don3.club Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.choigamedon1.online/ Page URL
2. https://don3.club/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	/ Show response www.choigamedon1.online/	5 KB 2 KB	953ms 362ms	Document text/html	172.67.204.30 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.choigamedon1.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.204.30 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd23c44a848db957d175e82635ea5ca587609faa4803078306742c1f476dbe0f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ddd69eb484edbdc-FRA content-encoding br content-type text/html date Tue, 05 Nov 2024 14:08:04 GMT last-modified Sat, 19 Oct 2024 03:47:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1IrwDBgQeoMNH88KAHkUPscUhoQ5r97Ahr7yYelRpAvOs3f1rnoHEk3dZ0Vq%2Ffl87ZmYM3Dttx6RjYbMBPsq0acm12NET4vpjVyVaHUA9gMcDp90Ym%2FitS4uiXLDJ8EGi7uNG39JxhSSgA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=6707&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4221&recv_bytes=4541&delivery_rate=886&cwnd=12000&unsent_bytes=0&cid=1c6058aef7442e91&ts=891&x=1" cfExtPri cfHdrFlush;dur=0 vary accept-encoding
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/	138 KB 23 KB	636ms 10ms	Stylesheet text/css	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.choigamedon1.online Referer https://www.choigamedon1.online/ Response headers access-control-expose-headers * content-encoding br etag W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM" age 1825330 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Tue, 05 Nov 2024 14:08:05 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-eddf8230020-FRA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 23347 x-jsd-version 4.1.3
GET H3	200	swiper.css www.choigamedon1.online/assets/	22 KB 4 KB	536ms 535ms	Stylesheet text/css	172.67.204.30 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.choigamedon1.online/assets/swiper.css?v=21 Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.204.30 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fe72ecc22efd7e66bff3be09d510e4a8cb4b2b41417ec6686d2f2b4c5f971d9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"666c6ca5-56eb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W1%2F4X9Nw7JRmaABXU80cFq7aqh3vAWvWA5VTXhUTSCP%2BNAS1PQ9fKjdl%2FZ%2FCA2ifsR7CzCygE2kKGKlrQ2ba3aNREGQP2Iw3b93Aco2My6sM%2BjiRez0NprhtRz8niRktebYVV8YzJuvAtg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69edbe22dbdc-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=10713&sent=20&recv=17&lost=0&retrans=0&sent_bytes=9181&recv_bytes=5361&delivery_rate=7544&cwnd=12000&unsent_bytes=0&cid=1c6058aef7442e91&ts=1470&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 05 Nov 2024 14:08:05 GMT content-type text/css last-modified Fri, 14 Jun 2024 16:15:33 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	style.css www.choigamedon1.online/assets/	7 KB 3 KB	358ms 357ms	Stylesheet text/css	172.67.204.30 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.choigamedon1.online/assets/style.css?v=21 Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.204.30 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 620084d9d819d073ed68567c66080fc9b86634249bc6549b850edd6762623375 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"666c6ca5-1c88" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j61zoW6aYG7RnFsV7llH2kYF%2FrrihbzI59GRqhIgKGtGcNNhHzPS1%2F0hXLk40qY3mgU2T3SI7KTLMAUZZ3JWv8gqHQNBD5pTfNYICrNqMjlrvTo3EU00a7Oi%2BkNV0Ca1VAPkQupIGSl0SQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69edbe27dbdc-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7924&sent=17&recv=15&lost=0&retrans=0&sent_bytes=6492&recv_bytes=5274&delivery_rate=203436&cwnd=12000&unsent_bytes=0&cid=1c6058aef7442e91&ts=1293&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 05 Nov 2024 14:08:05 GMT content-type text/css last-modified Fri, 14 Jun 2024 16:15:33 GMT vary Accept-Encoding priority u=0,i=?0
