urlscan.io logo urlscan.io
SecurityTrails logo

rhabdomancer.com Open in urlscan Pro
168.119.154.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rhabdomancer.com/
Effective URL: https://rhabdomancer.com/
Submission: On March 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 34 HTTP transactions. The main IP is 168.119.154.47, located in Germany and belongs to HETZNER-AS, DE. The main domain is rhabdomancer.com.
TLS certificate: Issued by R3 on February 8th 2023. Valid for: 3 months.
This is the only time rhabdomancer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 168.119.154.47 24940 (HETZNER-AS)
3 2620:0:860:ed... 14907 (WIKIMEDIA)
2 2600:9000:23c... 16509 (AMAZON-02)
2 172.64.132.29 13335 (CLOUDFLAR...)
2 13.33.60.25 16509 (AMAZON-02)
2 104.21.71.32 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 4 2607:f8b0:400... 15169 (GOOGLE)
34 8
21    168.119.154.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.154.119.168.skarvelis.gr
rhabdomancer.com
3    2620:0:860:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
2    2600:9000:23ca:2000:11:dbf3:c300:21 (United States)

ASN16509 (AMAZON-02, US)
d3frqqoat98cng.cloudfront.net
2    172.64.132.29 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
2    13.33.60.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-25.ewr52.r.cloudfront.net
ihavelearnat.xyz
2    104.21.71.32 (None, )

ASN13335 (CLOUDFLARENET, US)
asifiwoeryesterda.xyz
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2607:f8b0:4006:816::200d (Nutley, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
Apex Domain
Subdomains		 Transfer
21 rhabdomancer.com
rhabdomancer.com
2 MB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 76
1 KB
3 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2261
184 KB
2 asifiwoeryesterda.xyz
asifiwoeryesterda.xyz
819 B
2 ihavelearnat.xyz
ihavelearnat.xyz — Cisco Umbrella Rank: 650695
2 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 25602
101 KB
2 cloudfront.net
d3frqqoat98cng.cloudfront.net
54 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
34 8
Domain Requested by
21 rhabdomancer.com 1 redirects rhabdomancer.com
4 accounts.google.com 2 redirects rhabdomancer.com
3 upload.wikimedia.org rhabdomancer.com
2 asifiwoeryesterda.xyz rhabdomancer.com
2 ihavelearnat.xyz d3frqqoat98cng.cloudfront.net
2 pogothere.xyz d3frqqoat98cng.cloudfront.net
2 d3frqqoat98cng.cloudfront.net rhabdomancer.com
ihavelearnat.xyz
1 www.facebook.com rhabdomancer.com
34 8
Subject Issuer Validity Valid
rhabdomancer.com
R3		 2023-02-08 -
2023-05-09		 3 months crt.sh
*.wikipedia.org
R3		 2023-02-23 -
2023-05-24		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
ihavelearnat.xyz
Amazon RSA 2048 M02		 2023-02-23 -
2023-07-21		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-10		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://rhabdomancer.com/
Frame ID: 39330542B77F9B480B1B4F386ED0FB07
Requests: 32 HTTP requests in this frame

Frame: https://ihavelearnat.xyz/eTA0d1IYUlcabRgNVlEnC1wJUmA/FQYxNkpWRgYjFlFATmoaXlNZMRVfQRM0C19aA3wXVUBSYD9+ZxomMGIGQyI7c20fBy0EdzsaCWhSIT5MVgVGIThkRxgTPUBjMDtJCWQOMSh0U08iNncADRQ6BWMSFTxzfwAHD1VfECQ7Y0BBCktHfzsRL2RSHGJBfkMyOi9aAAUQKgBgPRYoVX0mBAx9U05hO1lXThAAaXw8BTNTcDFnFFQEA2YuAnUAEABhZD0oOFRWRj5Ne2YHJC5oXEUKFGJWFQooQ1ZGPk19dRQ5IWhMHgooWHsSPBpnUjFrEWlYD2Q6WhkQYThZDBQeKmVyPipARFAkOlwCciAaQEBsLyo2VVoTFTBheU8ZHnpCIAMNWWw/PTF5ZwAeGwFYQxs4Q0Q2ER1FZ0Q6G3tNTzEzYW0DCxVHeSA8FQNlPyI/Vmw5BRwAYkIxP1xCIAoeAHAOJTJ/XUIeHHMFTjY/XF8gGkxYc0Q2GBZeBD0XQAklOCpFeC8bGFNn
Frame ID: 00D9731738A7A625205899AA17599C35
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rhabdomancer the Game - Find what you desire.

