URL: https://ubr-d.zofer.xyz/
Submission: On November 20 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 27 HTTP transactions. The main IP is 172.245.112.202, located in Buffalo, United States and belongs to AS-COLOCROSSING, US. The main domain is ubr-d.zofer.xyz.
TLS certificate: Issued by E6 on November 20th 2024. Valid for: 3 months.
This is the only time ubr-d.zofer.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 172.245.112.202 36352 (AS-COLOCR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 3 2600:9000:220... 16509 (AMAZON-02)
3 2600:9000:261... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3.122.218.248 16509 (AMAZON-02)
2 2a03:2880:f10... 32934 (FACEBOOK)
27 8
Apex Domain
Subdomains
Transfer
10 zofer.xyz
ubr-d.zofer.xyz
62 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
152 KB
3 jwpsrv.com
videos-cloudfront.jwpsrv.com
1 MB
3 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 5162
1 KB
3 cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 8447
253 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
1 getyourapi.site
getyourapi.site
514 B
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 15653
1 KB
27 9
Domain Requested by
10 ubr-d.zofer.xyz ubr-d.zofer.xyz
5 cdnjs.cloudflare.com ubr-d.zofer.xyz
cdnjs.cloudflare.com
3 videos-cloudfront.jwpsrv.com ubr-d.zofer.xyz
3 content.jwplatform.com 3 redirects
3 fonts.cdnfonts.com ubr-d.zofer.xyz
fonts.cdnfonts.com
2 www.facebook.com ubr-d.zofer.xyz
2 connect.facebook.net ubr-d.zofer.xyz
connect.facebook.net
1 getyourapi.site cdnjs.cloudflare.com
1 ipapi.co ubr-d.zofer.xyz
27 9

This site contains no links.

Subject Issuer Validity Valid
ubr-d.zofer.xyz
E6
2024-11-20 -
2025-02-18
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
cdnfonts.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-29 -
2024-11-27
3 months crt.sh
ipapi.co
WE1
2024-10-31 -
2025-01-29
3 months crt.sh
getyourapi.site
E5
2024-10-05 -
2025-01-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ubr-d.zofer.xyz/
Frame ID: 8778B851FDC330C67A6EF9EDE27531CA
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Uber Finance

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

89 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

1629 kB
Transfer

2214 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://content.jwplatform.com/videos/0PPAvTVY-nGrMT7CR.mp4 HTTP 302
  • https://videos-cloudfront.jwpsrv.com/673e0477_bde5d488f7c2d5d9a14fdfae5436a3cccfac3afa/content/conversions/pqhLoYFT/videos/bYpP2a7f-34256284.mp4
Request Chain 16
  • https://content.jwplatform.com/videos/b2e5oMJa-nGrMT7CR.mp4 HTTP 302
  • https://videos-cloudfront.jwpsrv.com/673e0477_650dfd136fda400c53ca1e6e52903cbedf246e12/content/conversions/pqhLoYFT/videos/kWoIqLQI-34256284.mp4
Request Chain 17
  • https://content.jwplatform.com/videos/DGDRtt1u-nGrMT7CR.mp4 HTTP 302
  • https://videos-cloudfront.jwpsrv.com/673e0477_4e38f1b30e9635ad05df35808648d4e47d7c7d20/content/conversions/pqhLoYFT/videos/WXfVkTM2-34256284.mp4

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ubr-d.zofer.xyz/
24 KB
6 KB
Document
General
Full URL
https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
472f474c395ef3430c4f2bb9aba5d9f12d3427bc31c5ce5236ade8964420021d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 15:27:02 GMT
server
openresty
vary
Accept-Encoding Accept-Encoding Accept-Encoding
style.css
ubr-d.zofer.xyz/src/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://ubr-d.zofer.xyz/src/css/style.css
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
23d95a2b1ae28273eba52d7467469237b4ec73704f042b69a1fa43514883905a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
form.css
ubr-d.zofer.xyz/src/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://ubr-d.zofer.xyz/src/css/form.css
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
01737ddec7e99b54413f1a169261c55d95db604cdeb887b853dd2799a89f3609