GET H2	200	logo.gif resourceclound.com/LDPDon/d1/images/	3 MB 3 MB	2111ms 1377ms	Image image/gif	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/logo.gif Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "541ede5936d64fe7ef32c8a236af8ea2" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxCHGWu%2BjqTwkDdwam4tntaik%2BnKt7ytfj1F7wKkUZz0%2BFISsFhBysovsJO%2FASLjWy%2Fk1mxqOdCjWZp3XVmgpXDkfwM5t0K6eUOE%2FcMNXZPkuDF0jS0w8fS2Kpy0crbn7AXQYoUDAfkROp3Cw9xNeQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f23d0937ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=16040&sent=1217&recv=655&lost=0&retrans=53&sent_bytes=1550561&recv_bytes=3303&delivery_rate=3080667&cwnd=114&unsent_bytes=0&cid=85b2da457bb3f56b&ts=2006&x=0" content-length 3540689 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/gif last-modified Fri, 14 Jun 2024 15:49:29 GMT vary Accept-Encoding server cloudflare
GET H2	200	1.png resourceclound.com/LDPDon/d1/images/	349 KB 350 KB	1238ms 504ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/1.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1244e31c91226acc22845cec3e5a428d9c6dc9cec64bfed0478ccfce05918a4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "fb979bd16a26cbe69fb824e021bbbcb4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1qUWmZtuaB24e8%2BJCh99cJSJQYIijrxQYZm6r7Aav3QVIIgAGMJniJEYdREDTgUus1xPhuaZ%2BO4BpuakURwRNOx0GEZNImoelpJwBqdBFZGAoJmlWS9gpsQ3VWn66gSoyzq8f%2BgLYnj7jcyZUPl%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f23d0a37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=13396&sent=282&recv=109&lost=0&retrans=0&sent_bytes=352870&recv_bytes=2579&delivery_rate=12876665&cwnd=387&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1148&x=0" content-length 357294 date Tue, 05 Nov 2024 14:08:05 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:49:18 GMT vary Accept-Encoding server cloudflare
GET H2	200	2.png resourceclound.com/LDPDon/d1/images/	346 KB 347 KB	730ms 651ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/2.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63e6f85a6f00e2b804d625730f9d6cb6fe02f8d1405205e59e70839877758432 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "268e98712d5bda68503b16109bbf57b1" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdabEWJhlW2F9ZzO%2FqMG8g3keNiCtNRTe8dhpsK2%2FxOHpSfD2Itni%2BnhJWaEgUc6Ts52%2Fn3SEbga%2FnZmKPgvcpYfHXvWsOb0xPzJaDbQ8nq7eT%2FKBpSJ%2FDLjKwRQ9uAGRBLmuR5vEbEW1J%2BQbeKzRQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f25d2b37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=13177&sent=569&recv=260&lost=0&retrans=0&sent_bytes=711808&recv_bytes=3231&delivery_rate=12876665&cwnd=476&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1274&x=0" content-length 354462 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:49:19 GMT vary Accept-Encoding server cloudflare
GET H2	200	3.png resourceclound.com/LDPDon/d1/images/	338 KB 339 KB	351ms 273ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/3.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9fe9335b006c3ae4bb215aca77fb88d5a15b1a7b16aa7bc859107213a8c029d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "e6c1c9b72f5fdd802854fe1b2a91f958" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vInA5eyxefeDn4rg1ZbTQebGhHjkvWDpwJi4ZgIPOASRdF%2BI1Wn2CHicxiVikzElo%2BFfBiCjqJEXi3hjrGkPfBxmtqcRZqvfRD5ZnC64DZ5J1aKjTu2qFr7PUetvJ7HD6efQBCmdCMsAObVGpJd5Hg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f25d2a37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=12946&sent=8&recv=17&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2579&delivery_rate=330824&cwnd=254&unsent_bytes=0&cid=85b2da457bb3f56b&ts=931&x=0" content-length 345813 date Tue, 05 Nov 2024 14:08:05 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:49:18 GMT vary Accept-Encoding server cloudflare