Page URL History Show full URLs

  1. http://rhabdomancer.com/ HTTP 301
    https://rhabdomancer.com/ Page URL

Page Statistics

34
Requests

94 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

1955 kB
Transfer

2059 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rhabdomancer.com/ HTTP 301
    https://rhabdomancer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S319429489%3A1677849479507982&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfX5setZ8tVRDSBSuvpCoZP8sgm7R_3WT0ua3tB7SmM1QvrXK5cb3EhHYOweY23casAzjcY9w
Request Chain 30
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-100059816%3A1677849479508334&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHflccoqT8oqQrnjwOdLRHLSMnnlU3mKvvaQIyKqbaMn6fWUC9HK8JrH0Q7glIVpaQTiTFpj4A

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rhabdomancer.com/
Redirect Chain
  • http://rhabdomancer.com/
  • https://rhabdomancer.com/
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
6f0c2d3a7cd2c87e89804d865674da950cd3dd1de61fe4bc62dd89a99bdf0d04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-length
6536
content-type
text/html; charset=UTF-8
date
Fri, 03 Mar 2023 13:17:58 GMT
etag
W/"1988-184e170ade8"
last-modified
Mon, 05 Dec 2022 08:39:29 GMT
x-powered-by
Express

Redirect headers

Content-Length
17
Content-Type
text/plain; charset=utf-8
Date
Fri, 03 Mar 2023 13:17:58 GMT
Location
https://rhabdomancer.com/
about.b8869ce3.css
rhabdomancer.com/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rhabdomancer.com/about.b8869ce3.css
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
b59b72dcf9e181ce0768e1b4bed40f191deec03855a4ef8f1168736c144e2df7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:23 GMT
etag
W/"18ad-184630ec458"
x-powered-by
Express
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
6317
sd_manwithrod.93cec2f6.png
rhabdomancer.com/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/sd_manwithrod.93cec2f6.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
86e4f6ac1e9c793cf51e55cd84370a68f2412a2a421370291bb027251ae9d835

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:21 GMT
etag
W/"11e4a-184630ebc88"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
73290
sd_rodlocateonmap.607b0947.png
rhabdomancer.com/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/sd_rodlocateonmap.607b0947.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
34cafc0aab47b6f8b0a4ae25bdccfc26db624ffbf0edea4e1901a2ce6be20be8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:20 GMT
etag
W/"f2a5-184630eb8a0"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
62117
sd_astronautwithrod.9ba0afd3.png
rhabdomancer.com/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/sd_astronautwithrod.9ba0afd3.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
f74507f39c22eafb176d8d0beb67d0dc887a877d0d892abaaea69fd80a446632

