 (CLOUDFLARENET, US)
social17.xyz
1    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
bccr.xyz
1    2606:4700:3033::6815:284a (United States)

ASN13335 (CLOUDFLARENET, US)
jix02.xyz
1    2606:4700:3032::ac43:d312 (United States)

ASN13335 (CLOUDFLARENET, US)
4g.50gbga14.xyz
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
3    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5977
308 KB
4 jd82.xyz
jd82.xyz
149 KB
3 gstatic.com
fonts.gstatic.com
54 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8406
12 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 50gbga14.xyz
4g.50gbga14.xyz
34 KB
1 jix02.xyz
jix02.xyz
34 KB
1 bccr.xyz
bccr.xyz
34 KB
1 social17.xyz
social17.xyz
34 KB
22 9
Domain Requested by
7 i.imgur.com jd82.xyz
4 jd82.xyz jd82.xyz
3 fonts.gstatic.com fonts.googleapis.com
2 hm.baidu.com jd82.xyz
2 fonts.googleapis.com jd82.xyz
1 4g.50gbga14.xyz jd82.xyz
1 jix02.xyz jd82.xyz
1 bccr.xyz jd82.xyz
1 social17.xyz jd82.xyz
22 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://jd82.xyz/step2.php
Frame ID: 09D57C27BD8C94D2D8E10702D88A6E5F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

STUDENTEN LAPTOPS ONDERSTEUNEN 2023

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

661 kB
Transfer

989 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request step2.php
jd82.xyz/ 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a66cbe554720d4db68c668652d348b6a25efa7f16ae482a70f9cd439d0e11f70