GET H2	200	4.png resourceclound.com/LDPDon/d1/images/	261 KB 262 KB	1251ms 1174ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/4.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6589ff58a0a120a5e8fcef1f715f437c41e3baee40e0395ac036dd2aaf7176da Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "830d99abe9a0950d7e793ec7d5e365a8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6%2F7rW95mpAhL6YbT7Ykrc9EnIpk0ih49P3S744Q%2BW%2BdZfqVsdrdHYOaTqvrKNBtEwf%2BYZBPrD859Sl2qVBq3Ao9EEf1tIqw4cg8OFvqoCDnbaQcalpqhAYagaCUomq888GXuJPNAo8xRE0PfcF0DQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f25d2c37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=13146&sent=1007&recv=468&lost=0&retrans=53&sent_bytes=1271508&recv_bytes=3303&delivery_rate=2529758&cwnd=70&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1785&x=0" content-length 267292 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:49:20 GMT vary Accept-Encoding server cloudflare
GET H2	200	jquery-3.1.1.min.js Show response code.jquery.com/	85 KB 30 KB	456ms 21ms	Script application/javascript	2a04:4e42:600::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.1.1.min.js Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.choigamedon1.online Referer https://www.choigamedon1.online/ Response headers content-encoding gzip etag W/"28feccc0-152b5" age 1753245 x-cache HIT, HIT date Tue, 05 Nov 2024 14:08:05 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding x-cache-hits 93, 7925 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-served-by cache-lga21947-LGA, cache-fra-eddf8230041-FRA cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1730815686.872410,VS0,VE0 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30070 server nginx
GET H2	200	bootstrap.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/	50 KB 15 KB	61ms 6ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/bootstrap.min.js Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.choigamedon1.online Referer https://www.choigamedon1.online/ Response headers access-control-expose-headers * content-encoding br etag W/"c75f-J6cbADg9Ye88SJMms1ZNaY/BInw" age 1237481 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Tue, 05 Nov 2024 14:08:05 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230020-FRA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 14930 x-jsd-version 4.1.3
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 969 B	554ms 124ms	Script text/javascript	142.250.186.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f4.1e100.net Software ESF / Resource Hash 2108ac60bc352011468c22c5405ad3d88912de0a4d76200e8869e7a4d7ff0e07 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Tue, 05 Nov 2024 14:08:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Tue, 05 Nov 2024 14:08:05 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H3	200	swiper.js Show response www.choigamedon1.online/assets/	257 KB 49 KB	1151ms 1127ms	Script application/javascript	172.67.204.30 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.choigamedon1.online/assets/swiper.js?v=21 Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.204.30 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed5a0bdcaf53e3baa6ca64876a1ce385b51cca349db4237b6a359bfb8ec8379c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"666c6ca5-40267" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTsorgtbPYmkphwu11SKLPazIzOnGYUGi2P1yxFUhm2Pb%2B4n8Y5%2BKvRvmzd4I0NQ4%2FEGkTqYc0BQhvh26sllnXzeoA48XYWgU015dLD3ZhklD7tM7sH1CMmMozrTnjEjU5GxTyXPQuPvsA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f22882dbdc-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9568&sent=28&recv=22&lost=0&retrans=0&sent_bytes=15364&recv_bytes=6106&delivery_rate=3919&cwnd=12000&unsent_bytes=0&cid=1c6058aef7442e91&ts=2711&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 05 Nov 2024 14:08:06 GMT content-type application/javascript last-modified Fri, 14 Jun 2024 16:15:33 GMT vary Accept-Encoding priority u=2,i=?0
