Submitted URL: https://deleiaek.shop/?s=hm7fa2btav&p=1
Effective URL: https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH
Submission: On December 15 via manual from AU — Scanned from IT

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3034::ac43:c3ac, located in United States and belongs to CLOUDFLARENET, US. The main domain is tpcofeh.zeodkg.sa.com.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time tpcofeh.zeodkg.sa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.96.1 13335 (CLOUDFLAR...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
13 142.250.185.195 15169 (GOOGLE)
29 4
Apex Domain
Subdomains
Transfer
13 gstatic.com
fonts.gstatic.com
212 KB
10 sa.com
tpcofeh.zeodkg.sa.com
1 MB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
6 KB
1 deleiaek.shop
deleiaek.shop
823 B
29 4
Domain Requested by
13 fonts.gstatic.com fonts.googleapis.com
10 tpcofeh.zeodkg.sa.com tpcofeh.zeodkg.sa.com
6 fonts.googleapis.com tpcofeh.zeodkg.sa.com
1 deleiaek.shop 1 redirects
29 4

This site contains no links.

Subject Issuer Validity Valid
zeodkg.sa.com
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH
Frame ID: B30DCDEDDA5C15679D40EAFDCF891413
Requests: 38 HTTP requests in this frame

Screenshot

Page Title

.

Page URL History Show full URLs

  1. https://deleiaek.shop/?s=hm7fa2btav&p=1 HTTP 302
    https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH Page URL

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1359 kB
Transfer

3265 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://deleiaek.shop/?s=hm7fa2btav&p=1 HTTP 302
    https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tpcofeh.zeodkg.sa.com/
Redirect Chain
  • https://deleiaek.shop/?s=hm7fa2btav&p=1
  • https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH
3 KB
2 KB
Document
General
Full URL
https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb988ab003a3395e63b413358fa6806899d03a59d4e52e250cefe17c37db01b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f23ded78dd4ba99-MXP
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 15 Dec 2024 05:00:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZT6xS3dIhVKG1L5i5dJE5dHOagimiampj5rq3SEbPQUx6%2FqQiUhWqPiMB4WrV7HTvKz4DpRhbJx%2BX%2BTNwoIdZ1934Fj7BqMVc6B5A2XLKBwACG7He0RsiTjknXl1lYhx5WxLOm3AqCzIlkqv%2FXmy6HloXw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=21360&min_rtt=21254&rtt_var=3462&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4008&recv_bytes=2381&delivery_rate=180901&cwnd=253&unsent_bytes=0&cid=4d1525c5385e0de5&ts=234&x=0"

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f23ded3ec25d291-FRA
content-length
0
content-type
application/json
date
Sun, 15 Dec 2024 05:00:31 GMT
location
https://tpcofeh.zeodkg.sa.com?clickId=HFACcTJCr3qODHH
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rp6LcxNFr%2FAgP3kainPiJU13DOW3u3F2oHLYg9Jf8C21Bs8UkwoHd%2BHnwYjQs68M9yzkjYkSTzXdqGMR%2F2QxtMLYME8J%2FZow6LQEzInXMQu35xQs4DNJ5bo4e6TkJac"}],"group":"cf-nel","max_age":604800}
server
cloudflare
deerham.js
tpcofeh.zeodkg.sa.com/
3 MB
978 KB
Script
General
Full URL
https://tpcofeh.zeodkg.sa.com/deerham.js?1=1
Requested by
Host: tpcofeh.zeodkg.sa.com
URL: https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef53f16fa3bff93f11f7a1644cc357703e1607e0b2955d87df70cfe35e6a0660

