account.ducktv.tv Open in urlscan Pro
2606:4700:7::60  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response account.ducktv.tv/	1 KB 1 KB	208ms 63ms	Document text/html	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f166bd44883948542729ca3db32e34341b356b118d1667745f135362b9996cff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control private cf-cache-status MISS cf-ray 89da412ab99f5d46-FRA content-encoding br content-type text/html date Wed, 03 Jul 2024 22:18:59 GMT permissions-policy interest-cohort=() server cloudflare vary Accept-Encoding x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200
GET H2	200	css2 fonts.googleapis.com/	32 KB 1 KB	130ms 46ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 03 Jul 2024 22:18:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 03 Jul 2024 21:21:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 03 Jul 2024 22:18:59 GMT
GET H2	200	start-9b2c72f2.js Show response account.ducktv.tv/_app/	20 KB 7 KB	81ms 80ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/start-9b2c72f2.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e4ab0deb49294261304cd2e670c6423427515772dd6c3b7c26a4c50bfab17f6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412b29f95d46-FRA
GET H2	200	vendor-d92e38d4.js Show response account.ducktv.tv/_app/chunks/	15 KB 6 KB	73ms 72ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/chunks/vendor-d92e38d4.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edf04035e77c6d4780d65a3991c919b3d0e8d784757ad8c768d1685dc5159dbf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412b29fc5d46-FRA
GET H2	200	preload-helper-9f12a5fd.js Show response account.ducktv.tv/_app/chunks/	623 B 398 B	77ms 76ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/chunks/preload-helper-9f12a5fd.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b97c74cbe687d935d7a4397d04593baeda1719da50d2baabf264087cdf0797a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412b2a005d46-FRA
GET H2	200	start-b97461fb.css account.ducktv.tv/_app/assets/	189 B 233 B	65ms 65ms	Stylesheet text/css	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/assets/start-b97461fb.css Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89b349892834d364da3c2dfa8e78eaf6e351ceeba41aaae1352c0689bdd031d8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type text/css cache-control public,max-age=31536000,immutable cf-ray 89da412b29f65d46-FRA
GET H2	200	__layout.svelte-44912eb0.js Show response account.ducktv.tv/_app/pages/	8 KB 3 KB	64ms 64ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/pages/__layout.svelte-44912eb0.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/chunks/preload-helper-9f12a5fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5168c1846fe1132bbe53d03f541a68865afafedacea522edc467567b5de949b7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412bfa9f5d46-FRA
GET H2	200	__layout.svelte-a9d942ad.css account.ducktv.tv/_app/assets/pages/	15 KB 4 KB	74ms 74ms	Stylesheet text/css	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/chunks/preload-helper-9f12a5fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6af5bbb442a67015cf8a595afd27d2ae7013253d9973638e5dff145299ed193a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type text/css cache-control public,max-age=31536000,immutable cf-ray 89da412bfa9e5d46-FRA
GET H2	200	stores-436948b8.js Show response account.ducktv.tv/_app/chunks/	378 B 264 B	68ms 68ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/chunks/stores-436948b8.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/chunks/preload-helper-9f12a5fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87b3c17380c9dffcd7c4a7449fa557ec59cc8fd16e36bc8e269dca5fe696cb9a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412bfaa05d46-FRA
GET H2	200	error.svelte-15abc6b5.js Show response account.ducktv.tv/_app/	1 KB 729 B	65ms 65ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/error.svelte-15abc6b5.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/chunks/preload-helper-9f12a5fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c92e330f4fac3d4b01c073591e88582369b3ecf0a0b73cf1bf9e706b2772f1c6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412bfaa35d46-FRA
GET H2	200	index.svelte-dfcc1566.js Show response account.ducktv.tv/_app/pages/	437 B 366 B	66ms 66ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/pages/index.svelte-dfcc1566.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/chunks/preload-helper-9f12a5fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b91609bf8355e36c32f85391d551c9d820e92b85c2e891661bad1f8c7a645ca Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412bfaa45d46-FRA
GET H2	200	v3 Show response js.stripe.com/	619 KB 152 KB	140ms 47ms	Script text/javascript	13.33.187.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/chunks/vendor-d92e38d4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.187.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-187-58.fra60.r.cloudfront.net Software Cloudfront / Resource Hash ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:18:25 GMT content-encoding br via 1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 35 x-amz-cf-pop FRA60-P9 x-cache Hit from cloudfront last-modified Wed, 03 Jul 2024 20:43:00 GMT server Cloudfront etag W/"16095b208fce1f9394656811fb5b307e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id Sm8snRCW4D9RK1OTkAd0ndui1EAXcBSdiqTsQlZDah35w5DU9Reb6A==