GET H3	200	page_all.js Show response www.choigamedon1.online/assets/	4 KB 2 KB	510ms 493ms	Script application/javascript	172.67.204.30 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.choigamedon1.online/assets/page_all.js?v=25 Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.204.30 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a023d13acfe38f8b088912dd3e86ad790acbb1ced7131924ab741fed79333474 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66ffb730-eaf" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXC36ZsgWVIBlfEvbD6HneLVNx9MsyG13L2ly%2BZVWNBHPWaMIkW%2B7jR6%2FkGT3g9UCxNZIAfA8zNsgf%2BuNHnzNBmOX8wtYyRF9nUuNGkVU65zU9XSIdJc9QdqJufOMh42G3JMJS1G%2BRG7PA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f23897dbdc-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9660&sent=26&recv=21&lost=0&retrans=0&sent_bytes=13425&recv_bytes=6063&delivery_rate=675453&cwnd=12000&unsent_bytes=0&cid=1c6058aef7442e91&ts=2135&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 05 Nov 2024 14:08:05 GMT content-type application/javascript last-modified Fri, 04 Oct 2024 09:36:48 GMT vary Accept-Encoding priority u=2,i=?0
GET H2	200	css2 fonts.googleapis.com/	28 KB 2 KB	546ms 94ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 05 Nov 2024 14:08:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 05 Nov 2024 14:08:05 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 05 Nov 2024 13:06:49 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	bg.jpg resourceclound.com/LDPDon/d1/images/	108 KB 108 KB	1498ms 1490ms	Image image/jpeg	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/bg.jpg Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 171ddf8247318f4119721b026441046b5f91f6dddf02ed1f25385b5fc4bb2dd8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "4e50f01330c7ca0ecf80351c4e26f721" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0X%2BFRVY8u5pOl67mWpIwy3mmkfXNaUYflXUJkC%2BpYKkCDsCrbI5jnUgxkUbqvGFaisF%2F84llnbdHhK4bYPorT%2FtoSM7B4tpsLXiJyK409UcIOjDz9aohlc7jpVtDI82wXWeWYxbVTWFfQI5We%2BtnZw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f58f8c37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=12012&sent=2631&recv=919&lost=0&retrans=122&sent_bytes=3449122&recv_bytes=3303&delivery_rate=4794758&cwnd=169&unsent_bytes=5392&cid=85b2da457bb3f56b&ts=2640&x=0" content-length 110149 date Tue, 05 Nov 2024 14:08:07 GMT content-type image/jpeg last-modified Fri, 14 Jun 2024 15:40:50 GMT vary Accept-Encoding server cloudflare
GET H2	200	btn-support.png resourceclound.com/LDPDon/d1/images/	9 KB 10 KB	630ms 622ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/btn-support.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d539890b341fb2d3326404f1127b33981831aa903c670bd9bdbbafd1e32c2b7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "a11044fd35d3d3a5a036f3222bb28765" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJnYES5IokC97N49efRVFvalhPcGfvE3efDotN0jRtXdcfn5EsZLsvRDEoLhB%2B1sVnizNQIB7K7MUi11erT35uDWiBkA2F0RpTpdl8SU%2FkAun%2FZqVsg1iKKVG1%2Bx1diGmZ9twKzgt6c%2FaNshHNLIyg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f58f9037ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=12309&sent=902&recv=427&lost=0&retrans=53&sent_bytes=1136613&recv_bytes=3303&delivery_rate=2434026&cwnd=170&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1625&x=0" content-length 9239 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:49:21 GMT vary Accept-Encoding server cloudflare
GET H2	200	btn-group.png resourceclound.com/LDPDon/d1/images/	10 KB 10 KB	872ms 863ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/btn-group.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc561a784ebcd580c12893ad796d41191b04c568621a8b3a883eda4bf61ddb90 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "4906cdf6f4e65b3912b873484b0e64df" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5D2GrPif2BQbOdTDxTY8oPfapO8rjSp0Dfp0bJX5wVMRZtQ6RArdmZ7nlK4CH31jbX%2F5w0yXRsb857VAU9DvjbUNDzXX2GauQsldbb4xDNukHvdDXGEA9U3Qgztr8VoCH6YRq7hEJhI0KZEF8VsLQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f58f8937ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=12594&sent=1208&recv=635&lost=0&retrans=53&sent_bytes=1540164&recv_bytes=3303&delivery_rate=3176939&cwnd=114&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1997&x=0" content-length 9844 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:49:21 GMT vary Accept-Encoding server cloudflare