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6751fa61-2b0065"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spflrvZ4sIRXC0H9i2%2BgeHxZz204Lrph1YwjxhJiLWmLxDoLRxr6FeRJkKA22k3HCTw3fOw0qVBmreEZoAhq14v5J0i1gaYingkWbtBnfc8kWpur6XSTEKRU5258GlSSKjG%2F6P%2FXW0eM9a3y%2FwI36ynkSZM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23ded90e48ba99-MXP
server-timing
cfL4;desc="?proto=TCP&rtt=21455&min_rtt=21254&rtt_var=454&sent=26&recv=21&lost=0&retrans=0&sent_bytes=17795&recv_bytes=2601&delivery_rate=717367&cwnd=257&unsent_bytes=0&cid=4d1525c5385e0de5&ts=342&x=0"
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 05 Dec 2024 19:09:21 GMT
vary
Accept-Encoding
server
cloudflare
tutto.css
tpcofeh.zeodkg.sa.com/
40 KB
11 KB
Stylesheet
General
Full URL
https://tpcofeh.zeodkg.sa.com/tutto.css
Requested by
Host: tpcofeh.zeodkg.sa.com
URL: https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edbb6181e4fded15f036c46baddcb34261d38a05a360a4310b4a15ff263cd0c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/?clickId=HFACcTJCr3qODHH

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67348778-9ea0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXUnGJJV%2BIUK%2FW0rYpeKHgxxL4ZBZlQz0EXt2hoALuk1yvRBBBTsKnr%2B0AHPaexRQXhdY7LweyX23AC618YgmKmGuA0G47LV978WAUtXOuP7e594uUTeOVvcX3N7oSYD8spWxE9iI3VnS63%2FiovFuEjtvtI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23ded90e47ba99-MXP
server-timing
cfL4;desc="?proto=TCP&rtt=21402&min_rtt=21254&rtt_var=2020&sent=13&recv=15&lost=0&retrans=0&sent_bytes=6356&recv_bytes=2601&delivery_rate=240575&cwnd=257&unsent_bytes=0&cid=4d1525c5385e0de5&ts=320&x=0"
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 11:03:20 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
15 KB
961 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: tpcofeh.zeodkg.sa.com
URL: https://tpcofeh.zeodkg.sa.com/tutto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee60cce35b32a3c5a31934464b55120718b6c0cf8a888ffa09bd44645305392d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 05:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 05:00:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
51 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Requested by
Host: tpcofeh.zeodkg.sa.com
URL: https://tpcofeh.zeodkg.sa.com/tutto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f274d1dfaeba739f49e99a9f14d42d933f21e12ff480acbc256b1a1b5c017cb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 05:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 05:00:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
9 KB
668 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Golos+Text:wght@400;500;600;700;800;900&display=swap
Requested by
Host: tpcofeh.zeodkg.sa.com
URL: https://tpcofeh.zeodkg.sa.com/tutto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c290c7a6c50bee0ec313a40293b1ce9535544673d67fc591af9fae75c94d7083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 05:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 05:00:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
1 KB
967 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Tilt+Warp&display=swap
Requested by
Host: tpcofeh.zeodkg.sa.com
URL: https://tpcofeh.zeodkg.sa.com/tutto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5c838f9cb5658bdc4a7f2e3cebb6f47f5730d78f71dfa2c6619776aa21bd919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 05:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 05:00:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
1 KB
572 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Alfa+Slab+One&display=swap
Requested by
Host: tpcofeh.zeodkg.sa.com
URL: https://tpcofeh.zeodkg.sa.com/tutto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db23d1bc80aed22d4dcb0e6b80922ecefc973bc8d1b0533d393111f439f36284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 05:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 04:55:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
863 B
466 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Concert+One&display=swap
Requested by
Host: tpcofeh.zeodkg.sa.com
URL: https://tpcofeh.zeodkg.sa.com/tutto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9ea74478165d7d08eaca563cea68641ec6256eab30f00d7ae62d73518fbd4e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 05:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 05:00:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
237952
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 10:54:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 10:54:39 GMT
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19740
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
417034
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:09:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:09:57 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9780
x-xss-protection
0
server
sffe
q5uCsoe9Lv5t7Meb31EcExd8hLxR.woff2
fonts.gstatic.com/s/golostext/v4/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/golostext/v4/q5uCsoe9Lv5t7Meb31EcExd8hLxR.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Golos+Text:wght@400;500;600;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
6ad0aea716bc2c1034acfc8f49e8f506ec4d1d3e7c3b6d85c0debab740423754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
62359
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:41:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:41:12 GMT
last-modified
Mon, 20 Mar 2023 22:38:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21840
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
308405
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 15:20:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:20:26 GMT
last-modified
Thu, 01 Aug 2024 20:41:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18436
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
417233
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:06:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:06:38 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9852
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
62423
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
ec999ab71cbb6beb7e10406b0d6910c32b5079b7def5722662d2915cf3a54677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
465564
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 19:41:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 19:41:07 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9964
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
443866
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
fonts.gstatic.com/s/roboto/v32/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
2e542495db1666774ba22396a147363cc046caa27ac182bb6b73baff1d7a6bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
417691
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 08:59:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 08:59:00 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10492
x-xss-protection
0
server
sffe
q5uCsoe9Lv5t7Meb31EcExN8hA.woff2
fonts.gstatic.com/s/golostext/v4/
36 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/golostext/v4/q5uCsoe9Lv5t7Meb31EcExN8hA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Golos+Text:wght@400;500;600;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
9339a32f4f7ee6222364dba62d3c587179015d77c042751debef03ba33eef8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
338794
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 06:53:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 06:53:57 GMT
last-modified
Mon, 20 Mar 2023 22:41:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36380
x-xss-protection
0
server
sffe
u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
6eedf7e6d72d844f2c64732129b7112906137772ef9e5654d6f668295ce816a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
62353
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:41:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:41:18 GMT
last-modified
Tue, 26 Apr 2022 15:45:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14652
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3abee1c50f8647f9b9e3ed2cf033c5f1324f506501e8075ccb53ff393e93e36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
307267
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 15:39:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:39:24 GMT
last-modified
Thu, 01 Aug 2024 20:41:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9916
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tpcofeh.zeodkg.sa.com
Referer
https://fonts.googleapis.com/