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:23 GMT
etag
W/"a726-184630ec458"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
42790
sd_workersearchforoil.10f6df23.png
rhabdomancer.com/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/sd_workersearchforoil.10f6df23.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
718f842811bfbd8177a6ea37b2a45e83302f2d495b8cd4fd1074fe23b749f62d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:20 GMT
etag
W/"c691-184630eb8a0"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
50833
sd_ancientgreekrhabdomancer.6df7bed8.png
rhabdomancer.com/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/sd_ancientgreekrhabdomancer.6df7bed8.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
e9e94f60a1f7f704b0b611e1498b5da7a031cbe2dc057c6f398f60de966a57ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:21 GMT
etag
W/"b53f-184630ebc88"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
46399
512px-Allemanswiro.jpg
upload.wikimedia.org/wikipedia/commons/thumb/4/47/Allemanswiro.jpg/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/4/47/Allemanswiro.jpg/512px-Allemanswiro.jpg
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:860:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
67cefba0cb1bfde130946b50b0650dfb6f958e2580dad88cb1436372349f4340
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
0
x-cache-status
miss
x-cache
cp2032 miss, cp2036 miss
content-disposition
inline;filename*=UTF-8''Allemanswiro.jpg
server-timing
cache;desc="miss", host;desc="cp2036"
content-length
11390
x-client-ip
2602:ffc8:2:104::4
last-modified
Wed, 20 Apr 2022 08:09:51 GMT
server
ATS/9.1.4
etag
fb4589433cf396ce10e47468dd67085f
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
512px-English_Hazel_Dowsing_Rod_in_the_Horniman_Museum.jpg
upload.wikimedia.org/wikipedia/commons/thumb/6/6e/English_Hazel_Dowsing_Rod_in_the_Horniman_Museum.jpg/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/6/6e/English_Hazel_Dowsing_Rod_in_the_Horniman_Museum.jpg/512px-English_Hazel_Dowsing_Rod_in_the_Horniman_Museum.jpg
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:860:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
a2ba785ae16bc53ff3ba45baa2fca98c41ca40e606dbaa8844b134f2ad98e465
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
0
x-cache-status
miss
x-cache
cp2030 miss, cp2036 miss
server-timing
cache;desc="miss", host;desc="cp2036"
content-length
20196
x-client-ip
2602:ffc8:2:104::4
last-modified
Fri, 04 Dec 2020 18:41:01 GMT
server
ATS/9.1.4
etag
4312dbe07ccdabb80a883157d005dd76
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
Houten_wichelroede.jpg
upload.wikimedia.org/wikipedia/commons/e/ea/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/e/ea/Houten_wichelroede.jpg
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:860:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
9a65a95ddeda922f39e853f2d8e67e39d1ae9e9556180efe7d96ecbc717105cd
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
0
x-cache-status
miss
x-cache
cp2030 miss, cp2036 miss
server-timing
cache;desc="miss", host;desc="cp2036"
content-length
154303
x-client-ip
2602:ffc8:2:104::4
x-object-meta-sha1base36
fufddq0dsmrynxwz7lnni2k89007g6z
last-modified
Wed, 08 Oct 2014 22:48:24 GMT
server
ATS/9.1.4
etag
1c85807486ad86e292940a3293c9efff
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
contact.8e09e314.js
rhabdomancer.com/ 		148 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rhabdomancer.com/contact.8e09e314.js
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
b3c727d5f8ff07f6dc70fc89c70ac0ce5cf64c0dcb1fa3bdeeb1e32d0c01344b

Request headers

Referer
https://rhabdomancer.com/
Origin
https://rhabdomancer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:23 GMT
etag
W/"250a4-184630ec458"
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
151716
/
d3frqqoat98cng.cloudfront.net/ 		163 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3frqqoat98cng.cloudfront.net/?qqrfd=972183
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:2000:11:dbf3:c300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8e190d33a432416386262d22416456fbf144cedeb5969ffddd4432c2fa5be2c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 13:17:59 GMT
content-encoding
gzip
via
1.1 06d42d2d80190e168b9494192458b51a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
54245
x-amz-cf-id
JZej9ilOnNhSNFAZdiWTOH3P8-CkHR-BtAlqjEPvlDRF9xlVWIX4Vg==
templatemo_bg_top.0717e1ec.png
rhabdomancer.com/ 		437 KB
438 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_bg_top.0717e1ec.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
3167a2d627a37b8740d676bc97869a3957f821d8b0a3a32a4494dc351165104a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:23 GMT
etag
W/"6d4c9-184630ec458"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
447689
templatemo_bg_bottom.d4916287.png
rhabdomancer.com/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_bg_bottom.d4916287.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
37a28c5db2a399f93ae08d61127daffcd3e90b16fa87189306b505b1e46a7403

