Submitted URL: http://donovanelptv.webdesign96.com/12255103/%EB%A1%AF%EB%8D%B0%EC%8B%9C%EB%84%A4%EB%A7%88-%ED%95%B4%EC%A0%81
Effective URL: http://donovanelptv.webdesign96.com/12255103/%EB%A1%AF%EB%8D%B0%EC%8B%9C%EB%84%A4%EB%A7%88-%ED%95%B4%EC%A0%81
Submission: On March 18 via manual from IT — Scanned from ES

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 142.147.105.39, located in Chicago, United States and belongs to AS-SPRIO, US. The main domain is donovanelptv.webdesign96.com.
This is the only time donovanelptv.webdesign96.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.147.105.39 64267 (AS-SPRIO)
2 6 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
19 5
Apex Domain
Subdomains
Transfer
8 gstatic.com
fonts.gstatic.com
135 KB
7 webdesign96.com
donovanelptv.webdesign96.com
cloud.webdesign96.com
242 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
15 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 2628
63 KB
19 4
Domain Requested by
8 fonts.gstatic.com fonts.googleapis.com
6 cloud.webdesign96.com 2 redirects donovanelptv.webdesign96.com
cloud.webdesign96.com
5 fonts.googleapis.com cloud.webdesign96.com
1 i0.wp.com donovanelptv.webdesign96.com
1 donovanelptv.webdesign96.com
19 5
Subject Issuer Validity Valid
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-04-29 -
2022-04-28
a year crt.sh

This page contains 1 frames:

Primary Page: http://donovanelptv.webdesign96.com/12255103/%EB%A1%AF%EB%8D%B0%EC%8B%9C%EB%84%A4%EB%A7%88-%ED%95%B4%EC%A0%81
Frame ID: 7191AF5B1ACD6C7A045214735735C7FD
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

롯데시네마, 해적

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

19
Requests

84 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

454 kB
Transfer

862 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cloud.webdesign96.com/blog/cdn/style.css HTTP 301
  • https://cloud.webdesign96.com/blog/cdn/style.css
Request Chain 7
  • http://cloud.webdesign96.com/blog/images/img05.jpg HTTP 301
  • https://cloud.webdesign96.com/blog/images/img05.jpg

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request %EB%A1%AF%EB%8D%B0%EC%8B%9C%EB%84%A4%EB%A7%88-%ED%95%B4%EC%A0%81
donovanelptv.webdesign96.com/12255103/
22 KB
22 KB
Document
General
Full URL
http://donovanelptv.webdesign96.com/12255103/%EB%A1%AF%EB%8D%B0%EC%8B%9C%EB%84%A4%EB%A7%88-%ED%95%B4%EC%A0%81
Protocol
HTTP/1.1
Server
142.147.105.39 Chicago, United States, ASN64267 (AS-SPRIO, US),
Reverse DNS
host-142-147-105-39.static.sprious.com
Software
nginx / PHP/7.0.33
Resource Hash
e32ee30bdc7ea862617208bb8ca4da5f253ee0acbce75fb2ef3ffa09b27d67a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9

Response headers

Server
nginx
Date
Fri, 18 Mar 2022 13:36:34 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.0.33
Cache-Control
no-cache, must-revalidate
Expires
Mon, 27 Jul 2011 07:08:02 GMT
style.css
cloud.webdesign96.com/blog/cdn/
Redirect Chain
  • http://cloud.webdesign96.com/blog/cdn/style.css
  • https://cloud.webdesign96.com/blog/cdn/style.css
420 KB
56 KB
Stylesheet
General
Full URL
https://cloud.webdesign96.com/blog/cdn/style.css
Requested by
Host: donovanelptv.webdesign96.com
URL: http://donovanelptv.webdesign96.com/12255103/%EB%A1%AF%EB%8D%B0%EC%8B%9C%EB%84%A4%EB%A7%88-%ED%95%B4%EC%A0%81
Protocol
H2
Server
2606:4700:3033::6815:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3d4ec26354be7ecd3c1d308690d165c53af34dcb6392571e96d57eb94958aa

