m.rojadirectahdenvivo.com Open in urlscan Pro
2606:4700:3034::ac43:d5bf  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response m.rojadirectahdenvivo.com/	47 KB 10 KB	1512ms 42ms	Document text/html	2606:4700:3034::ac43:d5bf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Server 2606:4700:3034::ac43:d5bf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97b0c734434a14e0818623124847a40a94850efe4e240225f14d89b4a97528a5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 8367052ebf4d6ade-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 16 Dec 2023 12:44:52 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsWLP9UX4GpmvVlHEcdAzFpmX3efGacmpHbSx9JBLQKJcNwNC7UjSOZq7ENkf121FerMUOO5zYlegciscUwzJBrr1CPn6kbMSJn78%2BL48bWn8aISpFXtZbVBzSPiLg4IBuOWidljJolnFJbZjqGU3eg16qY%2Bfkub"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	css fonts.googleapis.com/	16 KB 2 KB	64ms 26ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 729d143021117867cf4fdf31b3f321ad8455bdf338a4883299fcf7bb93db58bc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 16 Dec 2023 12:44:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 16 Dec 2023 11:50:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 16 Dec 2023 12:44:53 GMT
GET H/1.1	200 OK	css3.css m.rojadirectahdenvivo.com/css/	1 KB 1 KB	15ms 15ms	Stylesheet text/css	2606:4700:3034::ac43:d5bf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://m.rojadirectahdenvivo.com/css/css3.css Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Server 2606:4700:3034::ac43:d5bf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b01f772fb645acfb771dd73d73c5bc4893b5e70e8b9ab44b93381d47ae82066 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:52 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 138545 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 594 last-modified Sun, 15 Oct 2023 13:31:59 GMT Server cloudflare vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRl45Cte7Q87irghINSvxYRY%2FJ74CUpoMXcqck%2BD%2BqNttr70nrwIF7ha0%2F2i%2F%2BJ45SQkdkXmJem4w9F0koeHSy6q%2F6RAen2jSe8cTLNJXnm9dfpM1epm7DA6vMzAPA3Z3OrKMmaQ%2BEHbkUBiGA53YCG1SefJeiOP"}],"group":"cf-nel","max_age":604800} Content-Type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 8367052f0f9f6ade-FRA expires Thu, 21 Dec 2023 22:15:47 GMT
GET H2	200	sharethis.js Show response platform-api.sharethis.com/js/	205 KB 46 KB	107ms 29ms	Script text/javascript	65.9.95.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://platform-api.sharethis.com/js/sharethis.js Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-27.prg50.r.cloudfront.net Software / Resource Hash 130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 12:44:05 GMT content-encoding gzip via 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop PRG50-C1 age 52 etag W/"332a8-TLw9AuvfjXyryvfCUMBAgFW/bLw" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript; charset=utf-8 edge-control cache-maxage=60m,downstream-ttl=60m cache-control max-age=600, public x-cache Hit from cloudfront x-amz-cf-id NmiVxxyLbGgmiX2w1jm9QioffEwzjpDmSadvKHs9XpQCdQpLYMswYw==
GET H/1.1	200 OK	logohd.png m.rojadirectahdenvivo.com/img/	10 KB 11 KB	22ms 21ms	Image image/png	172.67.213.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://m.rojadirectahdenvivo.com/img/logohd.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Server 172.67.213.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8d00811190b19a7bf120a860f1345a3f5ffae2a6bc1d53c57045cb64ea2c5fc Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:52 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 555725 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 10210 last-modified Sat, 02 Dec 2023 17:39:32 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWZ%2FFqNFLQ%2FqYdQqtB1L5X9999nM4IvUN2ahvw%2Bg%2Blap92Z26J2ldGASYN8vE%2B5W6HH1ExznyYgh4fxZCVbEs0W3QI2ipxyBWNZfNgH5rJZjLXyiKlbOdzXt%2F4Y%2BrJBYC%2F0eq390R37lLJwT"}],"group":"cf-nel","max_age":604800} Content-Type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 8367052f0af519ab-FRA expires Sun, 17 Dec 2023 02:22:47 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.3/	94 KB 33 KB	54ms 16ms	Script text/javascript	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 12 Dec 2023 09:00:41 GMT content-encoding gzip x-content-type-options nosniff age 359052 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33507 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Dec 2024 09:00:41 GMT
