majuberdua.click Open in urlscan Pro
188.114.96.9  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response majuberdua.click/	28 KB 8 KB	624ms 551ms	Document text/html	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9ba8e2be46fd7bb7a7036efe13dd091cb05dd9764218b0957d68501f9dd34b9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8efded3c6bd60a6f-AMS content-encoding zstd content-type text/html date Tue, 10 Dec 2024 14:29:22 GMT last-modified Sat, 19 Oct 2024 06:44:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A5NAhIdsKge1LEBy9jfLcf9RE3cf98bXgbIi0trh0kbqN2DV911Wf3rCI9%2BuVhDfOdER2DD5UaT%2FCqACHwlAO2Zq85%2B9JXgcloxG0P2L1VrpD4FdTFbFi9PNYmJCcCoZWHUH"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=16983&min_rtt=14695&rtt_var=4343&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4245&recv_bytes=4537&delivery_rate=620&cwnd=12000&unsent_bytes=0&cid=ff55d53742801dfd&ts=580&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	116ms 37ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding br etag "6cd5bd85d22351ce" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Tue, 10 Dec 2024 14:29:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 10 Dec 2024 14:29:22 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=3000, stale-while-revalidate=1206600 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 73112 x-xss-protection 0 server sffe
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	81ms 23ms	Script text/javascript	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding gzip age 368987 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 07:59:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 07:59:35 GMT last-modified Wed, 10 Mar 2021 14:28:09 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 31017 x-xss-protection 0 server sffe
GET H3	200	plugins.min.css majuberdua.click/	220 KB 40 KB	921ms 920ms	Stylesheet text/css	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/plugins.min.css Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a581bef700bfc315c12a6fbe2875ac449e1c5941e125adf7ee7b897d98034fdb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding zstd cf-cache-status MISS etag W/"370c8-64aa97c4-10529e;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6Xbwpms6ZpphOdiRdEyDs4%2F%2F1Sfe6y4XIQGxh86GZSiH4QArvIBUejdoGzxNm4J%2BaaHZMrBpviw%2B4TNsEZ2uzfDs6gqTtwG0ipLO%2BufrmzDhOPfaxqUJ%2F0IUC680I1TpcWf"}],"group":"cf-nel","max_age":604800} expires Tue, 17 Dec 2024 14:29:23 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=17856&min_rtt=14551&rtt_var=5727&sent=31&recv=27&lost=0&retrans=0&sent_bytes=21383&recv_bytes=7112&delivery_rate=320232&cwnd=12000&unsent_bytes=0&cid=ff55d53742801dfd&ts=1508&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 10 Dec 2024 14:29:23 GMT content-type text/css last-modified Sun, 09 Jul 2023 11:19:32 GMT vary Accept-Encoding priority u=0,i=?0 cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8efded3fe8120a6f-AMS server cloudflare
GET H3	200	style.min.css majuberdua.click/	343 KB 60 KB	1011ms 1010ms	Stylesheet text/css	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/style.min.css Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3490cecf807f1d80e52677ca1ff59668d4bbec3f9129d039c65938a0b8cc289c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding zstd cf-cache-status MISS etag W/"55cd7-64aa97e1-1052a4;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2m%2F1ADWx5XDpWJcdspPhgmBfDWi1Rzz%2F89qCdBExOP85pINWezCHwcVXjbwIagv7Og6kbfbXmUeGcIFV4sUAYuM%2FgOJmpUrEBESA3f4xJtOTxtiLZF30DCeY%2BWOnZYxD0cZ"}],"group":"cf-nel","max_age":604800} expires Tue, 17 Dec 2024 14:29:23 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15248&min_rtt=14463&rtt_var=517&sent=119&recv=67&lost=0&retrans=0&sent_bytes=122262&recv_bytes=9078&delivery_rate=3507385&cwnd=61200&unsent_bytes=0&cid=ff55d53742801dfd&ts=1598&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 10 Dec 2024 14:29:23 GMT content-type text/css last-modified Sun, 09 Jul 2023 11:20:01 GMT vary Accept-Encoding priority u=0,i=?0 cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8efded3fe8150a6f-AMS server cloudflare
GET H3	200	css majuberdua.click/	1 KB 2 KB	200ms 199ms	Stylesheet text/plain	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/css Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c50c86a3171f821d518b257ecc9ba8252f8e03556818ecd301a516326f695d7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC etag "412-64aa97f1-105296;;;" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6TKW0G7LikDCRyLcbOVN9TDLU3zZP1%2F5rm5woV8wJExyZ4yaK4HWsMQ4b59v2QgSumxhVuLzpB3SpJ3h%2BDVbsexS0szCqON5sTfc5tD3y3OYgE3WX3cXOyGJBvcKH6rPjoeN"}],"group":"cf-nel","max_age":604800} cf-ray 8efded3fe8160a6f-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16338&min_rtt=14695&rtt_var=2211&sent=24&recv=21&lost=0&retrans=0&sent_bytes=13855&recv_bytes=6852&delivery_rate=525214&cwnd=12000&unsent_bytes=0&cid=ff55d53742801dfd&ts=787&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 1042 date Tue, 10 Dec 2024 14:29:22 GMT last-modified Sun, 09 Jul 2023 11:20:17 GMT server cloudflare priority u=0,i=?0