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:20 GMT
etag
W/"248d8-184630eb8a0"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
149720
templatemo_menu.4fcc897b.png
rhabdomancer.com/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_menu.4fcc897b.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
5c0a96337d53b2e98609913165981816ace2a1eca39508e9afc3be0091ebb17e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:21 GMT
etag
W/"1d0e5-184630ebc88"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
119013
templatemo_menu_divider.2afd4b37.png
rhabdomancer.com/ 		190 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_menu_divider.2afd4b37.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
4bc13d2d72022fe19716de72e339c4ff39015455a0e6bc326c673cf1f5cf71b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:20 GMT
etag
W/"be-184630eb8a0"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
190
templatemo_menu_hover.8df707ef.png
rhabdomancer.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_menu_hover.8df707ef.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
20623ff3c7002e9bf5b6b4df26821a534c8212dd7827ddc20fa38fbcdd84581b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:23 GMT
etag
W/"6ec-184630ec458"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1772
templatemo_header.5c8e10a2.png
rhabdomancer.com/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_header.5c8e10a2.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
43a06696008ad6a3df6bf791d89d1c19a2f401a8d73095bfcb827124a1848400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:20 GMT
etag
W/"2bb66-184630eb8a0"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
179046
rhabdomancer_logo.6b9e9a74.png
rhabdomancer.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/rhabdomancer_logo.6b9e9a74.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
8bfad914fdb9b4687f89d1b434f025bf0137a81594b8bd9638e51adf8ef0a64b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:21 GMT
etag
W/"5bcd-184630ebc88"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
23501
templatemo_main.e27f3856.png
rhabdomancer.com/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_main.e27f3856.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
91465e5ba0fdf2db870cd88a27c7a00cc08c78c93ba334b633824c47a0c15ee2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:20 GMT
etag
W/"195f7-184630eb8a0"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
103927
templatemo_hr2.9f7c2505.png
rhabdomancer.com/ 		675 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_hr2.9f7c2505.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
03ebadc258a90d4dfe41071f3d68a4f5295be88ff7820000ce9eb9dfb35485a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:20 GMT
etag
W/"2a3-184630eb8a0"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
675
templatemo_login.049121a5.png
rhabdomancer.com/ 		761 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_login.049121a5.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
9f3638fc296d6157d0929cf80095df8298aee41daacc96e2051d5ac904f48505

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:20 GMT
etag
W/"2f9-184630eb8a0"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
761
templatemo_hr1.d1fc51bd.png
rhabdomancer.com/ 		542 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_hr1.d1fc51bd.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
39842982e41ba97fb3695d4681cb13a4129c12385c073b3bde075c9ceb80f579

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:21 GMT
etag
W/"21e-184630ebc88"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
542
templatemo_main_bottom.0e6b65d8.png