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
logo.svg
ubr-d.zofer.xyz/src/images/logo/
7 KB
3 KB
Image
General
Full URL
https://ubr-d.zofer.xyz/src/images/logo/logo.svg
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
bd24d715216eaf9205b0f4e12da24ae3d554254cabece5fab04452bbe4ff0b2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
user.svg
ubr-d.zofer.xyz/src/images/icons/
2 KB
965 B
Image
General
Full URL
https://ubr-d.zofer.xyz/src/images/icons/user.svg
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
2a4fbec900183bb86edad505b23125ca948da1625381e530f5d8a65c598687c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
intro.webp
ubr-d.zofer.xyz/src/images/img-section/
40 KB
40 KB
Image
General
Full URL
https://ubr-d.zofer.xyz/src/images/img-section/intro.webp
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
4ba6f25cc0080b6e0495f8a3cef4f3e0837e1587c28ea8d1cbc7c029d071fa09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
image/webp
vary
Accept-Encoding
server
openresty
loader.svg
ubr-d.zofer.xyz/src/images/loader/
5 KB
755 B
Image
General
Full URL
https://ubr-d.zofer.xyz/src/images/loader/loader.svg
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
ff58b52e0cdd2d81a85c49e1681016831c814ed395dd0028b55d70e1b717ec9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/
85 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"64ed75bb-6b36"
age
598237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gH%2BTfPdJl5k5z86LIckU5z1ZuqC3I2cbmmQeiXTzI9hjZTACzeMFLID1%2BwbJYACVsXwhZ3pg%2BEJFId4y4NCgDUsNriBTD0Ps5YTfRbvP6FDLRCnjL9Ti2fcgSUHPzfd02P5Vqqsg4cqqbHGYmcMSaX7R"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 15:27:03 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 29 Aug 2023 04:36:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5976407fb3438e-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
27446
server
cloudflare
modalPhoneError.js
ubr-d.zofer.xyz/src/js/
3 KB
1 KB
Script
General
Full URL
https://ubr-d.zofer.xyz/src/js/modalPhoneError.js
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
6df51edd173eec1cd2f868b126a9c20ed0b08fdda9a851adba64ddc516c806cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
main.js
ubr-d.zofer.xyz/src/js/
22 KB
5 KB
Script
General
Full URL
https://ubr-d.zofer.xyz/src/js/main.js
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
a433cc8ba79d8d997dc4a998b65b1cc62a078b181ccda8abe1345de31bf16026

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/
24 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-85b"
age
510212
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsQwgP2cZTxZd8l7VtU%2B46kVQae5kGp5%2FZlzkYP9%2BM91pe%2FFVAnwu2hd9%2BikGzAk0HgWXJJTv3xktWgM9hjIrC7W%2BZCdRwm0kOBR%2BZVrcl%2BVaLiVTU01AJIq8%2BQm%2Byn92stlVMxk21SeQq3XUqTBy0ag"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 15:27:03 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5976407fb2438e-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2139
server
cloudflare
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/
30 KB
9 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-223d"
age
1109214
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hE8sK0mYQ7ShqJ2hkV1ZaFOAlDiBs2xEn2SCO880qf%2BWNbkrlNVsRMp2dpKyxgzDPnANrB2SkKXtDEQ9N5YaID2Ou9A1%2FJFIfts4jN16VCk5nrBL3edBbKdvabaNQ%2Fu0CTDvXnedkXjwRAV0nJS4stp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 15:27:03 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5976407fb0438e-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
8765
server
cloudflare
sf-pro-display
fonts.cdnfonts.com/css/
2 KB
1015 B
Stylesheet
General
Full URL
https://fonts.cdnfonts.com/css/sf-pro-display
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/src/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:487c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac7863e22f33bbf9c3186e919b9c227021236915dd0317d9f4851a63644c09c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
275311
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EewCLDA0WquIF6my%2Fw0VszkMoFYYXaqxG%2FX5xs4MfTVMx8fUyj%2B6dnS3dYWs2VyLXMnCoKp3ZO1hfYc6YoWbuIJtAalfygqGIXSl5j%2FEmrOO16NTH8l1wJbgDGx%2FmHKC2sDr%2BdC7F7YvuXnucOirKZI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3289&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4272&recv_bytes=5589&delivery_rate=160631&cwnd=12000&unsent_bytes=0&cid=1f0e0b23764d630b&ts=216&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 17 Nov 2024 10:58:32 GMT
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e59763f2aac7280-EWR
access-control-allow-origin
*
server
cloudflare
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-0mI3LqsA' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-0mI3LqsA' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4602, tp=12, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
DQaGUcRoC0MONN4wYX1PeAPUcxBFR0Le7/QSHFWYNPtgxnuqJtuPMEbuGI+bAg6Y8cW2Hoc+FmdAeTEZFmnhVg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
SFPRODISPLAYBOLD.woff
fonts.cdnfonts.com/s/59278/
131 KB
132 KB
Font
General
Full URL
https://fonts.cdnfonts.com/s/59278/SFPRODISPLAYBOLD.woff
Requested by
Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/sf-pro-display
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:487c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
119ccd3741e1185ef0ae63c54b4bcdc65ee0ce4336f1558928707d85b91fbe11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ubr-d.zofer.xyz
Referer
https://fonts.cdnfonts.com/css/sf-pro-display