GET H2	200	btn-ggplay.png resourceclound.com/LDPDon/d1/images/	37 KB 38 KB	600ms 592ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/btn-ggplay.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dbac551e937aa990e078514757cb6c7b42e2bfa1534330b68a87ab75d7c2f15 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "204dfd9762167b65e4853b709ecee5e6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7F%2BF72%2BZPpFOGSzZtuWYNr5KoVSn6rl%2BpLzx6aOlXwUSGKKTdJrt8Wf4FmophrnS28f7UPZTIuBtjnEgaandUp33gy76NTlBr%2FlmXghyUSb1MVnnZF%2FbK%2FSAYPRA95i8Ro8%2B%2FuKLQDr7nl6nri%2FPOA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f58f9137ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=13104&sent=945&recv=443&lost=0&retrans=53&sent_bytes=1191554&recv_bytes=3303&delivery_rate=2434026&cwnd=70&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1725&x=0" content-length 38120 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:40:54 GMT vary Accept-Encoding server cloudflare
GET H2	200	btn-ios.png resourceclound.com/LDPDon/d1/images/	40 KB 40 KB	667ms 658ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/btn-ios.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5411bc33cd125886bb2f20b7f32f4bad467d938bbd594abb41f255459037d668 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "602492976a602411354b1c045a6ae8da" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVY%2Bs9PEGgKHeklUQ6u9VhRPjWHtCOWA%2Fk0FnKmnpy6DPwAarMYOkW3x62mtb8KLHNOWGcgQ5jFCjNxuPFN4CIxDP3waAeszdFp1APmmrs0aGaymc2ok23GvwSdD0zTazKMywu34jbKTypTB5t0Uag%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f58f9237ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=13295&sent=975&recv=463&lost=0&retrans=53&sent_bytes=1230406&recv_bytes=3303&delivery_rate=2529758&cwnd=70&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1768&x=0" content-length 40454 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:40:55 GMT vary Accept-Encoding server cloudflare
GET H2	200	btn-android.png resourceclound.com/LDPDon/d1/images/	39 KB 39 KB	994ms 986ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/btn-android.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8633ede14aa2c7d470f53efe49dc83db6aa9e32f4d9b1f7f23a9e842cdcbb6d2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "4ead042de69e9013bf0f2e8bb2a8a01d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GMQEGXuOKN3INBfos7hnVk7HGBEGcEXnw9VYQkysgk%2FScsfUf1SoEqOGytv0HD8mvIYcfArT1AsjeN59KdI1Whhtsdc7BTjedx22XaB7xpS3zNGdk88SMBmFvdTI60hyEiJuVDL0Juyk35R%2B9rkVfA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f58f8b37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=13222&sent=1314&recv=715&lost=0&retrans=53&sent_bytes=1679526&recv_bytes=3303&delivery_rate=1548535&cwnd=120&unsent_bytes=16176&cid=85b2da457bb3f56b&ts=2090&x=0" content-length 39787 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:57:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	btn-web.png resourceclound.com/LDPDon/d1/images/	40 KB 41 KB	1074ms 1067ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/btn-web.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05da8f37c5c53892d093f576adcdea94385200798b8e2674e93de7a8a2bc1a47 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "18bfca2467db32e515d4d1655026a5af" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FD1rP614zCoQLbeBEYqr4NYSJYlnU%2FnJxc%2BmMioT5PClHkfZLuqqOapY6cf%2FmdX5jUsL2f5JdXli3%2BG%2BiCkyR35FZkpDc0AUZsnKspF1o7vqx8A9%2BqPuMMDoYP9pTEl%2BtWjvhbdl4rHd%2BcWP%2Bmdog%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f58f8e37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=14420&sent=1370&recv=746&lost=0&retrans=53&sent_bytes=1753921&recv_bytes=3303&delivery_rate=3967419&cwnd=123&unsent_bytes=0&cid=85b2da457bb3f56b&ts=2130&x=0" content-length 41193 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:40:57 GMT vary Accept-Encoding server cloudflare