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://donovanelptv.webdesign96.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:27:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 21 Dec 2019 18:00:45 GMT
server
cloudflare
etag
W/"5dfe5dcd-68e39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xrn2UZC%2FslbJtDpcMVtKMa8CnmBrx99QV4LhYOv4QPB%2F4qEs6dc841nip9eC3ssxvXS0bULTV7%2FaP1F4JRVwx9rxAOfXkbYVUh35GI4kLD6IvRkJyJsz%2FrfYIKV8mtZebQMBjhLuK2Okyswq6ZT1PN%2BPb%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6edea58a5c32150d-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 18 Mar 2022 14:27:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCDvBbXpKIny3%2FzJcW8DOZ4CLVkCapIU7zGH3V0GExLD9kewhcqvvtKQ2c9eoMi6k%2FC5o4ujJ7FtpVPL4VscHiZrECuIRQ3dV1pUqtqXRBnLcv6baYmfwUDmcs3fhsXRvRoiTBxj5vvKL3M3v1rG05v3xcM%3D"}],"group":"cf-nel","max_age":604800}
Location
https://cloud.webdesign96.com/blog/cdn/style.css
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6edea589ae946683-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Fri, 18 Mar 2022 15:27:00 GMT
IMG_9041.jpg
i0.wp.com/thesoulofseoul.net/wp-content/uploads/2013/03/
62 KB
63 KB
Image
General
Full URL
https://i0.wp.com/thesoulofseoul.net/wp-content/uploads/2013/03/IMG_9041.jpg?fit=640%2C480&ssl=1
Requested by
Host: donovanelptv.webdesign96.com
URL: http://donovanelptv.webdesign96.com/12255103/%EB%A1%AF%EB%8D%B0%EC%8B%9C%EB%84%A4%EB%A7%88-%ED%95%B4%EC%A0%81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
946b2b39e5c0561d6fecfb92774d354cdfc7e0fd7d1aec268ef68c9d32f1dd84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://donovanelptv.webdesign96.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS mad 3
date
Fri, 18 Mar 2022 14:27:01 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Mar 2022 14:27:01 GMT
server
nginx
etag
"bb4a8b789c3d2046"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thesoulofseoul.net/wp-content/uploads/2013/03/IMG_9041.jpg>; rel="canonical"
content-length
63994
expires
Mon, 18 Mar 2024 02:27:01 GMT
css
fonts.googleapis.com/
2 KB
523 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Mukta+Malar:400,500&display=swap&subset=latin-ext
Requested by
Host: cloud.webdesign96.com
URL: https://cloud.webdesign96.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b0ad87c161b5e1c9fd356193fcd60da29789ea9e2bcb6822d19691349c483d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cloud.webdesign96.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 14:27:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 14:27:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 14:27:02 GMT
css
fonts.googleapis.com/
54 KB
12 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Black+Han+Sans&display=swap
Requested by
Host: cloud.webdesign96.com
URL: https://cloud.webdesign96.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db3510f6157a3c95751b025b462284ef09a7aaa5a37d2eec9beca7ef08e49feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cloud.webdesign96.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 14:27:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 14:27:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 14:27:02 GMT
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500,600&display=swap&subset=latin-ext
Requested by
Host: cloud.webdesign96.com
URL: https://cloud.webdesign96.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6983a3b745cf05eb16a151940ce1d9667c95dd281f15034b69f53fe02ad7766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cloud.webdesign96.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 14:27:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 14:27:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 14:27:02 GMT
css
fonts.googleapis.com/
3 KB
645 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Vollkorn+SC:400,600&display=swap&subset=latin-ext
Requested by
Host: cloud.webdesign96.com
URL: https://cloud.webdesign96.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df016f1dd2be56164911472b75a4ee62efd72d02426613dd4272dbb9941daece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cloud.webdesign96.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 14:27:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 14:27:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 14:27:02 GMT
css
fonts.googleapis.com/
384 B
351 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Federo&display=swap
Requested by
Host: cloud.webdesign96.com
URL: https://cloud.webdesign96.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f64de7cc75c56e24aa86929346da53a31db08b76ba5153ee32cfbf1ddb416573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cloud.webdesign96.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 14:27:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 14:27:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 14:27:02 GMT
img05.jpg
cloud.webdesign96.com/blog/images/
Redirect Chain
  • http://cloud.webdesign96.com/blog/images/img05.jpg
  • https://cloud.webdesign96.com/blog/images/img05.jpg
43 KB
44 KB
Image
General
Full URL
https://cloud.webdesign96.com/blog/images/img05.jpg
Protocol
H3
Server
2606:4700:3033::6815:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e63b5781b598c0776d58fe661fab3919c82b6ea9937875741624fa660c84bfa4

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
http://donovanelptv.webdesign96.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:27:02 GMT
cf-cache-status
MISS
last-modified
Sat, 21 Dec 2019 18:00:45 GMT
server
cloudflare
etag
"5dfe5dcd-ad70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSBdY5aOOrx0QLf8JqsB%2BO%2Fn34%2F3FXxMXjs1j0JjuggOTp5aNYyq12Eq4j1TlKPLz0joaWmOPzCAv2AzFaFdr6d6l8niKSYHGFic8b7JWf%2BPPNphErTX29G5fG8UYjlqUX6WsOOewE%2BC%2B7Bzlxcivingtvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6edea5940fef65f8-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44400