Response headers

cf-cache-status
MISS
etag
"20bbc-5d73bbcd13297"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0O3VYP2vTNpTjpQ7G%2FXvT122T0ysWCMx9UFLuKSmc9Jx%2BYt3cfedlIjgmxSNfdDzSjjZzvnLO4Ud53%2Fai5vBy6k6ou39hP%2FXGTrFnotZl8bLKczUY3IBnZ4EZSdzZA3A2QaQLIUsYQNgAHp93xn5Yck%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=4018&sent=117&recv=59&lost=0&retrans=0&sent_bytes=127964&recv_bytes=6638&delivery_rate=4269467&cwnd=62400&unsent_bytes=0&cid=4609599013f6d9d8&ts=290&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
font/woff
last-modified
Sat, 05 Feb 2022 02:00:54 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e59763fdea84358-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
134076
server
cloudflare
SFPRODISPLAYREGULAR.woff
fonts.cdnfonts.com/s/59278/
119 KB
120 KB
Font
General
Full URL
https://fonts.cdnfonts.com/s/59278/SFPRODISPLAYREGULAR.woff
Requested by
Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/sf-pro-display
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:487c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f8604bc9572a5c012cbfcb1e8f4f155eed3ef80e058dfa01f7b1731e45cf33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ubr-d.zofer.xyz
Referer
https://fonts.cdnfonts.com/css/sf-pro-display

Response headers

cf-cache-status
MISS
etag
"1dd94-5d73bbcd1367f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyUxRZZop5mW9udfb7vpUjD33scTb2EUqBocud7nm2Pqmq5nX5a8T0IigbThvpyi9I9HUMzXVbMlQkM87a4WZOzPXwXzng4l4sS%2B%2BQKCz97nUnt5sMEPVr%2BR%2Bt4kAMO%2F%2B2TvRhGGh4u7z3qUYV0%2Bbto%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7117&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2208&recv_bytes=4500&delivery_rate=995&cwnd=12000&unsent_bytes=0&cid=4609599013f6d9d8&ts=194&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
font/woff
last-modified
Sat, 05 Feb 2022 02:00:54 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e59763fdea54358-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
122260
server
cloudflare
bYpP2a7f-34256284.mp4
videos-cloudfront.jwpsrv.com/673e0477_bde5d488f7c2d5d9a14fdfae5436a3cccfac3afa/content/conversions/pqhLoYFT/videos/
Redirect Chain
  • https://content.jwplatform.com/videos/0PPAvTVY-nGrMT7CR.mp4
  • https://videos-cloudfront.jwpsrv.com/673e0477_bde5d488f7c2d5d9a14fdfae5436a3cccfac3afa/content/conversions/pqhLoYFT/videos/bYpP2a7f-34256284.mp4
313 KB
314 KB
Media
General
Full URL
https://videos-cloudfront.jwpsrv.com/673e0477_bde5d488f7c2d5d9a14fdfae5436a3cccfac3afa/content/conversions/pqhLoYFT/videos/bYpP2a7f-34256284.mp4
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Server
2600:9000:261f:1a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9b93081375ecef9a32d10173723e4a65ba01b6ad77489c80e1bf47a0f1192ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