GET H/1.1	200 OK	owl.carousel.min.js Show response m.rojadirectahdenvivo.com/js/	42 KB 12 KB	17ms 16ms	Script application/javascript	2606:4700:3034::ac43:d5bf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://m.rojadirectahdenvivo.com/js/owl.carousel.min.js Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Server 2606:4700:3034::ac43:d5bf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8c728d772f3ff93b5c7c65b86855f3dc0502d1bedd04a7ed1d6af06567322f4 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:52 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1484 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 11001 last-modified Sun, 15 Oct 2023 13:31:58 GMT Server cloudflare vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bqm%2Fmz0nHmuYokRwM8%2FxyfdRp4k4cevbK%2BxxQ9DqzXDRtdMJtyAHpIkLcMkLGeQoYrTTMtWZd5KIfw88ouG3BrNqk3Up21JpuphuJ%2FNu7HLbMf5BCwsviuyej7ysbeJYumDm24dbv33wNlDdObHl1oXd6%2B%2BXKDbD"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 8367052f1fd06ade-FRA expires Sat, 23 Dec 2023 12:20:08 GMT
GET H/1.1	200 OK	functions.js Show response m.rojadirectahdenvivo.com/js/	2 KB 2 KB	19ms 14ms	Script application/javascript	172.67.213.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://m.rojadirectahdenvivo.com/js/functions.js?v=1.1.23 Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Server 172.67.213.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a48433222a04297bea6cf7aae83407acdf8778ccc7212092d27b6a44c6301d57 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:52 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 555725 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 975 last-modified Sun, 15 Oct 2023 13:31:58 GMT Server cloudflare vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMnIfYTLMnmEtD86RmBdY6FRV6I1wCd7urvdHWeZE8p1KZ38nLPevRwKuC2HpbehX3xKmg30qpNOR%2FT38Q34ZKL9TqnU1H7%2BUyS9Ts6BSZV%2FAd52cSQ6GtUyTktewsZomHQa2mjdaZbxFRGs"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 8367052f2b2719ab-FRA expires Sun, 17 Dec 2023 02:22:47 GMT
GET H/1.1	200 OK	t.js Show response waust.at/	29 KB 20 KB	49ms 32ms	Script application/x-javascript	2606:4700:20::681a:507 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://waust.at/t.js Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Server 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff4c07f1e5cbcfdcfeabb37e8c1dc21d3edc5e3e20edd2d3da16ab5aa22bc600 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 3407 Transfer-Encoding chunked Connection keep-alive last-modified Thu, 12 Jan 2023 17:19:30 GMT Server cloudflare etag W/"63c04122-728a" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQrCrjRwwgxJCvHvPEkNPYDzVkS5Hvp5gihn2o%2FEfRDdFfwe8l2Pjj9BnhYG4edI2i16%2FNCgn6jtxZJ6Atu%2FxxA5pSCH35c9sgeGEiDX7JQ%2FudKoeZQ%2BfyjAUcmpFcHAmgRmkwmd"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript access-control-allow-origin * cache-control max-age=86400 CF-RAY 8367052f38ea1987-FRA expires Sun, 17 Dec 2023 11:48:06 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	54ms 17ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://m.rojadirectahdenvivo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 06:01:29 GMT x-content-type-options nosniff age 197004 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Dec 2024 06:01:29 GMT
GET H/1.1	200 OK	de.png img.webme.com/pic/t/tarjetarojatvonline/	354 B 720 B	356ms 224ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/de.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash 50b75f9d95e10836440c9d0c8c2e889924cddb0b365fd3e2281983dae4e9f2bf Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:44:52 GMT Server nginx X-wm-VIP 193.238.27.18 Age 19398 ETag "63f79804-162" X-Varnish 178714174, 1064769351 1058774289 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 354
GET H/1.1	200 OK	ae.png img.webme.com/pic/t/tarjetarojatvonline/	376 B 741 B	145ms 12ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/ae.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash e49e20336b6866d6152fedd60d1cf67b5286ea1b1afbac4fc7a7fbb7a5d3482e Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:43:51 GMT Server nginx X-wm-VIP 193.238.27.18 Age 74910 ETag "63f797c7-178" X-Varnish 78322822, 1064769337 1058250851 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 376
GET H/1.1	200 OK	es.png img.webme.com/pic/t/tarjetarojatvonline/	601 B 967 B	147ms 13ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/es.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash 4b279e738931f742152394f78a9b96dfd75eb3f71d4f6754d0a9392e01d758cc Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:45:10 GMT Server nginx X-wm-VIP 193.238.27.18 Age 19398 ETag "63f79816-259" X-Varnish 182367049, 1064830151 1058774292 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 601
GET H/1.1	200 OK	fr.png img.webme.com/pic/t/tarjetarojatvonline/	344 B 710 B	148ms 13ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/fr.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash a676e44f907427d3a4bcc3705a236ce33972ed525666b7b8294c3be03d9a8472 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:45:17 GMT Server nginx X-wm-VIP 193.238.27.18 Age 19398 ETag "63f7981d-158" X-Varnish 178714176, 1064769339 1060947602 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 344