GET H2	401	user Show response pay-api.alteox.com/api/	65 B 463 B	67ms 67ms	Fetch application/json	2a06:98c1:58::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-api.alteox.com/api/user Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/pages/index.svelte-dfcc1566.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65e1600dfeee9d95cdec286e33df48599ba3e6851b7bf6476f5884386e5feae4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff www-authenticate error="invalid_token", error_description="token invalid or expired" cf-cache-status MISS x-do-app-origin 626636aa-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 401 content-length 65 x-xss-protection 1; mode=block server cloudflare etag W/"41-JYFe7ICrkYAoQe/lz9/40cX/2GA" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private cf-ray 89da412d9a10bbe3-FRA
OPTIONS H2	204	user pay-api.alteox.com/api/ Frame	0 0	191ms 61ms	Preflight	2a06:98c1:58::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-api.alteox.com/api/user Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://account.ducktv.tv Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,Authorization access-control-allow-methods HEAD, GET, POST, PUT, PATCH, DELETE access-control-allow-origin * cache-control private cf-cache-status DYNAMIC cf-ray 89da412d39b4bbe3-FRA date Wed, 03 Jul 2024 22:19:00 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-do-app-origin 626636aa-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 204 x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame 707B	0 0	114ms 39ms	Document text/html	13.33.187.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.187.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-187-58.fra60.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://account.ducktv.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 3587 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Wed, 03 Jul 2024 21:19:13 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 14 Jun 2024 20:01:05 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront) x-amz-cf-id QRhKXOq8Ud9sG0J67ItI5EqBqld6C9SpKg6MBCtAz4mgXqwbIwSQ8A== x-amz-cf-pop FRA60-P9 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	login.svelte-b471175f.js Show response account.ducktv.tv/_app/pages/	7 KB 3 KB	67ms 67ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/pages/login.svelte-b471175f.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/chunks/preload-helper-9f12a5fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e3337fc0b840159883843269de0b179e106e50961c4ab8677dd8705aeffa017 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412e0c835d46-FRA
GET H2	200	Loader-72a68550.js Show response account.ducktv.tv/_app/chunks/	1014 B 674 B	66ms 66ms	Script application/javascript	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/_app/chunks/Loader-72a68550.js Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/chunks/preload-helper-9f12a5fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a30921cc9c5c7d4f702f6834db75117f40634211a168b05f2be15fbe0702731 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000,immutable cf-ray 89da412e0c865d46-FRA
GET H2	200	svod-logo-07e01ee4-91cc-40eb-81e6-04140a3a97c5.png alteoxstreamimages.b-cdn.net/provider-logo/	30 KB 31 KB	165ms 73ms	Image image/webp	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://alteoxstreamimages.b-cdn.net/provider-logo/svod-logo-07e01ee4-91cc-40eb-81e6-04140a3a97c5.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 11c36a5b190d48a860c5a00eab387a79faed17bd14d347f00a9e81310d595471 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT x-downloadsize 103913 cdn-edgestorageid 1079 x-bo-processingtime 2 cdn-cachedat 06/12/2024 15:53:36 cdn-pullzone 84459 content-length 31212 x-bo-server DE-136 last-modified Wed, 12 Jun 2024 15:53:36 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 89 content-type image/webp access-control-allow-origin * cdn-cache HIT cdn-uid 0ad020a1-d173-4727-a484-0e9ab55ce1b0 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 69.96% cdn-requestid e5193056ff2f1fb39b15d38251a5d0a5 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	duck-tv-favicon.png account.ducktv.tv/	21 KB 21 KB	64ms 63ms	Other image/png	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/duck-tv-favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a73fa1d564df3e3cfe41dc9731a571c294a1ab9f0cbdd817c4dd720eea1efad0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 etag W/"21847-315532801000" vary Accept-Encoding content-type image/png cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 89da412e7cf45d46-FRA content-length 21847
