urlscan.io logo urlscan.io
SecurityTrails logo

usjs.iafedoec.top Open in urlscan Pro
172.67.174.238  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://usjs.iafedoec.top/
Effective URL: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Submission: On August 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 172.67.174.238, located in United States and belongs to CLOUDFLARENET, US. The main domain is usjs.iafedoec.top.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time usjs.iafedoec.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation) Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 20 172.67.174.238 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
25 6
20    172.67.174.238 (United States)

ASN13335 (CLOUDFLARENET, US)
usjs.iafedoec.top
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2606:4700:10::ac43:2910 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tailwindcss.com
1    2607:f8b0:400d:c02::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
20 iafedoec.top
usjs.iafedoec.top
72 KB
2 gstatic.com
fonts.gstatic.com
37 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
88 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 23119
110 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
25 6
Domain Requested by
20 usjs.iafedoec.top 2 redirects usjs.iafedoec.top
code.jquery.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com usjs.iafedoec.top
cdnjs.cloudflare.com
2 cdn.tailwindcss.com 1 redirects usjs.iafedoec.top
1 fonts.googleapis.com usjs.iafedoec.top
1 code.jquery.com usjs.iafedoec.top
25 6

This site contains no links.

Subject Issuer Validity Valid
iafedoec.top
WE1		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Frame ID: 9E87187964A2F82AFD4D99FD48D99C1D
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

USPS Delivery Status

Page URL History Show full URLs

  1. http://usjs.iafedoec.top/ HTTP 307
    https://usjs.iafedoec.top/ Page URL
  2. https://usjs.iafedoec.top/cdn-cgi/phish-bypass?atok=_pHjiDlVbevV7zrbGD1Sy88iGo.FK36N_nFHskBiqpE-172290... HTTP 301
    https://usjs.iafedoec.top/ HTTP 302
    https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

336 kB
Transfer

804 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://usjs.iafedoec.top/ HTTP 307
    https://usjs.iafedoec.top/ Page URL
  2. https://usjs.iafedoec.top/cdn-cgi/phish-bypass?atok=_pHjiDlVbevV7zrbGD1Sy88iGo.FK36N_nFHskBiqpE-1722905546-0.0.1.1-%2F HTTP 301
    https://usjs.iafedoec.top/ HTTP 302
    https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://usjs.iafedoec.top/ HTTP 307
  • https://usjs.iafedoec.top/
Request Chain 13
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.5

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
usjs.iafedoec.top/
Redirect Chain
  • http://usjs.iafedoec.top/
  • https://usjs.iafedoec.top/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1993ca70effa753de70c33436bac08bd4f815e1a07e774086b925a707d3c0271
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-ray
8aeb0b4f68718758-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 00:52:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcneNwL9f7FDH4ZsLhta8Lh8d4If0k7bKqkVxmHrsMqXrkWLhexo9FVRgDXcb54hiNajkZIHFMM9ToEmQJQjWb8hPaMqa2z0ODgG8Fyo3JcEYfTRerIJ84%2BuvqB4YnqJtc9n9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://usjs.iafedoec.top/
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
usjs.iafedoec.top/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/cdn-cgi/styles/cf.errors.css
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://usjs.iafedoec.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2024 21:55:42 GMT
server
cloudflare
etag
W/"66a9615e-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8aeb0b4fd8ff8758-MIA
expires
Tue, 06 Aug 2024 02:52:26 GMT
icon-exclamation.png
usjs.iafedoec.top/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usjs.iafedoec.top/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://usjs.iafedoec.top/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2024 21:55:42 GMT
server
cloudflare
etag
"66a9615e-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
8aeb0b5029658758-MIA
content-length
452
expires
Tue, 06 Aug 2024 02:52:26 GMT
favicon.ico
usjs.iafedoec.top/ 		31 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943

Request headers

Referer
https://usjs.iafedoec.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Aug 2024 09:42:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dce7a913f7e3da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwpoa%2FVxh6i1t%2FDyiZLTWWdDh6p7eSFpGckqkEQ4H%2BLaOC2e7L2ySabNNHdd54TPLJ5g%2B6YujbPvccJ5Q8gy3PZJqMjElgtxH1EBDGk1fHatmQlltFs%2BLtDrzqCF6fhSKjM98w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8aeb0b507a1a8758-MIA
alt-svc
h3=":443"; ma=86400
Primary Request CRxZCNhaS9AIw2
usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/
Redirect Chain
  • https://usjs.iafedoec.top/cdn-cgi/phish-bypass?atok=_pHjiDlVbevV7zrbGD1Sy88iGo.FK36N_nFHskBiqpE-1722905546-0.0.1.1-%2F
  • https://usjs.iafedoec.top/
  • https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d34bfaaa0116ce1d799ecad7489a02740ce84f325e83f7af760a932c947c962f

Request headers

Referer
https://usjs.iafedoec.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8aeb0b714f7f8758-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 00:52:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aUO3O28P%2FbzslG6mvXqKnzOw4HXgijpO7iIK4RrDyMKSc5tPCoVjPhsHQXGxfGiLOlzk9usPu86m5YUzdiUtjfoFhSCkiRa0d0Rl%2Bmq7a1479MwuGQTD7dvSfZoS2KDQn%2BdXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8aeb0b6f9d7b8758-MIA
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 00:52:31 GMT
location
/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHnhdC5Uc5jCj15vzHCvRDnTZ4xvoefUad7GrqGH0%2BCZ0V9UH61qQfcvLkjntIxJEjftzqYeqDnGUkAkbro7xxxK6rAT1LF%2BF18I%2F6YtHj57K7TxL%2B%2BhlVG7gr9WgubJSmqLUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
2N3IWMjLypeLmoxJQ2.js
usjs.iafedoec.top/bf80fa/JDFzJV50L0AlJH5-cH/NeQHwvYiptfH5ieCN-IXRtc2VqY2MkbiokJH58I2pfc/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/JDFzJV50L0AlJH5-cH/NeQHwvYiptfH5ieCN-IXRtc2VqY2MkbiokJH58I2pfc/2N3IWMjLypeLmoxJQ2.js
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c2f454477f11cb6f7e6879904e5e33d4607d1f57789e28d01f802a3a8c8195f1

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:31 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 06 Aug 2024 00:52:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5SZ19EKN0v2nb1YwWpG3iBkOZ1LvABH0na%2FySWvfbR3SXnDXgpF0piLyMXYDsl6PARe3AVFT6YG6KrzpZUDL7uGBhlRxq42Kud7o0WPHrrhQp5HORO%2BcpvcvXl%2B51RRTRxEFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aeb0b7208a48758-MIA
alt-svc
h3=":443"; ma=86400
content-length
3407
jquery-3.0.0.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.0.0.min.js
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