Response headers

age
306595
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 15:50:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:50:36 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
truncated
/
10 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f256a99580665acc00d91f2107efdfaa47093f043ca3cde967cc122b521e2f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
lticket.3ee18e35d0a8211c8617.png
tpcofeh.zeodkg.sa.com/static/media/
26 KB
26 KB
Image
General
Full URL
https://tpcofeh.zeodkg.sa.com/static/media/lticket.3ee18e35d0a8211c8617.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be3d87ca8effe1ade7eb46707b01c14a4999bfd075b078991b396e28f82ea17c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"668c41e8-6715"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66vobc0o4%2FZgIXTOaSuok23CH0KSdkINf8K3MJmWLnjGsHRVT9tXVnKSLmEPdpr7hh0wj5N5h%2BteYByO9cus%2F%2FGkOkWdpKsGZdXIdl%2Fkg7UeOfOK9G9iZ7T8BjgbUEbY7n3HfKLCa3zqGqY7Hq0XZaVQXVY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23dedb4ee1ba99-MXP
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=24146&min_rtt=21254&rtt_var=670&sent=855&recv=435&lost=0&retrans=0&sent_bytes=1048065&recv_bytes=3386&delivery_rate=20994174&cwnd=865&unsent_bytes=0&cid=4d1525c5385e0de5&ts=707&x=0"
content-length
26389
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
image/png
last-modified
Mon, 08 Jul 2024 19:45:44 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
638 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ba40743619bfc37a8f19ecd1beb679aad75d44c760d1cd0a6874a5d6551814b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
164a410eed7f7e958148973fa3ea2b9695add18a71c8a8e140861c9f16321545