Redirect headers

Date
Fri, 18 Mar 2022 14:27:02 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh7O%2BRZzsLZfa7DfkWP3DpmeMQ8HDqj9GxKkam3S359QDEomzwmPFHdjfX1%2F0NkqqL6P6eSbzwNuvx4bBx7m0%2BGQnMUfzEoNeztZdUNijTdtFcOmFQB2AcAb3m0%2BvYDSAzKlgqMkSjRZH6C1bAlpvgyV9ZE%3D"}],"group":"cf-nel","max_age":604800}
Location
https://cloud.webdesign96.com/blog/images/img05.jpg
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6edea5937aac6683-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Fri, 18 Mar 2022 15:27:02 GMT
iJWFBX-cbD_ETsbWilmf.woff2
fonts.gstatic.com/s/federo/v17/
26 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/federo/v17/iJWFBX-cbD_ETsbWilmf.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Federo&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b011df17e8d9676cbaae47f785b9060a97feb144818eb5770e1d8ae7455dafd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 10:17:59 GMT
x-content-type-options
nosniff
age
274143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26604
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:07:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 10:17:59 GMT
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v11/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v11/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500,600&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:45:00 GMT
x-content-type-options
nosniff
age
150122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20200
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:05:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 20:45:00 GMT
ea8Aad44WunzF9a-dL6toA8r8nqQSWKmEJKy1nK6J8sYUGdTBHS2osQ.113.woff2
fonts.gstatic.com/s/blackhansans/v13/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/blackhansans/v13/ea8Aad44WunzF9a-dL6toA8r8nqQSWKmEJKy1nK6J8sYUGdTBHS2osQ.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Black+Han+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1943bf2b152d3424ed37030052eaef7d1be60449e3cddd8f96d49bad0dfedfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:25:50 GMT
x-content-type-options
nosniff
age
205272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13736
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 20:07:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 05:25:50 GMT
MCoXzAXyz8LOE2FpJMxZqIv_J_U.woff2
fonts.gstatic.com/s/muktamalar/v10/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muktamalar/v10/MCoXzAXyz8LOE2FpJMxZqIv_J_U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mukta+Malar:400,500&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0f894f120d6c374c9be7dd1bab10dab033f91f42b1020bbf091bb2ed6116cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 07:39:00 GMT
x-content-type-options
nosniff
age
283682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21116
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:46:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 07:39:00 GMT
1fj11w.woff2
cloud.webdesign96.com/blog/cdn/
57 KB
58 KB
Font
General
Full URL
https://cloud.webdesign96.com/blog/cdn/1fj11w.woff2
Requested by
Host: cloud.webdesign96.com
URL: https://cloud.webdesign96.com/blog/cdn/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18badd302023c3a0e11fd12ab2c436725ad1f2f539bfd6e0a1005ad9a724edda

Request headers

Referer
https://cloud.webdesign96.com/blog/cdn/style.css
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:27:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58528
last-modified
Sat, 21 Dec 2019 18:00:45 GMT
server
cloudflare
etag
"5dfe5dcd-e4a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDCZbtY%2Bv5lzJXzMz%2BJCBeYf3Vng3uYCXo9IWbWVeW4oeeCg33ea%2BpmGxvRzJIaJ6b0C5hav9WP5oN8vxtChAPcjAL22NivjnDafDQ%2BCORW1hsVipnaR8%2Biexlu%2FMtiEJ7PuqdFrbA6T8n5H0wIYif4fo%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6edea593bec53857-MAD
j8_v6-zQ3rXpceZj9cqnViF-Pn4.woff2
fonts.gstatic.com/s/vollkornsc/v9/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/vollkornsc/v9/j8_v6-zQ3rXpceZj9cqnViF-Pn4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn+SC:400,600&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfec916b64833bb6b917f6e14a9a5c912a3e4321e6cab9bbc1736f1293abd3dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:59:50 GMT
x-content-type-options
nosniff
age
246432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21748
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 20:59:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 17:59:50 GMT
ea8Aad44WunzF9a-dL6toA8r8nqQSWKmEJKy1nK6J8sYUGdTBHS2osQ.119.woff2
fonts.gstatic.com/s/blackhansans/v13/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/blackhansans/v13/ea8Aad44WunzF9a-dL6toA8r8nqQSWKmEJKy1nK6J8sYUGdTBHS2osQ.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Black+Han+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b965c82abf7edc13b20fff5c4d4fad61f3b59cdb66fe52b8766df234116f0611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 23:36:07 GMT
x-content-type-options
nosniff
age
312655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9072
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:48:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 14 Mar 2023 23:36:07 GMT
ea8Aad44WunzF9a-dL6toA8r8nqQSWKmEJKy1nK6J8sYUGdTBHS2osQ.118.woff2
fonts.gstatic.com/s/blackhansans/v13/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/blackhansans/v13/ea8Aad44WunzF9a-dL6toA8r8nqQSWKmEJKy1nK6J8sYUGdTBHS2osQ.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Black+Han+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6cdd7c9d7ad2d7aea5693bba83c526aa5bdea7de8fe628d74cbad7ed02cad18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:58:29 GMT
x-content-type-options
nosniff
age
16113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12000
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:48:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 18 Mar 2023 09:58:29 GMT
ea8Aad44WunzF9a-dL6toA8r8nqQSWKmEJKy1nK6J8sYUGdTBHS2osQ.117.woff2
fonts.gstatic.com/s/blackhansans/v13/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/blackhansans/v13/ea8Aad44WunzF9a-dL6toA8r8nqQSWKmEJKy1nK6J8sYUGdTBHS2osQ.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Black+Han+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6351f3bafe973e13e348760eff23787b03f4b2ef10aedeb7a770fc7eeeeca737
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:17:01 GMT
x-content-type-options
nosniff
age
256201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12448
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:50:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 15:17:01 GMT
42om2k.woff2
cloud.webdesign96.com/blog/cdn/
60 KB
61 KB
Font
General
Full URL
https://cloud.webdesign96.com/blog/cdn/42om2k.woff2
Requested by
Host: cloud.webdesign96.com
URL: https://cloud.webdesign96.com/blog/cdn/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41363378e9fe2ebbc2f7460af182cbbd0531b969ca5fc66dfc23afc57a36ec70