Referer
https://usjs.iafedoec.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2822105
x-cache
HIT, HIT
content-length
29995
x-served-by
cache-lga13625-LGA, cache-mia-kmia1760068-MIA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1722905552.757174,VS0,VE0
etag
W/"28feccc0-15145"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1, 18688
2N3IWMjLypeLmoxJQ2.js
usjs.iafedoec.top/bf80fa/JDNzJV50L0AlJH5-cH/NeQHwvYiptfH5ieCN-IXRtc2VqY2MkbiokJH58I2pfc/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/JDNzJV50L0AlJH5-cH/NeQHwvYiptfH5ieCN-IXRtc2VqY2MkbiokJH58I2pfc/2N3IWMjLypeLmoxJQ2.js
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9d1e2e4ad72a18cf50ffa92de733c87db8270e7a06a7c2b0fe3526d491c932bd

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:31 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 06 Aug 2024 00:52:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kFI0RN183UROAXVCovbcegHyOxeXYBBaggrVSAJwFjgV208dwzPPStsNDEHqEMiqBJNJnooZUsBV16Yrtww1NgoQ03RS1BhakGFxNqwXZmB0d61AIFh7%2FHY1OtglUIKUmU0Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aeb0b7208a98758-MIA
alt-svc
h3=":443"; ma=86400
content-length
3586
QHkkIyUjZiouZHU1.js
usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b1bd2995de970f0229b3029fd590c5e36b59ed76167791ac96444c04350006d4

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:31 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 06 Aug 2024 00:52:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ajy5x854KB10ioTJDgeuxTJikJ9KmExBPfLIbyJZJjdqBiPENnM4Iag4QKP%2FQV1Wv0EeqtCWbL2P1cThxcGz0cAt7E%2Bsb2kNb%2FkzmsX%2BJNiWuQndyD%2FV2RXj5l3pddkhmBSHtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aeb0b7208ac8758-MIA
alt-svc
h3=":443"; ma=86400
content-length
5097
2N3IWMjLypeLmoxJQ2.js
usjs.iafedoec.top/bf80fa/JDVzJV50L0AlJH5-cH/NeQHwvYiptfH5ieCN-IXRtc2VqY2MkbiokJH58I2pfc/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/JDVzJV50L0AlJH5-cH/NeQHwvYiptfH5ieCN-IXRtc2VqY2MkbiokJH58I2pfc/2N3IWMjLypeLmoxJQ2.js
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
25a8fb998c1907ff093143033c10dd2dee285a95e1204509c84e6e2704778e36

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:31 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 06 Aug 2024 00:52:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZYJwt3bj9mZfG8zf7bfgd0JaJCzpfYNBvkyiEeCRN8XGARwMPXkq2C9YBBqCdgWUXyWswBEInqNZSqmld%2FESeg2Nkf1gZGhiirW5mC2BJ9EkuBbDdkzATw17jidl6FLV1zzJbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aeb0b7208ad8758-MIA
alt-svc
h3=":443"; ma=86400
content-length
3921
wjbm1AdS98aS9kJA2
usjs.iafedoec.top/bf80fa/JH4kfiVDIXxmL29ofl/RAKiEkYXwqJW5uI0FpXmwjXiVpKklDXmV0aW/ 		16 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/JH4kfiVDIXxmL29ofl/RAKiEkYXwqJW5uI0FpXmwjXiVpKklDXmV0aW/wjbm1AdS98aS9kJA2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.0.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
*/*
Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 06 Aug 2024 00:52:32 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmOm4bj83uE%2BUZ5szHtzoqsMBw0Z3%2FNjtcZL%2Bhd0LqZht%2FKuE0yG0RkoleDowQ%2F1zSyATmYo6hfPi2Pj816gdDsoYsy%2Fh%2BOpH7TbFmMJRUuq0BpKJpvepkbtOB7MkBTHruILVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
8aeb0b73cb538758-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
hIW8k0.ico
usjs.iafedoec.top/bf80fa/JSMhb2/kuYy9edn5pfmZ-I2MkbiN/ 		31 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/JSMhb2/kuYy9edn5pfmZ-I2MkbiN/hIW8k0.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Aug 2024 09:42:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dce7a913f7e3da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2BlmFuEtL9PQyCuGeWWSWydGEWzDgbcZInoZ4WU7NJnkEZzEV0z%2F4m6QnfUkvgwTPxCJGnwEOP7%2Bo9dOOBTdEokDxfV9DFLWW0ADiX6V1bCO9mjY5UJelmfZVPla8T%2Fb2UVehA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8aeb0b73cb5a8758-MIA
alt-svc
h3=":443"; ma=86400
mI29lcg2
usjs.iafedoec.top/bf80fa/dCMkbCFlSH5C/I0BtZS8kRyp-XiF0JX5/ 		307 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/dCMkbCFlSH5C/I0BtZS8kRyp-XiF0JX5/mI29lcg2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.0.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
46beb0151323b0e61ddd2f533ff255c1f645e0feb5bd9224ccfef30c2d2c58e8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHdlHZtEqqa07hthhHRFtwcmiwoVPZm04gR8ioniIALf%2B71bwKDozIhuk90Z87xeji4pMStdSUf%2BUpZsNo1s8DwumOGAgv7s7X%2FlE0ncZ%2Fh3las5d6eyAYPjBRQGE8FZ5i11Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
8aeb0b7a0e128758-MIA
alt-svc
h3=":443"; ma=86400
content-length
199
QlXnh-ZG5p0
usjs.iafedoec.top/bf80fa/JGV-Ly/ 		37 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/JGV-Ly/QlXnh-ZG5p0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.0.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1ff6c2451c45f133e8c67aa61998dc76fbb1e46d3880cf3becf183140667b32

Request headers

Accept
*/*
Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
br
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BqsD9JU%2F%2FBiNeNDktaM41H5%2BC1cDh0vvEeV4jDumPOqNN6%2BGPSoIvGxfMTZVMlrLrNVJT4TLMh5B0gFm6xcrR72H7yzlSL6Um3HhXLwx3R75ILLEpSSq3PvHTltp5n8nyvjvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private
cf-ray
8aeb0b7abf0f8758-MIA
alt-svc
h3=":443"; ma=86400
3.4.5
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.5
358 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.4.5
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
Protocol
H2
Server
2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://usjs.iafedoec.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
br
strict-transport-security
max-age=63072000
last-modified
Mon, 15 Jul 2024 15:34:05 GMT
x-vercel-id
cle1::iad1::rxrqj-1721057644624-6d3492af5914
cf-cache-status
HIT
age
1847908
server
cloudflare
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
8aeb0b7da8f99aba-MIA