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
spin.590e65237a41413735bd8e0d2b085e26.svg
tpcofeh.zeodkg.sa.com/static/media/
3 KB
1009 B
Image
General
Full URL
https://tpcofeh.zeodkg.sa.com/static/media/spin.590e65237a41413735bd8e0d2b085e26.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd009e1ae380b5c3d222c0c4c383f7acaeaf3acabfa680d13c9e3078df4c74e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6480fe88-bd9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xY602GlURSssoWyo0MMudlCAJznCxUs9zNH6Tgt%2FW4gDOqRrnLgklf1GOg796BAs%2BtGupaCErsyZVs%2Bb4f7sOw%2FjwwWLAub%2FjPRnI6O0i9gpNKiqdmtDmRFaRXfThhgW%2FtONwMFbt73vYOI1KHVLwDBHAhg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23dedb4ee2ba99-MXP
server-timing
cfL4;desc="?proto=TCP&rtt=25980&min_rtt=21254&rtt_var=474&sent=824&recv=430&lost=0&retrans=0&sent_bytes=1022075&recv_bytes=3386&delivery_rate=20994174&cwnd=856&unsent_bytes=0&cid=4d1525c5385e0de5&ts=681&x=0"
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
image/svg+xml
last-modified
Wed, 07 Jun 2023 22:02:48 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
311 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44cd27d9723c6601f4f2aef3909ed5110b4dd415515ca272330b7493abfa8bc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
395 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bbb3b2e7dca2294b98116b7a3279848a2df2ba75ac9b58c69e76e2ff0b02676

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
w1.jpg
tpcofeh.zeodkg.sa.com/img/people/
5 KB
6 KB
Image
General
Full URL
https://tpcofeh.zeodkg.sa.com/img/people/w1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f8f6ee463027dbf645d12f2e48513745ed2e4c889d9d5bb39cdf8efd2194115