rhabdomancer.com/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rhabdomancer.com/templatemo_main_bottom.0e6b65d8.png
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/about.b8869ce3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.154.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.154.119.168.skarvelis.gr
Software
/ Express
Resource Hash
559c887f6862b262425682b24553765c7b50aa5eaf185ac36fd7e1c8db697b7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/about.b8869ce3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
last-modified
Thu, 10 Nov 2022 19:40:23 GMT
etag
W/"2c7f7-184630ec458"
x-powered-by
Express
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
182263
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3frqqoat98cng.cloudfront.net
URL: https://d3frqqoat98cng.cloudfront.net/?qqrfd=972183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Mar 2023 13:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://rhabdomancer.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2F5%2BewfGv6XOf%2Fyq0rfI8Dhcb98TROvWbTVlApxytzoKSfL%2B30R1DylrmAJT2EoQ%2F393lW3%2BMV3Uz5%2FmqSMDkhk04VrwFum8RgIzuLkcsgp6QPwtY9PhXt5%2FSAn8HqJT"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7a2229ae8c33c413-EWR
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		27 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3frqqoat98cng.cloudfront.net
URL: https://d3frqqoat98cng.cloudfront.net/?qqrfd=972183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f386fc5d25ddafe52f4cc088feaf74275447ba7cae287bae9163447ad6531c86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvI6YCTFJDNowOhMLf9TMRLWwDKZE5vKMq1f9px9xhiigDvWVWr4NF7SCx8p58Oa6TTlHQjjmDVfKaPx8oUeB9TEn2o2qcUponm5spz%2B75UZ3QAsyd5FSVfGoli0%2BjgA"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://rhabdomancer.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7a2229ae9c36c413-EWR
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
ihavelearnat.xyz/ 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ihavelearnat.xyz/utx?cb=j0MdqZAgoGxY&top=rhabdomancer.com&tid=972183
Requested by
Host: d3frqqoat98cng.cloudfront.net
URL: https://d3frqqoat98cng.cloudfront.net/?qqrfd=972183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-25.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 13:17:59 GMT
via
1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://rhabdomancer.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
ZQmV6g7k2ovQRvWbqXsqVYGDof-TAg9YAQWfUw1VPzwQ3aVJGRV4vg==
XF8gGkxYc0Q2GBZeBD0XQAklOCpFeC8bGFNn
ihavelearnat.xyz/eTA0d1IYUlcabRgNVlEnC1wJUmA/FQYxNkpWRgYjFlFATmoaXlNZMRVfQRM0C19aA3wXVUBSYD9+ZxomMGIGQyI7c20fBy0EdzsaCWhSIT5MVgVGIThkRxgTPUBjMDtJCWQOMSh0U08iNncADRQ6BWMSFTxzfwAHD1VfECQ7Y0BBCktHfzsR... Frame 00D9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ihavelearnat.xyz/eTA0d1IYUlcabRgNVlEnC1wJUmA/FQYxNkpWRgYjFlFATmoaXlNZMRVfQRM0C19aA3wXVUBSYD9+ZxomMGIGQyI7c20fBy0EdzsaCWhSIT5MVgVGIThkRxgTPUBjMDtJCWQOMSh0U08iNncADRQ6BWMSFTxzfwAHD1VfECQ7Y0BBCktHfzsRL2RSHGJBfkMyOi9aAAUQKgBgPRYoVX0mBAx9U05hO1lXThAAaXw8BTNTcDFnFFQEA2YuAnUAEABhZD0oOFRWRj5Ne2YHJC5oXEUKFGJWFQooQ1ZGPk19dRQ5IWhMHgooWHsSPBpnUjFrEWlYD2Q6WhkQYThZDBQeKmVyPipARFAkOlwCciAaQEBsLyo2VVoTFTBheU8ZHnpCIAMNWWw/PTF5ZwAeGwFYQxs4Q0Q2ER1FZ0Q6G3tNTzEzYW0DCxVHeSA8FQNlPyI/Vmw5BRwAYkIxP1xCIAoeAHAOJTJ/XUIeHHMFTjY/XF8gGkxYc0Q2GBZeBD0XQAklOCpFeC8bGFNn
Requested by
Host: d3frqqoat98cng.cloudfront.net
URL: https://d3frqqoat98cng.cloudfront.net/?qqrfd=972183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-25.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
6c96696df19dd94ac840dd4e5cd9424942ed7150735311b69b9caeecbc9ead26