GET H2	200	kite2.png account.ducktv.tv/	25 KB 25 KB	107ms 107ms	Image image/png	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://account.ducktv.tv/kite2.png Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611e1e6661fabb99e3cbde91a55307e24a0c405ad56b9c851bd835197a004619 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 etag W/"25284-315532801000" vary Accept-Encoding content-type image/png cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 89da412e7cf55d46-FRA content-length 25284
GET H2	200	kite.png account.ducktv.tv/	38 KB 38 KB	67ms 67ms	Image image/png	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://account.ducktv.tv/kite.png Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e311139d05048a83ee0d4cb92052c55350e2b25fea6863ed388a249bde73d095 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 etag W/"39273-315532801000" vary Accept-Encoding content-type image/png cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 89da412e7cf65d46-FRA content-length 39273
GET H2	200	StRyde-Medium.woff2 account.ducktv.tv/fonts/	27 KB 27 KB	66ms 65ms	Font font/woff2	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/fonts/StRyde-Medium.woff2 Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf253c36c0dcd5d3898612842cf99ffd529eb789dc7ea2e61bd7faaaa23cbbd3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 etag W/"27564-315532801000" vary Accept-Encoding content-type font/woff2 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 89da412e8cfc5d46-FRA content-length 27564
GET H2	200	StRydeRegular.woff2 account.ducktv.tv/fonts/	27 KB 27 KB	101ms 100ms	Font font/woff2	2606:4700:7::60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.ducktv.tv/fonts/StRydeRegular.woff2 Requested by Host: account.ducktv.tv URL: https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 789f0dc9f38f2ce39b72277ab7c7aa4d3aa5512fa08381fb0bea35d544ab4a7d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://account.ducktv.tv/_app/assets/pages/__layout.svelte-a9d942ad.css Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:19:00 GMT cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 62663a64-e6b5-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 etag W/"27508-315532801000" vary Accept-Encoding content-type font/woff2 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 89da412e8cfe5d46-FRA content-length 27508
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	130ms 40ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://account.ducktv.tv Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 12:59:20 GMT x-content-type-options nosniff age 551980 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 12:59:20 GMT

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| webpackChunkStripeJSouter function| noop function| Stripe

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.account.ducktv.tv/	1970-01-20 21:47:26	Name: __cf_bm Value: QMkS8j6KPL.2x8cbdDhYlfkXHeagTGPNBXxMoUGdBEg-1720045139-1.0.1.1-XoDeF8zqJDLJZs9CWqkuofTyE.6tr5XNrjjlg1mI7nSJ1HofHeUFlthYFRY2ysy2xIsIuNHRdhDan8vuDM9AnA
			m.stripe.com/	1970-01-21 07:23:25	Name: m Value: d39de767-a00d-48e4-bdea-8b0daf9e7808fb06ff
			.account.ducktv.tv/	1970-01-21 06:33:01	Name: __stripe_mid Value: a7320b97-0384-4dee-8861-c9582122d0194c34d5
			.account.ducktv.tv/	1970-01-20 21:47:26	Name: __stripe_sid Value: 1df2ef2a-b19a-43be-bb23-8e5232f95aae74d9fe

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pay-api.alteox.com/api/user Message: Failed to load resource: the server responded with a status of 401 ()
recommendation	verbose	URL: https://account.ducktv.tv/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.ducktv.tv
alteoxstreamimages.b-cdn.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
pay-api.alteox.com
13.33.187.58
2400:52e0:1e00::1080:1
2606:4700:7::60
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2003
2a06:98c1:58::60
11c36a5b190d48a860c5a00eab387a79faed17bd14d347f00a9e81310d595471
1e3337fc0b840159883843269de0b179e106e50961c4ab8677dd8705aeffa017
3b91609bf8355e36c32f85391d551c9d820e92b85c2e891661bad1f8c7a645ca
5168c1846fe1132bbe53d03f541a68865afafedacea522edc467567b5de949b7
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
611e1e6661fabb99e3cbde91a55307e24a0c405ad56b9c851bd835197a004619
65e1600dfeee9d95cdec286e33df48599ba3e6851b7bf6476f5884386e5feae4
6af5bbb442a67015cf8a595afd27d2ae7013253d9973638e5dff145299ed193a
789f0dc9f38f2ce39b72277ab7c7aa4d3aa5512fa08381fb0bea35d544ab4a7d
87b3c17380c9dffcd7c4a7449fa557ec59cc8fd16e36bc8e269dca5fe696cb9a
89b349892834d364da3c2dfa8e78eaf6e351ceeba41aaae1352c0689bdd031d8
8a30921cc9c5c7d4f702f6834db75117f40634211a168b05f2be15fbe0702731
8b97c74cbe687d935d7a4397d04593baeda1719da50d2baabf264087cdf0797a
9e4ab0deb49294261304cd2e670c6423427515772dd6c3b7c26a4c50bfab17f6
a73fa1d564df3e3cfe41dc9731a571c294a1ab9f0cbdd817c4dd720eea1efad0
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c92e330f4fac3d4b01c073591e88582369b3ecf0a0b73cf1bf9e706b2772f1c6
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
cf253c36c0dcd5d3898612842cf99ffd529eb789dc7ea2e61bd7faaaa23cbbd3
e311139d05048a83ee0d4cb92052c55350e2b25fea6863ed388a249bde73d095
edf04035e77c6d4780d65a3991c919b3d0e8d784757ad8c768d1685dc5159dbf
f166bd44883948542729ca3db32e34341b356b118d1667745f135362b9996cff