Redirect headers

date
Tue, 06 Aug 2024 00:52:33 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
cle1::iad1::r5xbn-1722904794189-098c070c1fb0
server
cloudflare
age
756
x-vercel-cache
MISS
vary
Accept-Encoding
location
/3.4.5
cache-control
max-age=14400
cf-ray
8aeb0b7d68c79aba-MIA
content-length
0
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://usjs.iafedoec.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 00:19:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 00:52:33 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://usjs.iafedoec.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
274859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10482
last-modified
Sat, 06 Jan 2024 21:52:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bda5-28f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9LcLgvnUEoTmYVFY%2Fi3KnaQND3R1s3MbrFaNyOcQt2bm7sdqP1f4pLbLxmAoaD%2Bun8jrDMgnXStbcDdxH6EW3OSlRfGggFMgRWr4itxctbKk%2BoAHo9omfhn3y4iia%2FsvXqKoO3U"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8aeb0b7c48a1a68c-MIA
expires
Sun, 27 Jul 2025 00:52:33 GMT
2N3IWMjLypeLmoxJQ2.js
usjs.iafedoec.top/bf80fa/JDJzJV50L0AlJH5-cH/NeQHwvYiptfH5ieCN-IXRtc2VqY2MkbiokJH58I2pfc/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/JDJzJV50L0AlJH5-cH/NeQHwvYiptfH5ieCN-IXRtc2VqY2MkbiokJH58I2pfc/2N3IWMjLypeLmoxJQ2.js
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dc29924dc0de9732dc0538724a57083b75890f1fd5a9be81218d28f0ed757443

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 06 Aug 2024 00:52:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqcVt4YCyzSxeIH44kc9ajErqBOnJRC1Xp1t8a8zDqt40L719To97kQ7Sxa9CuWl1tIMltIwRu78x%2Ft9xwc0DBYFeyb7VSxlE40wq1rQ8eID5NJUzUYpcgPvLt3HGdTequyodw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aeb0b7c18d48758-MIA
alt-svc
h3=":443"; ma=86400
content-length
3387
eQHMqfColI35zbyplc2R-aS81.js
usjs.iafedoec.top/bf80fa/Y2p8dHdyXyQkfC5lZWkkfmN8fCMlIS/EjYXgjc3RtL2IvJEBkKm5sI2p4Q25efnUhbmZ6QGNAcColfnMlJEB-IWN4Kl5/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usjs.iafedoec.top/bf80fa/Y2p8dHdyXyQkfC5lZWkkfmN8fCMlIS/EjYXgjc3RtL2IvJEBkKm5sI2p4Q25efnUhbmZ6QGNAcColfnMlJEB-IWN4Kl5/eQHMqfColI35zbyplc2R-aS81.js
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
49e014b334b0ee938fd5e63f7e6335f9b5738dfbb50f67f49370a70bc721d590

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 06 Aug 2024 00:52:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3%2BV2w1xKXCC2R570piwrkV3HfVY1uOrqNi8pcLvCCfR1afNCn0glWx42CijGS2GGNvDIcWVLY7nm%2FEl41voRPcmDvwhvl8zRP%2B5m944T63zeypAtxKMt31QqD5QmOTOwvtcjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aeb0b7c18d68758-MIA
alt-svc
h3=":443"; ma=86400
content-length
3291
zKm4jIWMvanwveCNpJGQl0.svg
usjs.iafedoec.top/bf80fa/XiM1JH5jfmJlbWN6Znx-I258KiV/2Y0AlZy9ed35zQHghbC4kdEAjeGVkfml-IWFeITQqQCQkc19/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usjs.iafedoec.top/bf80fa/XiM1JH5jfmJlbWN6Znx-I258KiV/2Y0AlZy9ed35zQHghbC4kdEAjeGVkfml-IWFeITQqQCQkc19/zKm4jIWMvanwveCNpJGQl0.svg
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Aug 2024 09:42:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3f264813f7e3da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mKsjnxxYNMjmiog62clmF3VW7czpGWfeiAKKH40%2F0WNKDfxhZN5Vve7MTE2PfsvvOoE59CXwn1fWTyiUoWSfPRs6TVDjTEp7XyxphiyqqAEGJzyNI1%2B5CKDgmPqNX7pMf1xLkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8aeb0b7c18d98758-MIA
alt-svc
h3=":443"; ma=86400
kd0dhfCN8YmRkM34kbi8hJQ2.png
usjs.iafedoec.top/bf80fa/aWNzfCMkKiN-JXgqKiV8JF5jbkBlQCM/hZn5AXyMvKi4qXmpjL2MhMXRlcHglJG5hY15jfnppc2dAfjltXnx-XmkhKjRAejdqJXh4bCQ/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usjs.iafedoec.top/bf80fa/aWNzfCMkKiN-JXgqKiV8JF5jbkBlQCM/hZn5AXyMvKi4qXmpjL2MhMXRlcHglJG5hY15jfnppc2dAfjltXnx-XmkhKjRAejdqJXh4bCQ/kd0dhfCN8YmRkM34kbi8hJQ2.png
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1cc43a97be92fddf0fe4244858f5337c80a8d350cd0afcd0c4d2004d3fded0ab

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Aug 2024 09:42:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3f264813f7e3da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQDmSgpC1xZ2pKIsqme%2F0vM%2F0VM86yZs5Vf%2FJDPhMBw26lZasP5cN0n1I3a%2Ff%2BfYkl7tf%2BnSn9j%2FzfoGCGB2SnlW50Y6nHFSwfQd88Bl8lKT4BCC1UYbREFAy6XrW1pemNVsYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8aeb0b7c18db8758-MIA
alt-svc
h3=":443"; ma=86400
content-length
5390
1UQ2A
usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/1UQ2A
Requested by
Host: usjs.iafedoec.top
URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

Referer
https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/CRxZCNhaS9AIw2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alNj6ByjmgCvflq%2BvUBekppKv00W5GQn9ke%2FJONyytyC9GfjwLG65jcz2LuqgHUNoUi8E3AceD7FLfnLNKM0FlQhoFvOVBU3iWfu76cqApqhIQ2PuFEGk2uV0kDkd7CCLM%2FhTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
8aeb0b7c18dc8758-MIA
alt-svc
h3=":443"; ma=86400
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://usjs.iafedoec.top
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:52:34 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1660650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78196
last-modified
Sat, 06 Jan 2024 21:53:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bdc3-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfyWF4s7yGA8x5SDov%2F86Jw3tSnIY77xmo54QzLVlLuMzpei4R6CYzUDK2iTfdth8i9%2FntHuJvze3HZGxV9nFQnc61w9W54wTlzu4QZdc6gVl344XHMA%2FDQqZydm8BZS%2BM0EYAks"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8aeb0b85d86ba68c-MIA
expires
Sun, 27 Jul 2025 00:52:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://usjs.iafedoec.top
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 20:57:51 GMT
x-content-type-options
nosniff
age
359683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 20:57:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://usjs.iafedoec.top
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 20:57:44 GMT
x-content-type-options
nosniff
age
359690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 20:57:44 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation) Generic Cloudflare (Online)