Request headers

Referer
https://rhabdomancer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1234
content-type
text/html
date
Fri, 03 Mar 2023 13:17:59 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
x-amz-cf-id
qKBOX2N8nQAk0HRVcSuIYk7r7PDhEOTLf-i23DIL-Q1y1tw_2GA-Ig==
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
/
asifiwoeryesterda.xyz/SXE3b0JmTlQcfx8cfRUQAQFbOQcfCGQCFBojbzUGKx19KiZ5HhEbKy1MDlhweEkESTIgFQpeZDoFVhs3OkwGSSsnF1hSZD9MBkFxfV8EXWx4V0JSc28FRw4ldEARHzY9HQpedH5GD1t7fUYOXHV/ 		0
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asifiwoeryesterda.xyz/SXE3b0JmTlQcfx8cfRUQAQFbOQcfCGQCFBojbzUGKx19KiZ5HhEbKy1MDlhweEkESTIgFQpeZDoFVhs3OkwGSSsnF1hSZD9MBkFxfV8EXWx4V0JSc28FRw4ldEARHzY9HQpedH5GD1t7fUYOXHV/
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcX57QUOxDrrxxQmEFt%2BCg9wbXInMnO16lF0AgW3RfSUuoi2AxrFqbDEv%2FBWXM8f5zMeaPYBWxnGvM%2BlXrZoyml5OQldK6WPMDqVCNWvdrD2d5LAiLPC7gkYa45WWNTtf4OhEX2hqNA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a2229aec9c93354-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/v3/signin/identifier?dsh=S319429489%3A1677849479507982&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S319429489%3A1677849479507982&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfX5setZ8tVRDSBSuvpCoZP8sgm7R_3WT0ua3tB7SmM1QvrXK5cb3EhHYOweY23casAzjcY9w
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Server
2607:f8b0:4006:816::200d Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date
Fri, 03 Mar 2023 13:17:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-93iY4NQaMlv6bZULp1D42g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
388
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S319429489%3A1677849479507982&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfX5setZ8tVRDSBSuvpCoZP8sgm7R_3WT0ua3tB7SmM1QvrXK5cb3EhHYOweY23casAzjcY9w
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S-100059816%3A1677849479508334&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-100059816%3A1677849479508334&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHflccoqT8oqQrnjwOdLRHLSMnnlU3mKvvaQIyKqbaMn6fWUC9HK8JrH0Q7glIVpaQTiTFpj4A
Requested by
Host: rhabdomancer.com
URL: https://rhabdomancer.com/
Protocol
H2
Server
2607:f8b0:4006:816::200d Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date
Fri, 03 Mar 2023 13:17:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-o4WSuI3l7e6wqHhMi28x7Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
393
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-100059816%3A1677849479508334&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHflccoqT8oqQrnjwOdLRHLSMnnlU3mKvvaQIyKqbaMn6fWUC9HK8JrH0Q7glIVpaQTiTFpj4A
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
WH9pXXxOendGIQM8KgJvWQtiXHoHISwLb1l4IAspACduS3hbKy8cJQYtYlwMWnl3QHpFfXNWe0V5cFlvWXg0DywKOi5LeC19dFlkWH5hG3da
d3frqqoat98cng.cloudfront.net/NSmtIR24pBCYhUT4CLHpXfVl5f11sATsoADpWGi09PycQDg8pOG4zFC5WeGECKwUvekgvBSt6X2wKLCVTfk08NwEhVj4rBS0TJDQeIQVuMg93Bic9ByYHKWJcDF5md0t4W2AwByQPJzAdb1l4KRpvWXh2XmRbbXQsb1l4MA... Frame 00D9 		686 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3frqqoat98cng.cloudfront.net/NSmtIR24pBCYhUT4CLHpXfVl5f11sATsoADpWGi09PycQDg8pOG4zFC5WeGECKwUvekgvBSt6X2wKLCVTfk08NwEhVj4rBS0TJDQeIQVuMg93Bic9ByYHKWJcDF5md0t4W2AwByQPJzAdb1l4KRpvWXh2XmRbbXQsb1l4MAckXXxiXQhOencWfF9hYlx6Cj-g3Ai8cLSUFIx9tdSh/WH9pXXxOendGIQM8KgJvWQtiXHoHISwLb1l4IAspACduS3hbKy8cJQYtYlwMWnl3QHpFfXNWe0V5cFlvWXg0DywKOi5LeC19dFlkWH5hG3da
Requested by
Host: ihavelearnat.xyz
URL: https://ihavelearnat.xyz/eTA0d1IYUlcabRgNVlEnC1wJUmA/FQYxNkpWRgYjFlFATmoaXlNZMRVfQRM0C19aA3wXVUBSYD9+ZxomMGIGQyI7c20fBy0EdzsaCWhSIT5MVgVGIThkRxgTPUBjMDtJCWQOMSh0U08iNncADRQ6BWMSFTxzfwAHD1VfECQ7Y0BBCktHfzsRL2RSHGJBfkMyOi9aAAUQKgBgPRYoVX0mBAx9U05hO1lXThAAaXw8BTNTcDFnFFQEA2YuAnUAEABhZD0oOFRWRj5Ne2YHJC5oXEUKFGJWFQooQ1ZGPk19dRQ5IWhMHgooWHsSPBpnUjFrEWlYD2Q6WhkQYThZDBQeKmVyPipARFAkOlwCciAaQEBsLyo2VVoTFTBheU8ZHnpCIAMNWWw/PTF5ZwAeGwFYQxs4Q0Q2ER1FZ0Q6G3tNTzEzYW0DCxVHeSA8FQNlPyI/Vmw5BRwAYkIxP1xCIAoeAHAOJTJ/XUIeHHMFTjY/XF8gGkxYc0Q2GBZeBD0XQAklOCpFeC8bGFNn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:2000:11:dbf3:c300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
630cdc9d0a1215ab4b49f7b3010742e13b371007f7f7ffe4ce612c88bd4404a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ihavelearnat.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:17:59 GMT
content-encoding
gzip
via
1.1 06d42d2d80190e168b9494192458b51a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
504
x-amz-cf-id
GOyynB2qjwM-NC1r1UA-mvL6vFIKxIRy03t7KnTxrE4MzpsB0bNUtw==
popunder.gif
asifiwoeryesterda.xyz/ 		35 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asifiwoeryesterda.xyz/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rhabdomancer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
public
date
Fri, 03 Mar 2023 13:17:59 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 19:54:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
62595
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKTh%2Fa7Dt5%2BMLENPeFU6Gg7atSTob6XvMQO8TQEtcAikatSk6GKNz4qThJNbpMfZyv0dz4Nl4V23j8G5CgHNqBLngN3uYq925v%2BfBZQ1ZC7m5rB%2BMxw3ksdjMjUqbxHMC70iU4rJoos%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7a2229b11cec3354-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| LAST_CORRECT_EVENT_TIME object| utr_972183 number| userTrackingInterval number| _318155915 function| parcelRequire94c2 number| iinf