GET H3	404	css(1) majuberdua.click/	0 0	200ms 199ms	Stylesheet text/html	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/css(1) Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers cache-control private, no-cache, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Pp4jf4HWqLaEZuRde%2BT9RD69kWLywqSe%2BRrdMoH%2FRo1XEDloZf5H0xaE1id%2Byp2zY6aemtAaher5PnWObShkCdFgzEcp4IalgGAH4afBcYfHl1%2Fw5RcXjBTsD0XZPvnM9Pb"}],"group":"cf-nel","max_age":604800} cf-ray 8efded3fe8170a6f-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16338&min_rtt=14695&rtt_var=2211&sent=21&recv=21&lost=0&retrans=0&sent_bytes=12355&recv_bytes=6852&delivery_rate=525214&cwnd=12000&unsent_bytes=0&cid=ff55d53742801dfd&ts=786&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 10 Dec 2024 14:29:22 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=0,i=?0
GET H3	200	custom.css majuberdua.click/	19 KB 4 KB	696ms 695ms	Stylesheet text/css	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/custom.css Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c99503294b8839f60f99cfa6dbc39161405eba2b41316443627037bf520c3c55 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding zstd cf-cache-status MISS etag W/"4ac7-64aa980f-105297;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BoCE%2FU9g1FwlSuX1JIP9Wq4NvfdjyiAlsOAC9H93ZBTwW21WH%2BOtT%2F3K%2Bf7yGXcoSYKqJ6vFPi5Yj1HVIUjcblO%2FlSSj0rmpdfpHZQoUeZffyHAvFvolTCx1AUH5AGDnu7K"}],"group":"cf-nel","max_age":604800} expires Tue, 17 Dec 2024 14:29:23 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18863&min_rtt=14695&rtt_var=7079&sent=27&recv=25&lost=0&retrans=0&sent_bytes=16723&recv_bytes=7026&delivery_rate=28507&cwnd=12000&unsent_bytes=0&cid=ff55d53742801dfd&ts=1282&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 10 Dec 2024 14:29:23 GMT content-type text/css last-modified Sun, 09 Jul 2023 11:20:47 GMT vary Accept-Encoding priority u=0,i=?0 cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8efded3fe8180a6f-AMS server cloudflare
GET H3	200	style.css majuberdua.click/	683 B 1 KB	597ms 597ms	Stylesheet text/css	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/style.css Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66c7a1482916bdad066df3308d409a75c56617b47b92c8ae57e2a2430854f9f6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding zstd cf-cache-status MISS etag W/"2ab-64aa9820-1052a3;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDNRCR7dD4d0Ih58rVqX%2FhyBVyWsTub6NDv%2FYCJlvJYZAPYHUpgZ8%2F5T0VHX%2Bm3C2IrFy78xgWuPeg9uWuolxVvhBRtntUqzJWXtVl6%2BRjvGLVVSgN%2BwGbOlgGnhnjoRqt%2FE"}],"group":"cf-nel","max_age":604800} expires Tue, 17 Dec 2024 14:29:23 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15905&min_rtt=14695&rtt_var=1551&sent=26&recv=24&lost=0&retrans=0&sent_bytes=15595&recv_bytes=6982&delivery_rate=16855&cwnd=12000&unsent_bytes=0&cid=ff55d53742801dfd&ts=1183&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 10 Dec 2024 14:29:23 GMT content-type text/css last-modified Sun, 09 Jul 2023 11:21:04 GMT vary Accept-Encoding priority u=0,i=?0 cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8efded3fe81e0a6f-AMS server cloudflare
GET H3	200	js Show response majuberdua.click/	260 KB 260 KB	368ms 368ms	Script text/plain	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/js Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75e9ff5f893e623b74873ca97d3ef1706ca6f317948f7fa7c1c5ff40ddddd075 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC etag "40eb2-64aa97a9-105299;;;" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kG1plZaClZCDPbKxF3xiXr%2BAVBXu%2B8LGYJOl3ArrhRpjnGk1Sa8jIZ42FWScp0J4izxLNWXfV%2BqDCsTo81mUPphQ4JBTpp1coNawk0i22HLzSRorWqNxOY70vzeDOIPPg4a"}],"group":"cf-nel","max_age":604800} cf-ray 8efded45ef8a0a6f-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15309&min_rtt=14463&rtt_var=676&sent=173&recv=75&lost=0&retrans=0&sent_bytes=184735&recv_bytes=9730&delivery_rate=1158479&cwnd=73200&unsent_bytes=0&cid=ff55d53742801dfd&ts=1921&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 265906 date Tue, 10 Dec 2024 14:29:23 GMT last-modified Sun, 09 Jul 2023 11:19:05 GMT server cloudflare priority u=3,i=?0