1069 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gVQwBbZowCWBl string| gnqYBfHjrGcVn string| url function| ArLjwblaV number| CicTBst string| eqAffQuTmUWYwe string| nKbgGqNs string| hNpDLXBwQG string| url2 function| VNGWqbyNtJJFah number| YdPNBFggxtg string| sTihLmGiLQEHhz string| url3 function| qjAJlbLzSm string| ZMDzATXPBMRVb string| suoeiw number| akLgVIVDUQ number| POrsDbfwB string| cFLYGWlR number| seaakNwhQLcjs string| OFeIWhmwTOUkd string| jOvgXDG string| lREhwSleBZfyvg string| CIYrSwRJKIwq string| WNAwcBBRDtk number| QdoyZJ number| nTwkpW number| hmdEXwF string| coMSaW number| lQRuwMMrRfPYOS number| SxBxvWLqXU number| ifDSyvsn number| dMFQMRT number| SqaLWVzGEe string| mmsTncUdVw number| rUKDJdoKDnE string| oEbEzMVyXUI string| fsBOjkOjAHRGOf string| rQAVUNfRHSy string| HFcbxnYyV number| mEuboCF number| oNJcotFOuZycN number| MmvHPNs number| cbXOrnlkuGiSIQ string| FVHDpE number| PtgWMX string| FoQAtKgfui number| CYKvfNFsKL number| RNmBHnz number| bMxdeUTofjCkZx number| uGMIHoTXHV number| WuFiZN number| mjhoCnLMxAvO string| hWdtIUUjMDqdat string| wqQKYbHLEWspF number| WBgUyOeOCeYzCk string| qRtNMnQb number| mqIbboYvQqoY string| rkWKgEu string| zXyuUQYqBlcXYO number| ShzSBx string| yvPrxbe number| NngqAJzqMLLgKV string| hLeOFfMEunh number| YLrMkOsCHsZ number| jGnlVBlQHJ function| JQYlTjsYKa number| FBswJmFYmOsqQp function| oudyZjfllxeRG number| jGFBJZSzJuq string| rClGKPUgxj string| aUnlAsJauPVmai function| yJOLJkSwHhl string| xrRlJLdVsBxg number| XzNVqvwaA function| dmTYOj string| bwerJzrwP string| ypBbGLWhjPFt number| yltxjxKQdmKKoe string| FNriHkNepe function| efslpit string| UVsSImHdZ number| lPPCFbBjeziEg string| UWFpFPRjvYpl string| qrqziiVvh number| gGMqcCjttwT number| AsrRIG string| jRBydskTk function| tpVxuizroGzqRS string| exEXItYCSPPg string| RELtIks string| VHuWUZct number| EajGotosGuonH function| YTaKzinFQ number| tiQHJgjYBWVrY string| wMpHovxU number| QcUVVEddfjbh function| iiKXjjZ number| WneMJTxzYC number| VFnIyQpEliiS string| rdGRJhJCOtbWS number| bGCULeVUVxGiU number| DlczowTx function| OLQkpjMeNjT number| PMrnIGNgiJ number| KuZOhsGemM string| sgKctr number| XOrgnqRaSquDaN number| GwfprJFR function| OEpyQiAuutZ number| wZxEttXJAJmEYn string| szGsbJ function| llCDhTnEWMZLUs string| ZeKKtglkXp number| ZpIRuC number| UrFustNCrCmvnH string| uBHkvlq function| QOHRmTaSy string| oPXutTwGHwru number| zHNfVaCxGMHt string| KqLhmz function| adsdWTM string| SUkztGJh string| SFZYclYZmfi string| QqBCeJ number| tUnGVkmoyqNTC string| RfOCewT function| FHxqcTzqvps string| LtxasuaO string| ZoBoDmCu number| PyqhHNR number| ipXSAKSfPFH string| dXboqbeWRTjwG function| GAWEDSnGczz number| QjRdwskNCJms string| dYZFnsfSGcwF string| IwlLsXNfVpku function| xbGLAWyDzqsNc string| eZUFDbRLxrJ number| VvflYnNh string| IlURnQEC string| nFvDsIITIGq string| OksyaBYejgtWW string| ooFRncEWS string| AKegYvYkOMPqiP number| XqYXHOavND number| GGMepaln string| YzdLKCLpFPA string| ZfTPLZEKODb string| TSKescrjuxwA string| FQAPvMTs number| SGrNqPrdpr string| Amtyic string| DdiYPC number| BzszNiFxnshi number| TLjsTbfAbIDpb number| lmUPVqBtQBfpNF string| HSiOjXC number| EWHlqBl string| GlTuzh number| GSPnujoadLaoR string| iNpUupALhw number| HHxWSq number| MRsGXW number| VZwBcHmlNLuE string| kFyIalQjt string| aHOhuiFqXcx number| MMTzpP number| EjWASRXnMwcopI number| tsbcGCLwk string| yswFKMO string| qwqoXIzXl number| DBtIWroekV number| PgEDSoZLCb string| QsdVKhSfCtrbT number| OUwHmUdsFBsN string| LbwFSYu number| ChcyGnxn string| RYopyUGATIvMuG number| ghGbnHMMPEH string| HLzWgbCwPPOGG number| lOYHFhfSaW string| KVEEeBNc number| grvxIH string| Yiakwbe string| mpgKwMUFpFFd string| BDBOiHZ number| CKuBUgZezSiTMS number| kVzueisBt string| AKbAHI number| KiQDLYEG number| dWWwzX string| lAzpBIeR number| dtGtMmJBulx number| BpcveiYywqJGyq number| YzgDUE number| iakgIkGAhWA number| MCVEOJ string| OEILLsHL function| $ function| jQuery number| IYZXlBS number| BzWtGBgtJ string| tjwQIbYcVk string| PSNPvlIfmmRp number| DCqwwqMZfi number| oeWKDOliDO string| ZijlbLvIjnC string| oCekqBFWKSi number| NfoemvRM number| YNBdNbLpxGRYl string| eZCtwfkWXSKGfO number| bZiktCcXV number| bTJuxS string| ovDyRAtmrco string| ZGbroazGeQYOlA string| IWEvhtNHT number| fMHPWD number| oQDDtaGWDJztG string| EqqBDaB number| hnthkEDt string| SmJDeDOhGLk number| YbawRA number| xjUrAKRF string| TtIQzatk string| BCcbmpqkrnTdBL string| RYhvPyZBU string| xzlhpI number| DFfJWAzDQU number| dItcjagvAPmxwu string| TSAnuVdzZBVN number| eXNbGyfmXBB number| INpDjzkIkWaP string| wSwkWi string| NTQWGAmO number| ZMvMaKsF string| ImyqoaTJb number| KLOOMYpaOdkYyP string| VewTUZsEoRac number| CBbDInjJxDrD number| txVjLAZcNbDW string| eIzLnecQvG number| JfXDPZGZIw number| UWntln string| MriClmq number| tquxmzNsulJM string| fLkJgKtjlOZOJ string| pTUNwRquaj number| UykTUneiFiYYXD string| QlXXsUuYFwqJJq string| QWHCEk number| LppWmKgx string| MphHATNkkUN string| EXzivxMyOyOIw string| vAMQJknQya number| XucwIrEHIMk number| UfhTTdWT string| ZwpVToJHGY number| UXEgNoqDMJdE number| VoLPxAWCoTFM function| VMXiZillUT number| IJPMIFtlY function| LxmVpiyazkWC number| eECHIRfKCZfOJ string| EsUuBz string| qmrmrOiwuK