Request headers

Referer
https://cloud.webdesign96.com/blog/cdn/style.css
Origin
http://donovanelptv.webdesign96.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:27:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
61752
last-modified
Sat, 21 Dec 2019 18:00:45 GMT
server
cloudflare
etag
"5dfe5dcd-f138"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VFg%2FpI5UO2gpw4%2Fvio74ze1kyammHu6GaKc3y%2B4ODIlDqMWRPU%2B%2FRFsNrNi7ufP%2B0qbL%2BHjQZ6BXmpaUW4EOJNlvIlXHlubHQBkbWM2I2vnQw4fUVhfF4vhdeDxk3eXH%2FQvvFRFSHlJgjIaklAThvcjyvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6edea593bec43857-MAD

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.webdesign96.com
donovanelptv.webdesign96.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
142.147.105.39
192.0.77.2
2606:4700:3033::6815:14bf
2a00:1450:4001:803::2003
2a00:1450:4001:82b::200a
18badd302023c3a0e11fd12ab2c436725ad1f2f539bfd6e0a1005ad9a724edda
1b3d4ec26354be7ecd3c1d308690d165c53af34dcb6392571e96d57eb94958aa
3b011df17e8d9676cbaae47f785b9060a97feb144818eb5770e1d8ae7455dafd
41363378e9fe2ebbc2f7460af182cbbd0531b969ca5fc66dfc23afc57a36ec70
6351f3bafe973e13e348760eff23787b03f4b2ef10aedeb7a770fc7eeeeca737
8b0ad87c161b5e1c9fd356193fcd60da29789ea9e2bcb6822d19691349c483d9
946b2b39e5c0561d6fecfb92774d354cdfc7e0fd7d1aec268ef68c9d32f1dd84
a0f894f120d6c374c9be7dd1bab10dab033f91f42b1020bbf091bb2ed6116cf5
a1943bf2b152d3424ed37030052eaef7d1be60449e3cddd8f96d49bad0dfedfd
a6cdd7c9d7ad2d7aea5693bba83c526aa5bdea7de8fe628d74cbad7ed02cad18
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
b965c82abf7edc13b20fff5c4d4fad61f3b59cdb66fe52b8766df234116f0611
c6983a3b745cf05eb16a151940ce1d9667c95dd281f15034b69f53fe02ad7766
db3510f6157a3c95751b025b462284ef09a7aaa5a37d2eec9beca7ef08e49feb
df016f1dd2be56164911472b75a4ee62efd72d02426613dd4272dbb9941daece
dfec916b64833bb6b917f6e14a9a5c912a3e4321e6cab9bbc1736f1293abd3dc
e32ee30bdc7ea862617208bb8ca4da5f253ee0acbce75fb2ef3ffa09b27d67a7
e63b5781b598c0776d58fe661fab3919c82b6ea9937875741624fa660c84bfa4
f64de7cc75c56e24aa86929346da53a31db08b76ba5153ee32cfbf1ddb416573