GET H2	200	btn-dns.png resourceclound.com/LDPDon/d1/images/	43 KB 44 KB	627ms 621ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/btn-dns.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/style.css?v=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63e89b0e5b45b72a525cb85b049a9ff430edc231ae1fe547d3f4d46091000d6a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "0254dbd9f217a7eb66739bac9bce1508" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyiCXy8HhxZeUuyksEcBFWmIwMfK8yBM5GEIvKI28aJQf3fxrzuYsFZ5qLPf3Je12bhaBsfNHt0jbFKOvPLe6rFFKNjWU0oudEIx0Q%2FwkRq20dPwvGo7HfxuNvlWBE9Ux9m93iPSjeXIEwSer%2FeI6Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f58f8a37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=12741&sent=910&recv=431&lost=0&retrans=53&sent_bytes=1146407&recv_bytes=3303&delivery_rate=2434026&cwnd=70&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1700&x=0" content-length 44515 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:40:52 GMT vary Accept-Encoding server cloudflare
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	217ms 54ms	Font font/woff2	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.choigamedon1.online Referer https://fonts.googleapis.com/ Response headers age 2964 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 05 Nov 2025 13:18:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 05 Nov 2024 13:18:42 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/	547 KB 217 KB	388ms 46ms	Script text/javascript	142.250.184.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f3.1e100.net Software sffe / Resource Hash 5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.choigamedon1.online Referer https://www.choigamedon1.online/ Response headers content-encoding gzip age 6767 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Wed, 05 Nov 2025 12:15:19 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 05 Nov 2024 12:15:19 GMT last-modified Tue, 22 Oct 2024 00:01:33 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 222594 x-xss-protection 0 server sffe
GET H/1.1	200 OK	don.json langdingpageinfo-default-rtdb.asia-southeast1.firebasedatabase.app/	518 B 841 B	325ms 320ms	XHR application/json	2600:1901:0:ff53:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://langdingpageinfo-default-rtdb.asia-southeast1.firebasedatabase.app/don.json Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.1.1.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:ff53:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Access-Control-Allow-Origin * Referer https://www.choigamedon1.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/json; charset=UTF-8 Response headers Strict-Transport-Security max-age=31556926; includeSubDomains; preload Cache-Control no-cache Connection keep-alive Access-Control-Allow-Origin https://www.choigamedon1.online Content-Length 518 Date Tue, 05 Nov 2024 14:08:08 GMT Content-Type application/json; charset=utf-8 Server nginx
GET H2	200	1.png resourceclound.com/LDPDon/d1/images/	349 KB 0	33ms 33ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/1.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1244e31c91226acc22845cec3e5a428d9c6dc9cec64bfed0478ccfce05918a4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "fb979bd16a26cbe69fb824e021bbbcb4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1qUWmZtuaB24e8%2BJCh99cJSJQYIijrxQYZm6r7Aav3QVIIgAGMJniJEYdREDTgUus1xPhuaZ%2BO4BpuakURwRNOx0GEZNImoelpJwBqdBFZGAoJmlWS9gpsQ3VWn66gSoyzq8f%2BgLYnj7jcyZUPl%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f23d0a37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=13396&sent=282&recv=109&lost=0&retrans=0&sent_bytes=352870&recv_bytes=2579&delivery_rate=12876665&cwnd=387&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1148&x=0" content-length 357294 date Tue, 05 Nov 2024 14:08:05 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:49:18 GMT vary Accept-Encoding server cloudflare