number| oFsTIOHo function| gThIkiLMX function| QlfogJePdsS string| aIvJjXw string| CeVJtb function| hACXbVFXd function| SLaQyvMqQLeL function| NeHkgVtkFtahx number| pfdEvzErhK string| ssxQWfvachoHgk number| epRHnK number| zjShKREf function| HDQqnwmPNRRPs string| WxKVVSJCzN number| nZVGaPBKffyIVW number| LGhKsdSwEXBeD string| cMCbRJguiEw string| GooUWdjvRZFBkJ function| nhVDtvZc function| DPWXwU string| auRUvMtV string| OLSbRolc number| VTOhdsEZMY number| ZyJaGmMyzSqO number| ZBVfljxpqlOvVH string| SyUmWXeXU function| PKvVKDlln number| rOBcdFryqsYpWQ number| ULdiJhcafpIAr function| kgqIEDyYMBIxFq string| cdpscSgcGlSf string| epUpxx string| gyCgzoxWwxb function| aRFvUCL number| zYbmcf function| uoAiPCYzPvVt number| GyOLdr string| yezJrwUfKkenna number| UISsaZQTKDyGB number| EJiUQsyDZplI string| jWUwNcMKk function| uvbUoDljilPD number| gjxvBskmpOvgT string| RhHVdV number| ejQVTHMhxTPVbV string| HRneCeQk string| SqXcbj function| DrGrTbzD string| JoKBBfxNLv number| LLHNqFnxu string| iCBAkF function| jUMEYbmRAAeU string| VDajWLTIiVMSzU number| TqtSHptafEwuBN number| krEMmYH number| dOOddcIgS number| FOxctlZb string| tjBEScygV string| AhfwbKGVJ string| LjEiLEEh number| LjvMSEdfB string| xsvzGttAQrwARU number| ksCpylMpvgcr number| FaKSwMAQlxNE string| AaEJCKumqB string| IMiZXCZTkjQuVx number| ybmZsrtMDRow number| llcDZkAFcqjh number| vLQBYdbRPS string| myERMXocTGXeV string| EaKkumKwtL string| TxdYmP string| wwiWXZjHEMZs string| nnZEBzciTZtEe string| qpZhkmsxj number| JQzcFF number| LlLcAzdnS string| QSdJSZwt string| NtKRUsdZzCjnaS number| fsQrwBDlcIH string| WAZJsxmfc number| gHGPuzqaqBJTME string| loYwMZJfBTMxR number| MePaBInniJqN number| MqvEbyLRxXfchC number| FLaUTfZkyjJO number| BdBCpzCMPec number| yOYhAXamxLSfQ string| GKTiHZWSaw number| AoMHwYHvMdyq number| JfIRzUCxr number| eJSDxCfWrYlMIs string| VzwpkzP number| bVNwrW string| RLDWtYkJK string| nhutHu string| KLfFTYe string| gAfdVy number| rHzVaYcna string| rkfwWLFVxB string| xfXeIuCX number| fRoSXhwYPAiE string| IkAQaknvQH string| PifxMzXqxbU number| sIpIWqzkZUIM string| ftDNOqcTQtW string| SZzAigmpY string| tvXJxKuOCwSLX number| tsEFnuhFbC string| HqgWTOykRle string| oOFdfkaIreOiSE number| OLORpsuXAI number| FRfiwUD string| GwRzznDgSBipu string| QMvAFoh string| YZcWCKhb number| ZNseHrcHIG string| IuReIogQ number| LXcrozui string| XjullO string| PhgeCEXJ number| HKagWUj number| XhOdQUMMxslK string| HndnBgHVeKe string| nYWsNoUdEpJW string| mScDnSCQY number| DNzyqONKR number| DIyeMtSEl string| KGDMxLaPG string| gdlINTCjtzrj string| SBbFTnH number| yLZLrc string| iqELvNAYtXFtj number| ZuahLjk string| JzXwWaH string| oVeWGXYN number| xfgSYnuFGi string| OllIlxSKSy number| XqVXKPmgJTmHYh string| mfxempgNXeC number| dMRyixFF string| dyLxsjQVG string| bvNoxP string| VupNmmUCINWZk string| kYpBqCjVzVb string| LHkhUpDYj number| vSIasQKsVYu number| FjUJIPeWxjo number| MLWaTdahBm string| gdfUPqQLIMevNo string| QoDNmQX string| XyVowHHxZ string| tztegqzIEKeIL string| PFhPLspnXCDYCk string| AzaHKqdxgq string| lKyAhQjQTehYS string| RMKtvNkOB string| lrtnrGUrUGShmT string| KFRwxz string| VVVuEq string| wLhoTPxICiBK string| yMJKCzceUM number| gWEhqpEbpWklNc string| kxEDPDuBqQp string| gcqPTAPVvGGtNv number| GWHwzdzQ number| hPKoNyf number| GZIyLi number| osneVLuyDuw number| qdIORptdDidRwF string| juxOptp string| egMUDNemqkG string| xEIzcEUlxNICWn number| jNfBVnxsBC number| aslQqRPQZNBms string| aIRKJv string| zxayhJEeJ number| ATRmfFdzy number| yCHHyNr number| ZwetXEOVLCHH number| DjanQn number| fcZjnkxTefoiKX string| vFMByUuOdId string| xJLmtFeZHWTmj string| vjCuuUsrpNV number| TYCutNELnqsyz string| RKYbZrSifYhPt number| VvytMvhxwEEgVT function| detectDevice string| LmlcsPq number| KVSXUSQn number| yVpEyTnjotRJiv string| OCFCZXgUdgDRw number| PGeMzLyKXxx string| OKSKathPCFih number| EvhyrsuEgVbbnc string| dFTtCnGTLjW string| xIPRuEgFOOgps number| rBAOvFdLKN string| BiJAnW number| dFVDcTngi string| NvpTaTFDVPMoO string| uzxtYRtC number| kwoTHPbCmrGk string| HPRkkOuAnz string| sFpYfOnjPGM number| UphYhfJYWOF number| HEYRBJdgm number| hvaYoqhpKdxq number| onbbRy string| WOlEnIuDUzIM number| mDNLQinkh number| KIUhvPhW string| bswmlCRoAxZj string| GsfVqe number| BsqRtIh string| RhSYVibxJhFjp number| gDMGjJF number| yNUBKVAQaU number| hWveyIUeWt string| wLXlbiOL string| FXTwsxVX string| TrDtoxMKoznoK number| MAArEIHsyQBGkC number| lKoxpjATA string| KVesJIyum string| XwyTYrbrNpIQ string| fUYQAJjlHc number| GgGXIVwxC string| BzQESJ number| IorhdYHQeaLy string| MbtOSvkSFNv string| CGfHdGFHoc string| uZOETiOHVTQT string| hbFAnD number| wmRHpVqlsCfFGo number| IAJWsCkz number| hxoBMvw number| OgrUctoc number| KHRrrj string| xqMvPpV string| RIMujVDYQf string| cMykYyyM string| BTjoHvJrDUiiL string| EMofHn string| SfqWWDpfKOHJtt number| VGOLmKls string| xEpBjgbwiuTGKd number| meHheV string| ISJwOpls string| WqebBvWdb string| VOfbvOQ number| IzgeidGYNDs string| dWFRoJ number| KnQWJPKW number| GBCUZWdwOllL string| yvZpiXx number| hqOOnukV string| VrIRiajqzvkIvM number| zkGWEfzOMS string| SBlILUqoxpF string| hLNTQUxFWh number| CrvXcbpFkBVS string| gVfiyYq number| ywehSZO string| hnmwzL string| QAXbKmrjny