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"668c41e0-1439"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmzM0I5ocuP0nlqhCAuq6likXCK6PiaG57cMkjo2bm2Q7RiU2dnI5MpA%2BCm2gfzB0VG0hVLMOYLVJHDLFL7y3BmTVfc%2FpNv5H%2F9emsbnQADVm2sfooErecj6IbijAWOJUKu8I1cdC55BXUef8oj70rJ1RLY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23dedb4ee3ba99-MXP
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=25980&min_rtt=21254&rtt_var=474&sent=827&recv=430&lost=0&retrans=0&sent_bytes=1023150&recv_bytes=3386&delivery_rate=20994174&cwnd=856&unsent_bytes=0&cid=4d1525c5385e0de5&ts=683&x=0"
content-length
5177
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
image/jpeg
last-modified
Mon, 08 Jul 2024 19:45:36 GMT
vary
Accept-Encoding
server
cloudflare
appimg.2a1f8380c51d99af1060.png
tpcofeh.zeodkg.sa.com/static/media/
98 KB
99 KB
Image
General
Full URL
https://tpcofeh.zeodkg.sa.com/static/media/appimg.2a1f8380c51d99af1060.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07431f0614c5ea40612dfad62e13be05dc96ed5cc0b3b3a8bcfbaba669509c27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"668c41e8-18926"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qwv2qWk%2BWQVkj5waiSkpqs301Zs0cmtpFlz8gtitRW1DCgr%2BISFvaf5EYxApGkop%2BSg9TNoc4xMiqS5%2FCbF9OHp41%2F725ApcFGLgWWidLyjLf8N%2BtQ%2FBJUIDsngUttMloBCWLIQ%2BTA2HleuFn09Bx1pBfUY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23dedb4ee6ba99-MXP
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=24146&min_rtt=21254&rtt_var=670&sent=877&recv=435&lost=0&retrans=0&sent_bytes=1075036&recv_bytes=3386&delivery_rate=20994174&cwnd=869&unsent_bytes=0&cid=4d1525c5385e0de5&ts=726&x=0"
content-length
100646
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
image/png
last-modified
Mon, 08 Jul 2024 19:45:44 GMT
vary
Accept-Encoding
server
cloudflare
avast.7256a078a8fd7587081d.png
tpcofeh.zeodkg.sa.com/static/media/
15 KB
15 KB
Image
General
Full URL
https://tpcofeh.zeodkg.sa.com/static/media/avast.7256a078a8fd7587081d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d8866bb95d21ca2d5075f0d9962a69eeac1c949f5bde810b593ccd6f50e13f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"668c41e8-3b36"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNI4VkJV9kW0xjLDV%2BGuTOnjgPK90svqFH5kJjQXli5ZXsocHpLfnBuUbZ9xy7CO6%2FBDik5Fsa7kmMs4wltVbU4tjjD5WVlz8FXfup0FIqyVG5r4qTvS1lqPJ%2BgAoy8ruLgKfER0%2BaVIl%2Bon%2FZDYAWNlQ5U%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23dedb4ee7ba99-MXP
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=24163&min_rtt=21254&rtt_var=850&sent=837&recv=434&lost=0&retrans=0&sent_bytes=1030132&recv_bytes=3386&delivery_rate=20994174&cwnd=865&unsent_bytes=0&cid=4d1525c5385e0de5&ts=705&x=0"
content-length
15158
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
image/png
last-modified
Mon, 08 Jul 2024 19:45:44 GMT
vary
Accept-Encoding
server
cloudflare
vk-1.1092f30285a35fe6d4a8a4104d7cc075.svg
tpcofeh.zeodkg.sa.com/static/media/
1 KB
1 KB
Image
General
Full URL
https://tpcofeh.zeodkg.sa.com/static/media/vk-1.1092f30285a35fe6d4a8a4104d7cc075.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d357528aaca4da04e7fd1058dced8c490a6abf6855db15ca19689c32bff84d73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6480fe88-470"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SB3TWo%2B831FMsamWaP%2B%2FGiKjaOZ5khtIXUU5n245SE2dfqX%2FOd%2FLxebuyPmPybqhOcxwLeL97M1hB9DibwRn4kuR%2F7fB4Bo2E9L2OIZ6NosI40SfqVNQnvHRK9AWBmSf2Dx0Z9rqS%2FuFjBJPW2yf5jfLOxc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23dedb4ee8ba99-MXP
server-timing
cfL4;desc="?proto=TCP&rtt=25980&min_rtt=21254&rtt_var=474&sent=834&recv=430&lost=0&retrans=0&sent_bytes=1028890&recv_bytes=3386&delivery_rate=20994174&cwnd=856&unsent_bytes=0&cid=4d1525c5385e0de5&ts=685&x=0"
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
image/svg+xml
last-modified
Wed, 07 Jun 2023 22:02:48 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76654a4abe5b7c6c0fbce20f56f197a9dc45a22269fe9203a0ee80f2a302054f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1301edbe05902bf6b864088bad7d93e72576a80cac8a2e99c4bceb1a15c8a196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cbb003d23deafc82ada2a0fa75bc861cbfcddab8da9ea9a0862eddd3c3daa53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3323e1b4c2f36162a09aa431549aee6a4f2ef012ba5d795c7c05652a662a512

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
favicon.ico
tpcofeh.zeodkg.sa.com/
3 KB
2 KB
Other
General
Full URL
https://tpcofeh.zeodkg.sa.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c3ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb988ab003a3395e63b413358fa6806899d03a59d4e52e250cefe17c37db01b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tpcofeh.zeodkg.sa.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk%2FcBRfrbOWXr2G5moY59lKF4OwKjC7UqCn5ZvRfEuBSpiMWpflqSDe9iEHYRMR74yj0fOVyVKqHP%2BzBwAtWeajtjX%2F4plg1hWKjHdfOdbAD991eUHcjHbm%2F8RRUFAK2zrCu77rKMEM9rGTkDkmEMwWX05I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23dedb6eecba99-MXP
server-timing
cfL4;desc="?proto=TCP&rtt=24163&min_rtt=21254&rtt_var=850&sent=851&recv=434&lost=0&retrans=0&sent_bytes=1045904&recv_bytes=3386&delivery_rate=20994174&cwnd=865&unsent_bytes=0&cid=4d1525c5385e0de5&ts=706&x=0"
date
Sun, 15 Dec 2024 05:00:31 GMT
content-type
text/html; charset=UTF-8
last-modified
Sun, 15 Dec 2024 05:00:31 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x3d08 function| _0x54eb function| _0x3ab9 number| windowOuterWidth number| windowOuterHeight number| win2 function| _0x1b0a function| $ function| jQuery