vary
Origin
x-amz-version-id
Oz4Ejafg9AqPlEohDQgL74AME5a8HPFU
etag
"1bd486cf267d3c1a6cd9ad7650a6bcb5"
Content-Range
bytes 0-320699/320700
via
1.1 fb71bc40c2ca2e3f3af674bf6527ac8a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
Content-Length
320700
x-amz-cf-id
6kKjazPaKP5uD43tG4Z-b6mdMpffggJ7or5hnNSztCA96S79W3Qa7A==
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
video/mp4
last-modified
Mon, 11 Nov 2024 07:04:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=600
location
https://videos-cloudfront.jwpsrv.com/673e0477_bde5d488f7c2d5d9a14fdfae5436a3cccfac3afa/content/conversions/pqhLoYFT/videos/bYpP2a7f-34256284.mp4
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
e6lvKKHn0Lt9lpWVlJZFXPrNVhLRa7fJCJQi54-2FOA7vqW_q_L9_w==
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
EWR53-P1
server
openresty
kWoIqLQI-34256284.mp4
videos-cloudfront.jwpsrv.com/673e0477_650dfd136fda400c53ca1e6e52903cbedf246e12/content/conversions/pqhLoYFT/videos/
Redirect Chain
  • https://content.jwplatform.com/videos/b2e5oMJa-nGrMT7CR.mp4
  • https://videos-cloudfront.jwpsrv.com/673e0477_650dfd136fda400c53ca1e6e52903cbedf246e12/content/conversions/pqhLoYFT/videos/kWoIqLQI-34256284.mp4
366 KB
367 KB
Media
General
Full URL
https://videos-cloudfront.jwpsrv.com/673e0477_650dfd136fda400c53ca1e6e52903cbedf246e12/content/conversions/pqhLoYFT/videos/kWoIqLQI-34256284.mp4
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Server
2600:9000:261f:1a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f53a3b217f7aebeae3d153cf77f6514f1a0089ee9374aedf5c71c6c2f6580826

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

vary
Origin
x-amz-version-id
zs3Foc1wUtrDX5ynG5BZbYRooXgT9MlW
etag
"a9f3c4161f71e31de0449abd73b4a688"
Content-Range
bytes 0-375046/375047
via
1.1 fb71bc40c2ca2e3f3af674bf6527ac8a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
Content-Length
375047
x-amz-cf-id
IeqX35oNeaMdkuMjNzcdbcSMGSRgvbr3ZIbaETsX8ZuMqZU5ogmkrg==
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
video/mp4
last-modified
Mon, 11 Nov 2024 07:04:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=600
location
https://videos-cloudfront.jwpsrv.com/673e0477_650dfd136fda400c53ca1e6e52903cbedf246e12/content/conversions/pqhLoYFT/videos/kWoIqLQI-34256284.mp4
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Tc8NVaPWbHmVV8NNMYc79xMbhGhlL_sP9aEUaPGXIAJXjWjhhGvjtQ==
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
EWR53-P1
server
openresty
WXfVkTM2-34256284.mp4
videos-cloudfront.jwpsrv.com/673e0477_4e38f1b30e9635ad05df35808648d4e47d7c7d20/content/conversions/pqhLoYFT/videos/
Redirect Chain
  • https://content.jwplatform.com/videos/DGDRtt1u-nGrMT7CR.mp4
  • https://videos-cloudfront.jwpsrv.com/673e0477_4e38f1b30e9635ad05df35808648d4e47d7c7d20/content/conversions/pqhLoYFT/videos/WXfVkTM2-34256284.mp4
403 KB
404 KB
Media
General
Full URL
https://videos-cloudfront.jwpsrv.com/673e0477_4e38f1b30e9635ad05df35808648d4e47d7c7d20/content/conversions/pqhLoYFT/videos/WXfVkTM2-34256284.mp4
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H2
Server
2600:9000:261f:1a00:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36b2963861ec7305d0d92c666ff21ea326c5a47b77f607cc17a09d60f44a1086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