GET H2	200	4.png resourceclound.com/LDPDon/d1/images/	261 KB 0	34ms 34ms	Image image/png	2606:4700:20::ac43:4868 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://resourceclound.com/LDPDon/d1/images/4.png Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4868 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6589ff58a0a120a5e8fcef1f715f437c41e3baee40e0395ac036dd2aaf7176da Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.choigamedon1.online/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "830d99abe9a0950d7e793ec7d5e365a8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6%2F7rW95mpAhL6YbT7Ykrc9EnIpk0ih49P3S744Q%2BW%2BdZfqVsdrdHYOaTqvrKNBtEwf%2BYZBPrD859Sl2qVBq3Ao9EEf1tIqw4cg8OFvqoCDnbaQcalpqhAYagaCUomq888GXuJPNAo8xRE0PfcF0DQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ddd69f25d2c37ea-FRA accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=13146&sent=1007&recv=468&lost=0&retrans=53&sent_bytes=1271508&recv_bytes=3303&delivery_rate=2529758&cwnd=70&unsent_bytes=0&cid=85b2da457bb3f56b&ts=1785&x=0" content-length 267292 date Tue, 05 Nov 2024 14:08:06 GMT content-type image/png last-modified Fri, 14 Jun 2024 15:49:20 GMT vary Accept-Encoding server cloudflare
OPTIONS H/1.1	200 OK	don.json langdingpageinfo-default-rtdb.asia-southeast1.firebasedatabase.app/	0 0	889ms 319ms	Preflight	2600:1901:0:ff53:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://langdingpageinfo-default-rtdb.asia-southeast1.firebasedatabase.app/don.json Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:ff53:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers access-control-allow-origin,content-type Access-Control-Request-Method GET Origin https://www.choigamedon1.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers access-control-allow-origin,content-type Access-Control-Allow-Methods OPTIONS,GET,POST,PUT,DELETE,PATCH Access-Control-Allow-Origin https://www.choigamedon1.online Allow OPTIONS,GET,POST,PUT,DELETE,PATCH Connection keep-alive Content-Length 0 Date Tue, 05 Nov 2024 14:08:07 GMT Server nginx Strict-Transport-Security max-age=31556926; includeSubDomains; preload
GET		referrerNRU lobby.ldp-don.com/nru/	0 0
GET H2	403	Primary Request / Show response don3.club/	4 KB 2 KB	347ms 16ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://don3.club/ Requested by Host: www.choigamedon1.online URL: https://www.choigamedon1.online/assets/page_all.js?v=25 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 829f0a72ae806c1755f1086887be881f76e652ac500f405b9552ecc28b620b97 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.choigamedon1.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=15 cf-ray 8ddd6a077bfddbd0-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 05 Nov 2024 14:08:08 GMT expires Tue, 05 Nov 2024 14:08:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NudU0HsCOnASjshAzBbz1M9O29MtGa8kG4ACX6KgDsMT2GRBXurYj8jgE4vcWcZQJLFG%2BRoIQTNJEywualIKBfCIspmqb7tBv8qaBSyASDirgiKg8ZePqiT3GYrC8AM2t%2FfDu3idsLQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=6008&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4007&recv_bytes=2289&delivery_rate=686820&cwnd=254&unsent_bytes=0&cid=9d1d5839704f2a6e&ts=340&x=0" vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	cf.errors.css don3.club/cdn-cgi/styles/	23 KB 5 KB	15ms 14ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://don3.club/cdn-cgi/styles/cf.errors.css Requested by Host: don3.club URL: https://don3.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://don3.club/ Response headers vary Accept-Encoding cache-control max-age=7200, public content-encoding gzip etag W/"672112ac-5df3" x-content-type-options nosniff cf-ray 8ddd6a07ecffdbd0-FRA expires Tue, 05 Nov 2024 16:08:08 GMT date Tue, 05 Nov 2024 14:08:08 GMT content-type text/css last-modified Tue, 29 Oct 2024 16:51:56 GMT server cloudflare x-frame-options DENY
GET H2	200	browser-bar.png don3.club/cdn-cgi/images/	715 B 849 B	10ms 9ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://don3.club/cdn-cgi/images/browser-bar.png?1376755637 Requested by Host: don3.club URL: https://don3.club/cdn-cgi/styles/cf.errors.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://don3.club/cdn-cgi/styles/cf.errors.css Response headers vary Accept-Encoding cache-control max-age=7200, public etag "672112ac-2cb" x-content-type-options nosniff cf-ray 8ddd6a086e0adbd0-FRA expires Tue, 05 Nov 2024 16:08:09 GMT accept-ranges bytes content-length 715 date Tue, 05 Nov 2024 14:08:09 GMT content-type image/png last-modified Tue, 29 Oct 2024 16:51:56 GMT server cloudflare x-frame-options DENY