GET H/1.1	200 OK	it.png img.webme.com/pic/t/tarjetarojatvonline/	344 B 710 B	148ms 12ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/it.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash 0f8698e792828680d9abe2501352159754a6b120a5504754a70401b0e8589bd8 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:45:43 GMT Server nginx X-wm-VIP 193.238.27.18 Age 19398 ETag "63f79837-158" X-Varnish 179873505, 1064830153 1045621254 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 344
GET H/1.1	200 OK	be.png img.webme.com/pic/t/tarjetarojatvonline/	343 B 708 B	149ms 11ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/be.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash beae0a296fdccd6df2e89ad914c9af658fec5367136a688c10983f4e2ed73253 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:44:04 GMT Server nginx X-wm-VIP 193.238.27.18 Age 73986 ETag "63f797d4-157" X-Varnish 73440479, 1064769341 1057676209 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 343
GET H/1.1	200 OK	en.png img.webme.com/pic/t/tarjetarojatvonline/	137 B 502 B	7ms 7ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/en.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash 862a625668e6c71f5bc035bc14c202e1de4506b4d3359ae62812415c99a58b42 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:45:00 GMT Server nginx X-wm-VIP 193.238.27.18 Age 40094 ETag "63f7980c-89" X-Varnish 139698672, 1064830155 1062119650 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 137
GET H/1.1	200 OK	nl.png img.webme.com/pic/t/tarjetarojatvonline/	354 B 719 B	8ms 7ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/nl.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash 192d2cb39f33e02861f5af38228f00c5918935ecfc3a5b3db2bbab0c92813ab9 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:46:08 GMT Server nginx X-wm-VIP 193.238.27.18 Age 66291 ETag "63f79850-162" X-Varnish 93424511, 1064769343 1059496176 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 354
GET H/1.1	200 OK	gr.png img.webme.com/pic/t/tarjetarojatvonline/	412 B 777 B	8ms 8ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/gr.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash 95523f7429e46a38f3b5717fdb9a41fa4faa1235343651d6ec2492aaf7d26432 Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:45:25 GMT Server nginx X-wm-VIP 193.238.27.18 Age 4095 ETag "63f79825-19c" X-Varnish 202399656, 1064830157 1063222429 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 412
GET H/1.1	200 OK	amis.png img.webme.com/pic/t/tarjetarojatvonline/	1 KB 2 KB	9ms 9ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/amis.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash f0951876e14bf9a9cb9cd7f31da32c6052208abc9e73fd0fbfcfed9af1839fca Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:43:51 GMT Server nginx X-wm-VIP 193.238.27.18 Age 39919 ETag "63f797c7-4c4" X-Varnish 138566115, 1064769345 1061995729 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1220
GET H/1.1	200 OK	ar.png img.webme.com/pic/t/tarjetarojatvonline/	444 B 810 B	9ms 8ms	Image image/png	178.162.223.114 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://img.webme.com/pic/t/tarjetarojatvonline/ar.png Requested by Host: m.rojadirectahdenvivo.com URL: http://m.rojadirectahdenvivo.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.223.114 Frankfurt am Main, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS img.webme.com Software nginx / Resource Hash e3e7a081753cf0c4f8f201eab5c20644adee5799cce20792a51cd52be2fd025e Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Via 1.1 varnish-v4, 1.1 varnish-v4 Last-Modified Thu, 23 Feb 2023 16:43:51 GMT Server nginx X-wm-VIP 193.238.27.18 Age 54004 ETag "63f797c7-1bc" X-Varnish 110883123, 1064830159 1061489826 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 444
GET H/1.1	200 OK	/ Show response whos.amung.us/pingjs/	30 B 314 B	148ms 118ms	Script text/javascript	2606:4700:10::ac43:88d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whos.amung.us/pingjs/?k=sodecyxora&t=ROJA%20DIRECTA%20%7C%20Tarjeta%20Roja%20-%20Pirlo%20Tv%20-%20EliteGol%20-%20Liga%20Futbol&c=t&x=http%3A%2F%2Fm.rojadirectahdenvivo.com%2F&y=&a=0&d=1.617&v=27&r=1774 Requested by Host: waust.at URL: http://waust.at/t.js Protocol HTTP/1.1 Server 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash daa057886cec37410a0fc203e2ace7fad89554186224932301d50aa37aa0d6fe Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT content-encoding gzip CF-Cache-Status DYNAMIC Server cloudflare Transfer-Encoding chunked Content-Type text/javascript;charset=UTF-8 Connection keep-alive CF-RAY 8367052fdc423a68-FRA