number| lCxOQy number| KesXmurBm number| BraVsYDMHVuRm string| zSvrqySVQtQS number| YNHzSNTnHdU string| LTItyc string| GYsBKyXSSnxu string| hSumHooPMz string| VNVInYQzg string| IjckBGtyVCrxe number| ZWbqfe string| jpdWLMLKgHFsDE string| avnoFyjE number| ilrhfykTbrC number| qkPviYdlEchVcf number| vXqZTmzmSWd number| APvRpIb string| kZPagob string| cZDBUGgH string| lvWcrxx string| BkziTXrdofAHm string| ljcPztAiUP number| VVjvExSI number| RpTKnAAiiC string| rXnRaAG number| hoTzqZ string| JvqspSQ string| SXbJAPJ number| BAqDKaHBUqsqU string| TuHTIZCDBjoBS number| xnBRmHT string| wTYXsAnwJZpNPe number| nHXqwfMpneEORX string| FBjnEFQGfctXm number| Lkjamhtks string| JIbgKrctrbFOZs string| gevQPauP string| tqpsoQXLV number| IUfpOyX string| bwdkxAaJl string| mcsmeUzaNybUK number| WPwRQyARdnCPu number| FBJxXTRKH number| fWnSclvw string| MHAdVahcXkF string| UZEhZeK string| oyagrY number| HaixDzOXMSCJZ string| JJLhyCSdAS string| QzmMhdnN number| ifWLiU number| CzudkDt number| rlFqaZ string| HlkKkShKdS string| wazJRBAfcPiYP string| glWDobG number| KRaOrLvhyY string| swnXxBQrIRwc number| JSirUlhhCI string| CMjCqd number| RnmiUXWbkwjxh function| TsKqlkOWT string| DhkIKUpFpfH string| VfzbWeZWhGWTX number| hKzqtNodoa number| oCkStApiz function| yVPDqkBkuYbe string| hnxNKHD number| VgPElnsK number| SRAMuqLNA string| tVBUZZvkZectR number| XFrNBnrtsJmw string| tLyxtNOhU function| YgDJbLt function| hbPwsEWU string| QsDUePAaqJ string| nQyeFVPGjxu number| DaFMeurJSW number| RDBeQzULugl string| hjzRRrRc function| CyKjmEjGlINGL string| nmqPecnzTdfbR string| qhBBhZA number| LFNoNoIDEprtOU function| WUFWhEwsKl string| JhdJepZY function| rqAJbF number| fcPEfCLwaQj number| kvoMErKRIHPn string| FFzCpiq number| bulijUu function| CrjxNDWWSSTwLl number| gMDqdQDgdjVbE number| SUhYPy number| uyRAYnF string| VkYUkErXTFp function| XFTqFFBiHpOZYE number| QrjcfHBudxA string| lQmPUqK function| CiYDLFovj number| twwifuOV string| oYpZNyCvZZ number| YtPeVgXQRQG string| cBfpSOGOInmZT function| iMdQQEbJKibU string| XBJnehcwXKvTL function| NqidVEO string| BGWteUqYur string| FNSgvcpC number| CsAfAOHZGzWY function| CpzpkFAf string| AXjHgHyo number| zgSieWDLSpVy string| GPGFDWUwoZbSnP string| UzkHfnvrUc function| nfXdeGtOd number| yFxNfaJ string| ZdqCjiEmoiKx number| vxgHgbGBiwVcv function| SJcrkFgcEgtAO string| cKKSfNWtOpXJ number| pBOGHi string| bZNJzaFoKZHl string| gMPJuqrg string| FQsAgbFP function| xnhEpFUp number| GPXXfAkVl string| QSKdcKpz function| cRmRvFHDHZG string| Ffjmgms number| wyDMSkwMG number| drQIXCVW function| RQDdJGtMXWmK number| gCbVyxtVhKqCZ string| yofhgNoXNC string| kpHsupcPtxHZJ number| RALISDdnrKvbg string| QxgZZCSpiEi number| saJNzFnFrmt string| iHteTQpIwAovJ number| JHuLWBc string| WiepkewtCcyE number| hlMxZPjJyNF string| BtdqrFkYn string| mXGvNDqZQ string| qmcETRKZQv string| zIeVvMLbdfOz number| rjukcPXBJBdVs number| XIyeYXMqomR string| rEZcfeJf string| lRorAxJBvVknP string| MWxbgtwo string| HtBiHEDMoRifWf number| mTFdnFCWTOYIYe number| FULLSFxWZnYCk string| KgIDEqYj string| Xlunig number| MaUOZeWRzjlIb string| aidLiZCPjWeaIL number| pzGzmu string| bPwVCEQyNuB string| XbDCLdkJjmEt number| eiPhnlMzcxAgj number| nQfJoDeqxy string| FkJFrdbHMd string| OhcVHgGnbs string| NzHQAMYuHFhjI string| WwDHoDxtuTQArn number| KLZHLvLWe string| UijhbhjBl number| PffTgXCDP string| UvFwZCn number| mlfOQdraIfg string| UQuWpTHyxOR string| rSxuiDKfTx number| hBNLvXCnxXB number| yKmpKKitmpUdq string| FwPrrQ string| VbywjuaxOoxQ number| HHaBLdE string| zbbTMdxLDtZ string| wOHadMWvFnLvDd number| MoshdD string| bdVoFdRyFlTdw string| soDQdRkWZhSqt string| MyrHaG number| hKnUXDkEQDWG number| wzQbAdele string| RtvCDn number| JDMMcRXYM string| sLXIJCyvAHq number| OoQNOk string| LptkTBGbVx string| DfqXIRWOnHkgE number| HAzOmcrc number| QbGBSjRmVpJ number| OrkObnkFcZpVuN string| BEpypCmBfquo string| uQAwuojODKo string| rDgAVPaEECvWH string| EFyioiwXkKRcn object| tailwind number| qaiiYsmK string| GPLoBS number| QApkfVlP string| ibPnHe number| LwdVSszwZdhSpp string| alGbvStdnox number| VZRYnKGB string| MdkuymV number| gTYINsMixG number| vIBOqSF string| RtZWYpFRMeEFj string| SNQtxcu string| VSMOhRaYUOMKFE number| ffsITd string| mjcuorrLzl string| lHpUJrUEhZc string| yAcFoE number| NXkHrbr number| DOhDhbV string| QuHLGaITRrU string| qoHBbRnKsr string| PpueVwJKo number| ctJGYRIx number| GdjHErhr string| lpkPNbagA number| VnBflY string| NPDeezHsRa string| wwpinaGHiJkYR string| LKCnWRA number| mMAzJPhZpw number| DlKabFPFA string| azeuzrtdffPnK number| ghxaQRNjqxSQ string| SiXOLdkJYBtCVj string| gLzjLRzEpHD number| vVZhtrGQD number| ADsNLRaV string| SkDMfkLc string| SLwYubMKTSKPsO number| FJfBfNzaWoPTP number| QsUUor number| NNtUUBNkCTlfIe string| RgwLDfVj number| dCWbwbHRPeC string| icpxZjDlao string| zkHPUKoEIpaXr number| RCHKZe number| RxRdYXuA number| ijoHOBaXaw number| rvVtFu string| pkVpNwmr string| xYRNrbUD number| JUWkDcJz number| cgwYhD string| nwPLdJZBs string| LHCnKkFO function| jcvrURxesx number| nTkrrExfmxqAG number| JQueOanlwKG number| gLRUSNbNf number| FpFwwgq function| OGAEZRkrUUtNvN string| RYxwrrLGId string| VMePYAkiaO function| tkFReRXF number| vdKCre number| KmKglH