GET H3	200	cf-no-screenshot-error.png don3.club/cdn-cgi/images/	3 KB 3 KB	20ms 20ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://don3.club/cdn-cgi/images/cf-no-screenshot-error.png Requested by Host: don3.club URL: https://don3.club/cdn-cgi/styles/cf.errors.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://don3.club/cdn-cgi/styles/cf.errors.css Response headers vary Accept-Encoding cache-control max-age=7200, public etag "672112ac-c8d" x-content-type-options nosniff cf-ray 8ddd6a086b85d502-CDG expires Tue, 05 Nov 2024 16:08:09 GMT accept-ranges bytes content-length 3213 date Tue, 05 Nov 2024 14:08:09 GMT content-type image/png last-modified Tue, 29 Oct 2024 16:51:56 GMT server cloudflare x-frame-options DENY
GET H3	403	favicon.ico don3.club/	4 KB 2 KB	24ms 24ms	Other text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://don3.club/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee919a5ef77546d22e7e80446ae8b1f1ebad9f63f71dd6dcc5860555c8c08233 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://don3.club/ Response headers cache-control max-age=15 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEx86gNKz%2FXqGYdl1Sls0rsCHTy4YU98vXY7RCxdBv%2BOXMFhjPAVWb%2FcUHzdaVDaFVp1DfCgA%2BLqvX4zEiwdqhS%2FJuRH2asUpglgnPvQnpU2VTiqdIPB3ODuV3k%3D"}],"group":"cf-nel","max_age":604800} referrer-policy same-origin cf-ray 8ddd6a0a0d2fd502-CDG expires Tue, 05 Nov 2024 14:08:24 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23575&sent=17&recv=13&lost=0&retrans=0&sent_bytes=7808&recv_bytes=4897&delivery_rate=166405&cwnd=12000&unsent_bytes=0&cid=3c14557fa2212cc5&ts=347&x=1", cfHdrFlush;dur=0 date Tue, 05 Nov 2024 14:08:09 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare x-frame-options SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

lobby.ldp-don.com

URL

https://lobby.ldp-don.com/nru/referrerNRU?referrer=

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_translation

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://don3.club/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://don3.club/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
don3.club
fonts.googleapis.com
fonts.gstatic.com
langdingpageinfo-default-rtdb.asia-southeast1.firebasedatabase.app
lobby.ldp-don.com
resourceclound.com
www.choigamedon1.online
www.google.com
www.gstatic.com
lobby.ldp-don.com
142.250.184.195
142.250.185.227
142.250.186.100
172.67.204.30
188.114.97.3
2600:1901:0:ff53::
2606:4700:20::ac43:4868
2a00:1450:4001:812::200a
2a04:4e42:600::485
2a04:4e42:600::649
2a06:98c1:3120::3
05da8f37c5c53892d093f576adcdea94385200798b8e2674e93de7a8a2bc1a47
171ddf8247318f4119721b026441046b5f91f6dddf02ed1f25385b5fc4bb2dd8
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
2108ac60bc352011468c22c5405ad3d88912de0a4d76200e8869e7a4d7ff0e07
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
5411bc33cd125886bb2f20b7f32f4bad467d938bbd594abb41f255459037d668
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
620084d9d819d073ed68567c66080fc9b86634249bc6549b850edd6762623375
63e6f85a6f00e2b804d625730f9d6cb6fe02f8d1405205e59e70839877758432
63e89b0e5b45b72a525cb85b049a9ff430edc231ae1fe547d3f4d46091000d6a
6589ff58a0a120a5e8fcef1f715f437c41e3baee40e0395ac036dd2aaf7176da
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
829f0a72ae806c1755f1086887be881f76e652ac500f405b9552ecc28b620b97
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8633ede14aa2c7d470f53efe49dc83db6aa9e32f4d9b1f7f23a9e842cdcbb6d2
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
8dbac551e937aa990e078514757cb6c7b42e2bfa1534330b68a87ab75d7c2f15
9d539890b341fb2d3326404f1127b33981831aa903c670bd9bdbbafd1e32c2b7
9fe72ecc22efd7e66bff3be09d510e4a8cb4b2b41417ec6686d2f2b4c5f971d9
a023d13acfe38f8b088912dd3e86ad790acbb1ced7131924ab741fed79333474
d9fe9335b006c3ae4bb215aca77fb88d5a15b1a7b16aa7bc859107213a8c029d
dc561a784ebcd580c12893ad796d41191b04c568621a8b3a883eda4bf61ddb90
e1244e31c91226acc22845cec3e5a428d9c6dc9cec64bfed0478ccfce05918a4
ed5a0bdcaf53e3baa6ca64876a1ce385b51cca349db4237b6a359bfb8ec8379c
ee919a5ef77546d22e7e80446ae8b1f1ebad9f63f71dd6dcc5860555c8c08233
fd23c44a848db957d175e82635ea5ca587609faa4803078306742c1f476dbe0f