GET H2	200	60ef64f4ad0bf0001b1230ff.js Show response buttons-config.sharethis.com/js/	1 KB 954 B	121ms 40ms	Script text/javascript	2600:9000:2127:e00:c:abe:f440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buttons-config.sharethis.com/js/60ef64f4ad0bf0001b1230ff.js Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0c9e8bb404ca5176b74650011f08205630bda726ace9bdd9c8d36187e3786987 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 12:44:10 GMT content-encoding gzip via 1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Wed, 14 Jul 2021 22:58:08 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 44 x-amz-server-side-encryption AES256 etag W/"3aa4c466c28b5a6121392d1208e8c0c4" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=60 x-amz-cf-id sGKvXVdLsBalBumkMsb6YOjMWSr16aTNfuXWJ2m1Yv91ntZuDC1qPw==
GET H/1.1	204 No Content	pview Show response l.sharethis.com/	0 411 B	75ms 10ms	XHR text/plain	3.74.67.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://l.sharethis.com/pview?event=pview&hostname=m.rojadirectahdenvivo.com&location=%2F&product=sop&url=http%3A%2F%2Fm.rojadirectahdenvivo.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=ROJA%20DIRECTA%20%7C%20Tarjeta%20Roja%20-%20Pirlo%20Tv%20-%20EliteGol%20-%20Liga%20Futbol&cms=unknown&publisher=60ef64f4ad0bf0001b1230ff&sop=true&version=st_sop.js&lang=en&description=ROJADIRECTA%2C%20Tarjeta%20Roja%20TV%2C%20Futbol%2C%20En%20Vivo%2C%20Pirlo%20TV%2C%20roja%20directa%2C%20LaLiga%20de%20Espa%C3%B1a%2C%20Serie%20A%2C%20Premier%20League%2C%20UEFA%20Champions%20League%2C%20Bundesliga%20y%20mucho%20mas.. Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.74.67.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-74-67-38.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 12:44:53 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Access-Control-Max-Age 1728000 Access-Control-Allow-Origin http://m.rojadirectahdenvivo.com Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers *
GET DATA	200 OK	truncated /	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f Request headers accept-language de-DE,de;q=0.9 Referer http://m.rojadirectahdenvivo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| _wau string| wau_w_tab object| WAU_ren function| WAU_tab function| WAU_r_t function| WAU_animate_tab function| WAU_addLoadEvent function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady function| initEpisode function| cvids object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| x string| x1 string| x2

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.rojadirectahdenvivo.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 667b22b3e37d6169d8b7fac5f130ada5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
buttons-config.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
img.webme.com
l.sharethis.com
m.rojadirectahdenvivo.com
platform-api.sharethis.com
waust.at
whos.amung.us
172.67.213.191
178.162.223.114
2600:9000:2127:e00:c:abe:f440:93a1
2606:4700:10::ac43:88d
2606:4700:20::681a:507
2606:4700:3034::ac43:d5bf
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
3.74.67.38
65.9.95.27
0c9e8bb404ca5176b74650011f08205630bda726ace9bdd9c8d36187e3786987
0f8698e792828680d9abe2501352159754a6b120a5504754a70401b0e8589bd8
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
192d2cb39f33e02861f5af38228f00c5918935ecfc3a5b3db2bbab0c92813ab9
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4b01f772fb645acfb771dd73d73c5bc4893b5e70e8b9ab44b93381d47ae82066
4b279e738931f742152394f78a9b96dfd75eb3f71d4f6754d0a9392e01d758cc
50b75f9d95e10836440c9d0c8c2e889924cddb0b365fd3e2281983dae4e9f2bf
729d143021117867cf4fdf31b3f321ad8455bdf338a4883299fcf7bb93db58bc
862a625668e6c71f5bc035bc14c202e1de4506b4d3359ae62812415c99a58b42
95523f7429e46a38f3b5717fdb9a41fa4faa1235343651d6ec2492aaf7d26432
97b0c734434a14e0818623124847a40a94850efe4e240225f14d89b4a97528a5
a48433222a04297bea6cf7aae83407acdf8778ccc7212092d27b6a44c6301d57
a676e44f907427d3a4bcc3705a236ce33972ed525666b7b8294c3be03d9a8472
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
beae0a296fdccd6df2e89ad914c9af658fec5367136a688c10983f4e2ed73253
c8c728d772f3ff93b5c7c65b86855f3dc0502d1bedd04a7ed1d6af06567322f4
daa057886cec37410a0fc203e2ace7fad89554186224932301d50aa37aa0d6fe
e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e7a081753cf0c4f8f201eab5c20644adee5799cce20792a51cd52be2fd025e
e49e20336b6866d6152fedd60d1cf67b5286ea1b1afbac4fc7a7fbb7a5d3482e
f0951876e14bf9a9cb9cd7f31da32c6052208abc9e73fd0fbfcfed9af1839fca
f8d00811190b19a7bf120a860f1345a3f5ffae2a6bc1d53c57045cb64ea2c5fc
ff4c07f1e5cbcfdcfeabb37e8c1dc21d3edc5e3e20edd2d3da16ab5aa22bc600