string| vvtFJOXF string| geNJZAoeeXC number| NKekRLTXNGJFnY string| TJUrqNkfOZWOFW string| AxWzMAqiRFoPRH number| iTltEL number| YiYHrRmJCqkp function| PCMiOMaYub number| roormT number| WZgJjiau function| kYHVJMn string| NjblmgrhPq string| NuFyrLovrqL string| mXDHbB number| DUBSWPzECXR number| YhvAAxb function| FvBIDMzxshtE number| keOgmtdFtJdVjS string| lYVxEUjDnUhTgO number| KmJmPqzp function| ZRwuyMMj number| GZBbmGQe function| unrhtNZVpngIvq number| cUoVmTCDzwhL string| lzNXESZ string| dFwqPzzMvlFMG number| TJDumXDIIMFWa number| KYzmtVma number| mzoQkCWt function| CehxRMeWvwwgG number| wOQzmLRkft number| cqlWKaVIKXpt string| YyOzxnalvr string| CTQVHv number| FddzcfPEwIb function| hHmKWMR string| aTeEmy string| wADYAID function| NlrXcMEyxqJ number| EYrKllsmYGz number| Rfuibmoqt number| xbVTIfoXp number| icwOuqje function| sPwkhL string| idEPlYGO function| XtBxnLeZAk function| BisIjrM number| XVPLRGSRFrluW string| MJgmQuYQC number| qRQDZaiYKzpIO number| FaCWYjPQ number| rDEKpUCwSqI function| VEnvdsZXcWuO string| tQCGRTEp string| DAEnCOFvcMS number| XPcNSZUNB number| CGjuJBn number| YjxEnhwtIvuYzz number| bZSnkzfH number| SvMAmbhqNlpIN string| vZBimGuSNV number| WrdYQDbOQtaLF number| kFNEma string| ZVKisfBK number| XcehDCAvYCsl number| uziWUM number| rOTHLudnjjpYR number| nRHngbtcl string| ikJNyOPIDqEh number| RhypIkzt string| EccVTSqyFaqRW string| SaMuenovX string| syZUyCNi string| CWkuetTddbw string| VPkwFvl number| HnBabc number| FhDosEMx number| evLzyRLN string| jeBfeTXnRce number| ptaiPeSRsJV number| aExbnEZkeyFgQ number| UzbcJottnrHz number| fOkmPmzSOpv number| KPVVKef string| uasOhEmWD string| YEIYEk number| GurxHHRXBuc string| FCdvwwKQDugA number| flQHFfsppPIJ string| PwnBcF number| cDbsJO number| NLiRmkjtCBWNV string| JFGDEpWGkaXGI number| zHLuzfFc string| kSioXFLvAhL number| AKtYlvdpqVtcm number| UoUxxMf string| EODiBHvs string| UdGhufSOmWvOLr string| dTnJEgoGxolA number| zygyFFLEOzVzUe number| PnIEhfElcKm string| xFkeSlhtqP string| tvyeAZbljjl number| eclLKFyRq string| uRNRne string| hqELPIgAH number| LcgXZwUZgw number| PonPLnZY number| ELCfSBcV number| fdPWnN number| vFdaVJmzIOEVQ number| RiQhdmApsNlJZ string| okGWaDyF number| kKiCFnmKbNIHgP string| QjrvSectJZl string| AzKIiNfrpYY number| AZuAdLvT string| axvEbgeatA number| iOIsZApifc string| FhdpAnzwAq number| DoreWCRZunGc string| UWFvdNs string| qDEkjJl string| eXtnGDAMph number| jlFJMVkNzrx number| ZDYcvn number| TvLVoGDJtLqeny number| psAiXNFQmfLkl number| IZEdWVtYXCQHsI string| GMqKuigIX number| SuYBlvXYxEwdP string| mnRyvYCyaSuDrC string| JOqKhWKQqN string| fIVRUcRawbPDvJ string| uZODEwRjdCWCJ number| KKGKRi number| yyJIkiEFJyeB number| ZoJCObZKkZeTXM number| LldlxSAy string| psvXmWydSkSYEn string| TvcbGHvrkGKx string| ZDTQJwE string| BYvMzPvYuhl string| accBmcNlFMLcP string| posbpXUMVStFD string| kHbqVACujNN string| UVBkrWlr number| JmwAzuBqQqA string| EhYdPwrKfvj string| gnhFFJNlFdp number| CxQUHYmUkQB number| RLbskDuFoUK string| CuPFDJF number| zzGxxWYFUdfU number| twEqkUMqkJp string| kKdqUw string| wwdevRBVcaXmvD number| PWmTBsjE string| RrYfplOZteb number| fdLKCWL number| MSuAMguQcK string| PoiDawRmi string| XMulCQI number| kRFxtf number| jAiWseMhwO string| gyYClSzy string| MlUhZHOhuk string| wnBJNs string| oiQmAmDTPzhbzr number| YPWJBqlwRj number| FxCxbCMSbdDmR number| nxVEco number| NYZGgxpWB number| PhlcUr number| YYAbxYRehJvYVD string| KiGTBBI string| IrGZOWVQqi string| sCeTlxcjdXYd string| qkwlrGUt number| ZrQQjIRAfcje string| baQSwdFODZ function| setCookie function| getCookie string| ZjaMpgclptrsnI string| TfgJfFefxTSgHz string| vSscQnMleGVC number| KHUjtNGSr number| GIRZwU number| fERdEFkuCwx string| SrSaUe number| BUTpfSLlLCJQZO number| vUZeWevLUqMhMj number| ucmGYoJgAqCt string| QJwwIsFSZOZ string| VDZOSocXOyOQ number| wksvKddwIkiKmJ number| qIdAZigEE string| QNGUECDASsTKb string| VqOcaSYXkf number| oKwgTsTnZUl string| ENARRsDel number| lfrjDsS string| srKvXHWP number| CAaETTOlMvj number| mckUtFXp number| FLXXVo string| qMJPUT number| XwYNqy number| wYGPPXVVK number| GBmWxtfqWUMte string| ZDpLEYtspNiimB string| eXDvQlBTry number| WduAQQl number| IpjqgTv number| LiECPTywhmP number| cNdMKxfbJo number| EsqEaGashnbDXg string| aXhJstsdu number| YiKjMrYDivSPKo number| IthdjRe number| BqvUeBm number| evPbGjQKBvpu number| AQeWbOMpKGoeN number| DMPwSrLQ string| oXmqpRRkvGi string| oMLFMVXnePUzrU number| nXXnUzEPLy string| CszvsDNvBhQtY number| jqUJXqyekofL number| TBrDuQ string| dOmFuvchuLOubv string| okXDOhQTWzok string| uRGSgT string| OUZXcql number| yfwQAQsLy string| khDQeGx number| TqRTmzS number| txekiqYFnis number| dJBdFQfZaWbhQ string| bSkPLGbUMlF number| CPQkReIViq number| DyqeOR string| agRknrMHdXHng number| LBWFBttSLzHGB number| ImUbRwtvZLSo number| oJNXlsQjD function| NcCScDtDGhjqm function| dHRyAnA string| TorXOGZAnftc number| QzNLHJwYAdG string| VgSdgfPgW function| yeMlvoNsmcPUM string| /template.html function| oGboJnavfPlq number| EvDumNTbta number| TjgBPnN string| SowCUJVC string| FOvzXFAlU number| KRXCMZrndeCNl string| TqHnooZ string| TjwHNG string| cAkeXALRrV number| OZgzDmHUAjrUX number| zotcRBFTH string| ifjuQOTZnnbYL number| AhQSfOfjM