1 Cookies

Domain/Path Name / Value
pogothere.xyz/ Name: csu
Value: 1714116978612934@1@1677849479

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S319429489%3A1677849479507982&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfX5setZ8tVRDSBSuvpCoZP8sgm7R_3WT0ua3tB7SmM1QvrXK5cb3EhHYOweY23casAzjcY9w
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-100059816%3A1677849479508334&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHflccoqT8oqQrnjwOdLRHLSMnnlU3mKvvaQIyKqbaMn6fWUC9HK8JrH0Q7glIVpaQTiTFpj4A
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
asifiwoeryesterda.xyz
d3frqqoat98cng.cloudfront.net
ihavelearnat.xyz
pogothere.xyz
rhabdomancer.com
upload.wikimedia.org
www.facebook.com
104.21.71.32
13.33.60.25
168.119.154.47
172.64.132.29
2600:9000:23ca:2000:11:dbf3:c300:21
2607:f8b0:4006:816::200d
2620:0:860:ed1a::2:b
2a03:2880:f112:83:face:b00c:0:25de
03ebadc258a90d4dfe41071f3d68a4f5295be88ff7820000ce9eb9dfb35485a9
20623ff3c7002e9bf5b6b4df26821a534c8212dd7827ddc20fa38fbcdd84581b
3167a2d627a37b8740d676bc97869a3957f821d8b0a3a32a4494dc351165104a
34cafc0aab47b6f8b0a4ae25bdccfc26db624ffbf0edea4e1901a2ce6be20be8
37a28c5db2a399f93ae08d61127daffcd3e90b16fa87189306b505b1e46a7403
39842982e41ba97fb3695d4681cb13a4129c12385c073b3bde075c9ceb80f579
43a06696008ad6a3df6bf791d89d1c19a2f401a8d73095bfcb827124a1848400
4bc13d2d72022fe19716de72e339c4ff39015455a0e6bc326c673cf1f5cf71b0
559c887f6862b262425682b24553765c7b50aa5eaf185ac36fd7e1c8db697b7f
5c0a96337d53b2e98609913165981816ace2a1eca39508e9afc3be0091ebb17e
630cdc9d0a1215ab4b49f7b3010742e13b371007f7f7ffe4ce612c88bd4404a9
67cefba0cb1bfde130946b50b0650dfb6f958e2580dad88cb1436372349f4340
6c96696df19dd94ac840dd4e5cd9424942ed7150735311b69b9caeecbc9ead26
6f0c2d3a7cd2c87e89804d865674da950cd3dd1de61fe4bc62dd89a99bdf0d04
718f842811bfbd8177a6ea37b2a45e83302f2d495b8cd4fd1074fe23b749f62d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86e4f6ac1e9c793cf51e55cd84370a68f2412a2a421370291bb027251ae9d835
8bfad914fdb9b4687f89d1b434f025bf0137a81594b8bd9638e51adf8ef0a64b
8e190d33a432416386262d22416456fbf144cedeb5969ffddd4432c2fa5be2c5
91465e5ba0fdf2db870cd88a27c7a00cc08c78c93ba334b633824c47a0c15ee2
9a65a95ddeda922f39e853f2d8e67e39d1ae9e9556180efe7d96ecbc717105cd
9f3638fc296d6157d0929cf80095df8298aee41daacc96e2051d5ac904f48505
a2ba785ae16bc53ff3ba45baa2fca98c41ca40e606dbaa8844b134f2ad98e465
b3c727d5f8ff07f6dc70fc89c70ac0ce5cf64c0dcb1fa3bdeeb1e32d0c01344b
b59b72dcf9e181ce0768e1b4bed40f191deec03855a4ef8f1168736c144e2df7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e94f60a1f7f704b0b611e1498b5da7a031cbe2dc057c6f398f60de966a57ae
f386fc5d25ddafe52f4cc088feaf74275447ba7cae287bae9163447ad6531c86
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f74507f39c22eafb176d8d0beb67d0dc887a877d0d892abaaea69fd80a446632