vary
Origin
x-amz-version-id
s0rxsLX6WZjxOzsf5toq8IlPVew5yCCA
etag
"bb5e35f5f6860d7ccee6edc65c29b82a"
Content-Range
bytes 0-412523/412524
via
1.1 fb71bc40c2ca2e3f3af674bf6527ac8a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
Content-Length
412524
x-amz-cf-id
OrggbcmFOyGkV2ouooGCPzfqv0xLiW7lCdPGRDilBcAD1DNDc4741w==
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
video/mp4
last-modified
Mon, 11 Nov 2024 07:04:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=600
location
https://videos-cloudfront.jwpsrv.com/673e0477_4e38f1b30e9635ad05df35808648d4e47d7c7d20/content/conversions/pqhLoYFT/videos/WXfVkTM2-34256284.mp4
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
tCp4rJYUtLZxBOrTj90lyOwOyiEYyXURIdTs7LfLRj4CX_rNHdKBFQ==
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
EWR53-P1
server
openresty
405805952249953
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/405805952249953?v=2.9.177&r=stable&domain=ubr-d.zofer.xyz&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f89ab766f2f6db2eb21bdf2493ddb5c5bbec6a01e6ebbb1b80851672a3e9ae4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Udt8yFkE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-Udt8yFkE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=69, mss=1232, tbw=70458, tp=68, tpl=0, uplat=71, ullat=1
pragma
public
x-fb-debug
pw5rtITUKoMdFg3wx0z6Tbkhaj2iU7gqmCnbltW0OgQIOX9FzbYOY26nL4iKSfs/D6VMtNs5UkkSyCDBDkeFnQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
json
ipapi.co/
793 B
1 KB
Fetch
General
Full URL
https://ipapi.co/json
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/src/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c105d3b90d3694b67cf8e585e6d1b1c74c9121ab2ed6d49058fd371bdc5914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqSxY0BH6aXS7JQ%2FdV9ubPGY3D%2FE7Ca%2BWyT3GrEPZ7vx0azvn7%2BwZYcu9EFEZXyZAxsKjMccNaeFAdUIsKZb2HoSuCTu%2B%2FFExM3Mljgk9W04sTGze39lqu%2FxkM5Nq2DZ3pb3ITou"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=2870&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3389&recv_bytes=2270&delivery_rate=1458806&cwnd=255&unsent_bytes=0&cid=6b319d6ede10e604&ts=221&x=0"
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
application/json
vary
Host, origin
x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
OPTIONS, POST, HEAD, OPTIONS, GET
cf-ray
8e5976427c00728d-EWR
access-control-allow-origin
https://ubr-d.zofer.xyz
server
cloudflare
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/
66 KB
66 KB
Image
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-1062f"
age
2319794
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PwJ%2F5%2FwawC9j%2FQpeDy0yY3thEyuvuhPHGlKRGhb3YXdHgK01EbS9%2FzQK%2Bv9jnr4X5hpuf6ZeD5j9uAqYb6PLbA5x7qYr9C3BN16JfSTAymcHvn2iK78AwC02qat3tRlXcYBaWJRNNqloG6gE8OuNjV0i"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 15:27:03 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:27:03 GMT
content-type
image/png; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e597641b956438e-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
67119
server
cloudflare
geolocation
getyourapi.site/api/
107 B
514 B
XHR
General
Full URL
https://getyourapi.site/api/geolocation
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
Software
openresty / Express
Resource Hash
6c58d13f07df6dbcd73de6511781a1212c616c94bad98096829a62eb9034e200

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ubr-d.zofer.xyz/

Response headers

access-control-max-age
600
x-request-id
ecafb85a-885f-4817-a90b-d7df8c3e2753
access-control-expose-headers
content-type, authorization, x-request-id
etag
W/"6b-wKWWqRM9Efm02ULMmyQszdvRjks"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ubr-d.zofer.xyz
content-length
107
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
openresty
access-control-allow-headers
origin, content-type, accept, authorization
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=405805952249953&ev=PageView&dl=https%3A%2F%2Fubr-d.zofer.xyz%2F&rl=&if=false&ts=1732116424073&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1732116424067.975728358731406725&ler=empty&cdl=API_unavailable&it=1732116423916&coo=false&rqm=GET
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4497, tp=10, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
197 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=405805952249953&ev=PageView&dl=https%3A%2F%2Fubr-d.zofer.xyz%2F&rl=&if=false&ts=1732116424073&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1732116424067.975728358731406725&ler=empty&cdl=API_unavailable&it=1732116423916&coo=false&rqm=FGET
Requested by
Host: ubr-d.zofer.xyz
URL: https://ubr-d.zofer.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439383395095072368"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
jt4Y7QSqdFnQCy0twFKXqifqIs7jBm3yhR5r20AyQhvsDMgqVrno628EE560QlwTh2rP2AgrHhxpwNsgbQQDsA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439383395095072368", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4865, tp=13, tpl=0, uplat=67, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
utils.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/
247 KB
47 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ccbce772a72e9602e3ebb4e98b7c08b056efdc0b4242982a0a21d33d29bd09
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-b8f3"
age
164372
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpNEocjGkEFz7S1JkaOjgrDjsR3tJ8385WwfULvV80TUPxsqxKtlLnmEm2bPTx0PaD48EpW7jocEFaAOaW6Wq%2Fe0JfaVF%2FI%2FrkJWMCGRD7ROff42uor1KLLZcKGPcaRLDDt5H8%2Fa1ewpbybWZpPd2jXT"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 15:27:04 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5976439bff438e-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
47347
server
cloudflare
favicon.svg
ubr-d.zofer.xyz/
986 B
742 B
Other
General
Full URL
https://ubr-d.zofer.xyz/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
bf2c63aca7732ba4996a29d69838bfcf50fe2dc02ea8492e62e99e811e5d700b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubr-d.zofer.xyz/