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a2bc16a2a930bd1-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 04 Mar 2023 17:14:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrHdeJNKPPMQPd9Bf%2BQG3ok2qTGhn6iBMaJyU1CMRgG8qETnvpJOwuergwzZDvfv34CW8m0NiRLwBTa0Vyu%2FpDzl%2B%2Bo8AGVGOXTMD6JEdfTMTs5kzSpyMnxh1K3C64RcaSayxuHHFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
jd82.xyz/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jd82.xyz/js/jquery.min.js
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/step2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4155
etag
W/"640068c9-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udZcJhiAHTRJ6wYztcn5%2FU3kck4k7533fuK7oqzNNiBRqNX21WOsz7XI6x6tmLCXJN9it4SvFDvAFSgcWr2xPBygRjVdGeM7Gd1%2FpNgcgEPqiOlIcgoBfM4LjueGFl42YeYV7qt5YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7a2bc16b2c040bd1-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 04:05:11 GMT
cookie.min.js
jd82.xyz/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jd82.xyz/js/cookie.min.js
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4bb84dfa6c01e1710e8d5e808560fa8fc651370ea31cb015d9ffd951c861bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/step2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640068c9-a30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8ldL3oxncrih0PRzPaMiwjdJ09fIBBIgzy2MX6E5YmafB7C9RZeCjsGFmdwZm%2BYldUyJ%2ByeHDXF2hoy4GWIHo3iaTS6laxz0Eph3Bo95KE1SYjDryuWcE0gdf3fjQLtu5YVn6A4hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7a2bc16b2c050bd1-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 05:14:26 GMT
css2
fonts.googleapis.com/ 		2 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Mar 2023 17:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Mar 2023 17:09:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Mar 2023 17:14:26 GMT
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ 		1 KB
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sat, 04 Mar 2023 17:14:26 GMT
klq.jpg
jd82.xyz/images/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jd82.xyz/images/klq.jpg
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9fb542b9815c49abac2a695cdb8fe909386012b4646e4c40acd5abb877ad3e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/step2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9162
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109472
last-modified
Thu, 02 Mar 2023 09:13:46 GMT
server
cloudflare
etag
"640068ca-1aba0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpydyub2HQKf99c904rNkH3vpcAe9xI0AJBq8fU9ykVK2%2FwrVqddCuQLU8c54YVRgCjHYGLKkRR8us3DGfWH9sh3%2FqYh1mtPuNIB%2F2eMLauC0L%2Bt%2FJ9FCrQQnmcvlZI6%2FmyOvdtLPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7a2bc16c2d69b761-AMS
expires
Mon, 03 Apr 2023 14:41:44 GMT
g6cV61A.png
i.imgur.com/ 		624 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/g6cV61A.png
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
04349321c371bff9047a8125a2b6554be6932ac6cf10cbd8883b69f03f943fe5
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
3925246
x-cache
HIT, HIT
content-length
624
x-served-by
cache-iad-kiad7000138-IAD, cache-hhn-etou8220069-HHN
last-modified
Mon, 21 Feb 2022 00:15:11 GMT
server
cat factory 1.0
x-timer
S1677950067.667505,VS0,VE0
etag
"354fbd5644ab479f0f8b939323b0f0c6"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
40588, 44
0UHB1f0.png
i.imgur.com/ 		664 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/0UHB1f0.png
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4912d7b6b27805d2f0d39a5c372917b15d01b70198d4f6f7aaef9c943d3bb274
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
3902250
x-cache
HIT, HIT
content-length
664
x-served-by
cache-iad-kcgs7200178-IAD, cache-hhn-etou8220069-HHN
last-modified
Mon, 21 Feb 2022 00:15:16 GMT
server
cat factory 1.0
x-timer
S1677950067.666710,VS0,VE0
etag
"651000584cf023a30d7d74a07ad71047"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
8014, 3
sSMYbTT.png
i.imgur.com/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/sSMYbTT.png
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
594d9200c7b8fdbf512fa6b52de947cfa3f0b8cbae7821aa60d0e4468d9ffa6c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1039092
x-cache
HIT, HIT
content-length
933
x-served-by
cache-iad-kjyo7100155-IAD, cache-hhn-etou8220069-HHN
last-modified
Mon, 21 Feb 2022 00:15:06 GMT
server
cat factory 1.0
x-timer
S1677950067.668128,VS0,VE0
etag
"df94e4b9e14db5f7c4254cfb27259333"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
25799, 43
NiqWOfU.jpg
i.imgur.com/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/NiqWOfU.jpg
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4b3cd4c29c3adf2144ab73f52c413f1d26e3ecffbf52e928b8bf35929790a125
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
4006440
x-cache
HIT, HIT
content-length
56169
x-served-by
cache-iad-kiad7000086-IAD, cache-hhn-etou8220069-HHN
last-modified
Sun, 02 Jan 2022 21:18:37 GMT
server
cat factory 1.0
x-timer
S1677950067.668115,VS0,VE0
etag
"98d4ac74f157ce4e15185c90fa8f49f0"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2841, 2
xGDBDEM.jpg
i.imgur.com/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/xGDBDEM.jpg
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5594b2c94b7a516fda8757d413326bcc9b697058185e6dca2b11522bb3c26027
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
2783314
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
154430
x-served-by
cache-iad-kcgs7200053-IAD, cache-hhn-etou8220069-HHN
last-modified
Thu, 13 Jan 2022 01:13:47 GMT
server
cat factory 1.0
x-timer
S1677950067.668143,VS0,VE3
etag
"507f6e7475cecce1662075c961f92c6c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
5698, 1
QXVecld.jpg
i.imgur.com/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/QXVecld.jpg
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
34ef80bbf6e70e85462a5c5cc6587ec4ca030774a9b82e7495a41f9a2d1d3000
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
4012170
x-cache
HIT, HIT
content-length
100165
x-served-by
cache-iad-kjyo7100178-IAD, cache-hhn-etou8220069-HHN
last-modified
Thu, 13 Jan 2022 01:13:09 GMT
server
cat factory 1.0
x-timer
S1677950067.668144,VS0,VE0
etag
"ea40e54639840edee04edd8d395ac257"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
11663, 2
D3BlBjV.jpg
i.imgur.com/ 		802 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/D3BlBjV.jpg
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e85bfd6d4a0942d7a443df6dcf4bfe02519b7e126c2f32a805cdb17eb5359892
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
3908458
x-cache
HIT, HIT
content-length
802
x-served-by
cache-iad-kiad7000146-IAD, cache-hhn-etou8220069-HHN
last-modified
Sun, 24 Apr 2022 02:34:30 GMT
server
cat factory 1.0
x-timer
S1677950067.690929,VS0,VE0
etag
"ecc10509adc477cc953aeb24d23688c2"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
40910, 2
jquery.min.js
social17.xyz/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://social17.xyz/js/jquery.min.js?_=1677950066465
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:83a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640068c9-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS40jcF6U5VTnoQYaHLMACGHFsIzmfltPOmU3HnVPMmKLDnQk7QNNKxZIvG1LzeWoquliSL%2Fzt2LxkeW60ZBMCXJmHp1dsxlSDO5kK3fdHxUatniN%2FSz51WfIO9%2F3C6Lh9JdpM4CDv2cFxM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7a2bc16cfdd29bac-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 05:14:26 GMT
jquery.min.js
bccr.xyz/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bccr.xyz/js/jquery.min.js?_=1677950066466
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640068c9-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7Q7rkvyC9h7lmaq8O904vilPA6x1TXEJwMNYwNZtqqYMU58qex4jqxQzjB20nDCdq7u9N5O2%2FNl41V0N5X7wgGgbL7Ejk2l7agttE8kQqHv%2BU%2BzcdqXY0OJe0Djzqm1s01wUCWs5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7a2bc16cfad5b8c0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 05:14:27 GMT
jquery.min.js
jix02.xyz/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jix02.xyz/js/jquery.min.js?_=1677950066467
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640068c9-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiqZFZddxh6FycxWQ%2FO2e1AEElGZyVdFkdn6c2hgpcgJ3OycSQQcZ3dbxCSj9nm8Xh1SjjVxR%2BE5CZh%2Fh9zg9EVEBhRc2%2BsjXm2lO%2B0Tb4K62B6F%2B9ASoyapWx7KfPHUJWqq0HS2Xj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7a2bc16ccd090a50-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 05:14:26 GMT
jquery.min.js
4g.50gbga14.xyz/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4g.50gbga14.xyz/js/jquery.min.js?_=1677950066468
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d312 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:14:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640068c9-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxa6bsF3hX4gStJPnKQOrhepaBG7NHMQsjEOCmtEzhUpYPXnzN7Y2YTi8c10Hi7J4upUWbQGG7MRboyIn2CyHwemL%2FyjUOJb3orgtW4A4yT7ePi7r1MoJaOKAUVUHVWjTt6UzOeGn8OFQq9vKE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7a2bc16d1c519b7d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 05 Mar 2023 05:14:26 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?96d553200d356105f31d0144e46133a0
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
1b201340e7e4fc2bbb645c6ab7736a1005309d4d8dc2e8f64d03d210cd32217e
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 17:14:28 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
2c0234de71e0a99570cbce018704f6dc
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11257
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jd82.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 12:18:44 GMT
x-content-type-options
nosniff
age
276942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 12:18:44 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jd82.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 22:20:50 GMT
x-content-type-options
nosniff
age
154416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 22:20:50 GMT
DroidNaskh-Regular.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Regular.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jd82.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 09:32:55 GMT
x-content-type-options
nosniff
age
286891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39220
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 09:32:55 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=126779360&si=96d553200d356105f31d0144e46133a0&v=1.3.0&lv=1&sn=57464&r=0&ww=1600&u=https%3A%2F%2Fjd82.xyz%2Fstep2.php%231677950067106&tt=STUDENTEN%20LAPTOPS%20ONDERSTEUNEN%202023
Requested by
Host: jd82.xyz
URL: https://jd82.xyz/step2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://jd82.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Mar 2023 17:14:28 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| Cookies number| timeleft number| downloadTimer number| time number| likes number| comments number| shares string| text1 string| text2 string| text3 string| error string| abcde string| saved string| share object| swidth number| width function| hh function| jp function| fh object| _hmt boolean| _bdhm_loaded_96d553200d356105f31d0144e46133a0 object| mini_tangram_log_93kavq