4 Cookies

Domain/Path Name / Value
.usjs.iafedoec.top/ Name: __cf_mw_byp
Value: _pHjiDlVbevV7zrbGD1Sy88iGo.FK36N_nFHskBiqpE-1722905546-0.0.1.1-/
usjs.iafedoec.top/ Name: ASP.NET_SessionId
Value: jpcz05hjd0rvileamao3pj2z
usjs.iafedoec.top/ Name: RdStr
Value: jpcz05hjd0rvileamao3pj2z
usjs.iafedoec.top/ Name: HasCheckClientInfoCookie
Value: 7933e87c4e1affc2adda98cde7817753

5 Console Messages

Source Level URL
Text
javascript warning URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js(Line 328)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.tailwindcss.com/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js(Line 328)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.0.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js(Line 328)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.tailwindcss.com/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://usjs.iafedoec.top/bf80fa/anMkdX50c3xq/L2cjfH4qZmsqQHl-IXNkIV56/QHkkIyUjZiouZHU1.js(Line 328)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.0.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://usjs.iafedoec.top/bf80fa/fn4qcl4kbmc_I/Xh8I29lJWV0YyEqPXl-Q/1UQ2A
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tailwindcss.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
usjs.iafedoec.top
104.17.25.14
172.67.174.238
2606:4700:10::ac43:2910
2607:f8b0:400d:c02::5f
2607:f8b0:400d:c1d::5e
2a04:4e42:600::649
1993ca70effa753de70c33436bac08bd4f815e1a07e774086b925a707d3c0271
1cc43a97be92fddf0fe4244858f5337c80a8d350cd0afcd0c4d2004d3fded0ab
25a8fb998c1907ff093143033c10dd2dee285a95e1204509c84e6e2704778e36
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364
46beb0151323b0e61ddd2f533ff255c1f645e0feb5bd9224ccfef30c2d2c58e8
49e014b334b0ee938fd5e63f7e6335f9b5738dfbb50f67f49370a70bc721d590
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
67fbe8ef9020e5c776aadf6801a1fef8dc563e2e4dc9ddc740af8010c0c38943
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9685d6241f41ac71741d0ee9b242779f640cd3b1e64bb9bbcfb8798c5be503b2
9d1e2e4ad72a18cf50ffa92de733c87db8270e7a06a7c2b0fe3526d491c932bd
a1ff6c2451c45f133e8c67aa61998dc76fbb1e46d3880cf3becf183140667b32
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
b1bd2995de970f0229b3029fd590c5e36b59ed76167791ac96444c04350006d4
c2f454477f11cb6f7e6879904e5e33d4607d1f57789e28d01f802a3a8c8195f1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d34bfaaa0116ce1d799ecad7489a02740ce84f325e83f7af760a932c947c962f
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dc29924dc0de9732dc0538724a57083b75890f1fd5a9be81218d28f0ed757443
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016