5 Cookies

Domain/Path Name / Value
.deleiaek.shop/ Name: hash
Value: 3b95b5bdefe5609e8ea9f3c80d4acbeb
.deleiaek.shop/ Name: stream
Value: hm7fa2btav
.deleiaek.shop/ Name: com
Value: 13
.deleiaek.shop/ Name: user
Value: 2755701524
tpcofeh.zeodkg.sa.com/ Name: mem
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

deleiaek.shop
fonts.googleapis.com
fonts.gstatic.com
tpcofeh.zeodkg.sa.com
104.21.96.1
142.250.185.195
2606:4700:3034::ac43:c3ac
2a00:1450:4001:829::200a
07431f0614c5ea40612dfad62e13be05dc96ed5cc0b3b3a8bcfbaba669509c27
1301edbe05902bf6b864088bad7d93e72576a80cac8a2e99c4bceb1a15c8a196
164a410eed7f7e958148973fa3ea2b9695add18a71c8a8e140861c9f16321545
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2bbb3b2e7dca2294b98116b7a3279848a2df2ba75ac9b58c69e76e2ff0b02676
2e542495db1666774ba22396a147363cc046caa27ac182bb6b73baff1d7a6bac
2f256a99580665acc00d91f2107efdfaa47093f043ca3cde967cc122b521e2f1
3abee1c50f8647f9b9e3ed2cf033c5f1324f506501e8075ccb53ff393e93e36f
44cd27d9723c6601f4f2aef3909ed5110b4dd415515ca272330b7493abfa8bc6
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
5f8f6ee463027dbf645d12f2e48513745ed2e4c889d9d5bb39cdf8efd2194115
6ad0aea716bc2c1034acfc8f49e8f506ec4d1d3e7c3b6d85c0debab740423754
6eedf7e6d72d844f2c64732129b7112906137772ef9e5654d6f668295ce816a7
76654a4abe5b7c6c0fbce20f56f197a9dc45a22269fe9203a0ee80f2a302054f
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9339a32f4f7ee6222364dba62d3c587179015d77c042751debef03ba33eef8c7
9ba40743619bfc37a8f19ecd1beb679aad75d44c760d1cd0a6874a5d6551814b
9cbb003d23deafc82ada2a0fa75bc861cbfcddab8da9ea9a0862eddd3c3daa53
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
a5c838f9cb5658bdc4a7f2e3cebb6f47f5730d78f71dfa2c6619776aa21bd919
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
afd009e1ae380b5c3d222c0c4c383f7acaeaf3acabfa680d13c9e3078df4c74e
bb988ab003a3395e63b413358fa6806899d03a59d4e52e250cefe17c37db01b7
be3d87ca8effe1ade7eb46707b01c14a4999bfd075b078991b396e28f82ea17c
c290c7a6c50bee0ec313a40293b1ce9535544673d67fc591af9fae75c94d7083
d357528aaca4da04e7fd1058dced8c490a6abf6855db15ca19689c32bff84d73
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db23d1bc80aed22d4dcb0e6b80922ecefc973bc8d1b0533d393111f439f36284
e3323e1b4c2f36162a09aa431549aee6a4f2ef012ba5d795c7c05652a662a512
e9d8866bb95d21ca2d5075f0d9962a69eeac1c949f5bde810b593ccd6f50e13f
ec999ab71cbb6beb7e10406b0d6910c32b5079b7def5722662d2915cf3a54677
edbb6181e4fded15f036c46baddcb34261d38a05a360a4310b4a15ff263cd0c1
ee60cce35b32a3c5a31934464b55120718b6c0cf8a888ffa09bd44645305392d
ef53f16fa3bff93f11f7a1644cc357703e1607e0b2955d87df70cfe35e6a0660
f274d1dfaeba739f49e99a9f14d42d933f21e12ff480acbc256b1a1b5c017cb6
f9ea74478165d7d08eaca563cea68641ec6256eab30f00d7ae62d73518fbd4e4