Response headers

content-encoding
gzip
date
Wed, 20 Nov 2024 15:27:04 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery function| _0x27e0 function| _0x16b2 function| initTelInput function| initCurrentYear function| openModals function| changeTextButton function| checkInput function| startCheckNumber function| initScrollSection function| delay function| initApp function| _0x1b5c function| _0x37ac object| intlTelInputGlobals function| intlTelInput function| parseURLParams object| intlTelInputUtils

1 Cookies

Domain/Path Name / Value
.zofer.xyz/ Name: _fbp
Value: fb.1.1732116424067.975728358731406725

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
content.jwplatform.com
fonts.cdnfonts.com
getyourapi.site
ipapi.co
ubr-d.zofer.xyz
videos-cloudfront.jwpsrv.com
www.facebook.com
172.245.112.202
2600:9000:2209:a600:1:a3fa:7cc0:93a1
2600:9000:261f:1a00:3:37c9:30c0:93a1
2606:4700:20::ac43:45e2
2606:4700:3033::6815:487c
2606:4700::6811:180e
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f10e:83:face:b00c:0:25de
3.122.218.248
01737ddec7e99b54413f1a169261c55d95db604cdeb887b853dd2799a89f3609
119ccd3741e1185ef0ae63c54b4bcdc65ee0ce4336f1558928707d85b91fbe11
23d95a2b1ae28273eba52d7467469237b4ec73704f042b69a1fa43514883905a
2a4fbec900183bb86edad505b23125ca948da1625381e530f5d8a65c598687c5
2f89ab766f2f6db2eb21bdf2493ddb5c5bbec6a01e6ebbb1b80851672a3e9ae4
36b2963861ec7305d0d92c666ff21ea326c5a47b77f607cc17a09d60f44a1086
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
472f474c395ef3430c4f2bb9aba5d9f12d3427bc31c5ce5236ade8964420021d
4ba6f25cc0080b6e0495f8a3cef4f3e0837e1587c28ea8d1cbc7c029d071fa09
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
5ac7863e22f33bbf9c3186e919b9c227021236915dd0317d9f4851a63644c09c
6c58d13f07df6dbcd73de6511781a1212c616c94bad98096829a62eb9034e200
6df51edd173eec1cd2f868b126a9c20ed0b08fdda9a851adba64ddc516c806cf
a433cc8ba79d8d997dc4a998b65b1cc62a078b181ccda8abe1345de31bf16026
a7f8604bc9572a5c012cbfcb1e8f4f155eed3ef80e058dfa01f7b1731e45cf33
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bd24d715216eaf9205b0f4e12da24ae3d554254cabece5fab04452bbe4ff0b2c
bf2c63aca7732ba4996a29d69838bfcf50fe2dc02ea8492e62e99e811e5d700b
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
c9b93081375ecef9a32d10173723e4a65ba01b6ad77489c80e1bf47a0f1192ab
e0c105d3b90d3694b67cf8e585e6d1b1c74c9121ab2ed6d49058fd371bdc5914
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ccbce772a72e9602e3ebb4e98b7c08b056efdc0b4242982a0a21d33d29bd09
f53a3b217f7aebeae3d153cf77f6514f1a0089ee9374aedf5c71c6c2f6580826
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff58b52e0cdd2d81a85c49e1681016831c814ed395dd0028b55d70e1b717ec9b