5 Cookies

Domain/Path Name / Value
jd82.xyz/ Name: loclang
Value: nl
jd82.xyz/ Name: jumpurl
Value: social17.xyz
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 3A5DC3EAA813EDFA
.jd82.xyz/ Name: Hm_lvt_96d553200d356105f31d0144e46133a0
Value: 1677950069
.jd82.xyz/ Name: Hm_lpvt_96d553200d356105f31d0144e46133a0
Value: 1677950069

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4g.50gbga14.xyz
bccr.xyz
fonts.googleapis.com
fonts.gstatic.com
hm.baidu.com
i.imgur.com
jd82.xyz
jix02.xyz
social17.xyz
103.235.46.191
146.75.120.193
2606:4700:3032::ac43:d312
2606:4700:3033::6815:284a
2606:4700:3035::ac43:83a9
2a00:1450:400d:807::2003
2a00:1450:400d:80e::200a
2a06:98c1:3121::3
2a06:98c1:3121::c
04349321c371bff9047a8125a2b6554be6932ac6cf10cbd8883b69f03f943fe5
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
1b201340e7e4fc2bbb645c6ab7736a1005309d4d8dc2e8f64d03d210cd32217e
34ef80bbf6e70e85462a5c5cc6587ec4ca030774a9b82e7495a41f9a2d1d3000
4912d7b6b27805d2f0d39a5c372917b15d01b70198d4f6f7aaef9c943d3bb274
4b3cd4c29c3adf2144ab73f52c413f1d26e3ecffbf52e928b8bf35929790a125
4c9fb542b9815c49abac2a695cdb8fe909386012b4646e4c40acd5abb877ad3e
5594b2c94b7a516fda8757d413326bcc9b697058185e6dca2b11522bb3c26027
594d9200c7b8fdbf512fa6b52de947cfa3f0b8cbae7821aa60d0e4468d9ffa6c
68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20
842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a66cbe554720d4db68c668652d348b6a25efa7f16ae482a70f9cd439d0e11f70
c4bb84dfa6c01e1710e8d5e808560fa8fc651370ea31cb015d9ffd951c861bda
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e85bfd6d4a0942d7a443df6dcf4bfe02519b7e126c2f32a805cdb17eb5359892