GET H2	200	amp-carousel-0.1.js Show response cdn.ampproject.org/v0/	38 KB 11 KB	31ms 30ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-carousel-0.1.js Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding br etag "9925a53ff9d805bc" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Tue, 10 Dec 2024 14:29:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 10 Dec 2024 14:29:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 11524 x-xss-protection 0 server sffe
GET H3	200	scatter.png majuberdua.click/	56 KB 57 KB	951ms 950ms	Image image/png	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://majuberdua.click/scatter.png Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 041505251d149648fabcdd142c8ef22810f3673346be4c257a1760113c966adf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers cf-cache-status MISS etag "e007-64aa9cb2-1052a2;;;" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YOfNDlgUDbFLEZ92PnO4wRan4orUpi9I0gGO%2Bd4dejkfqODcqIEbAaNn4tut7pJ6Adnpoo12DS9RKpwVjYIUjYqIJ7blrxmZTcKMw2NDbQ5tlW1mVy8VsvK%2B4q9ZNLhhzr9"}],"group":"cf-nel","max_age":604800} expires Tue, 17 Dec 2024 14:29:23 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16395&min_rtt=14551&rtt_var=2962&sent=61&recv=32&lost=0&retrans=0&sent_bytes=57383&recv_bytes=7327&delivery_rate=823303&cwnd=24000&unsent_bytes=0&cid=ff55d53742801dfd&ts=1528&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 10 Dec 2024 14:29:23 GMT content-type image/png last-modified Sun, 09 Jul 2023 11:40:34 GMT vary Accept-Encoding priority u=2,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8efded3fe8200a6f-AMS accept-ranges bytes content-length 57351 server cloudflare
GET H2	200	css fonts.googleapis.com/	14 KB 1 KB	83ms 32ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:100,200,400,500,600,700,800|Nunito:300,400,600,700,800 Requested by Host: majuberdua.click URL: https://majuberdua.click/style.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5a35d00a774f3b426ab1b3161b1b22805236a09fa8f54e82d42674d06e337902 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 10 Dec 2024 14:29:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 10 Dec 2024 14:29:23 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 10 Dec 2024 14:09:34 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	events.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/	10 KB 5 KB	376ms 22ms	Script application/javascript	43.152.28.77 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=261155265554653&lib=kwaiq Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.28.77 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers Content-MD5 xdyEdfWuJAvRR0tEZ9nn2A== Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length x-oss-storage-class Standard Content-Encoding gzip x-ks-client-ip 31.204.150.113 Etag "C5DC8475F5AE240BD1474B4467D9E7D8" x-oss-object-type Normal kwaisign NULL Expires Mon, 28 Oct 2024 16:50:35 GMT Date Sat, 28 Sep 2024 16:50:35 GMT x-oss-server-time 60 Last-Modified Mon, 27 May 2024 02:52:15 GMT Content-Type application/javascript Vary Accept-Encoding Cache-Control no-cache X-NWS-LOG-UUID 8883524930583919630 X-Ks-Cache Hit from 43.152.28.77 x-oss-hash-crc64ecma 13562747518461854989 Connection keep-alive Accept-Ranges bytes X-Ks-Request-ID 8883524930583919630 Access-Control-Allow-Origin * Content-Length 3744 x-oss-request-id 66F833DB80E1703730BEB502 X-Cache-Lookup Cache Hit Server Lego Server
GET H3	200	mahjongwall.webp majuberdua.click/	253 KB 254 KB	830ms 830ms	Image image/webp	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://majuberdua.click/mahjongwall.webp Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a558c4a23f6fcd95199e2f7cbb92b1cb62a9f0adf94d7ff42a1be070a4978c6c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers cf-cache-status MISS etag "3f5ec-64aa9eff-10529d;;;" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CYZ9j4ok1tFqvs%2BGBa%2B33GaigY4ZvLv6mOMMOmCYkbqsQfbHx5XxxGkEj%2BpPgB7LWhEZJvWSsOfmFG0CASnz%2BXqNGogUQX%2FV0BR9Nzc6PYl6pvVwZOa81KEMP%2FYtvalA8SO"}],"group":"cf-nel","max_age":604800} expires Tue, 17 Dec 2024 14:29:24 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15323&min_rtt=14463&rtt_var=331&sent=403&recv=100&lost=0&retrans=0&sent_bytes=457308&recv_bytes=10858&delivery_rate=4764550&cwnd=121200&unsent_bytes=0&cid=ff55d53742801dfd&ts=2537&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 10 Dec 2024 14:29:24 GMT content-type image/webp last-modified Sun, 09 Jul 2023 11:50:23 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8efded46e8bf0a6f-AMS accept-ranges bytes content-length 259564 server cloudflare
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	83ms 41ms	Script text/javascript	2606:4700:10::6814:245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status HIT etag "-375139978" age 17205 cf-ray 8efded4729b8f5d9-AMS accept-ranges bytes content-length 4547 date Tue, 10 Dec 2024 14:29:23 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:44:16 GMT vary Accept-Encoding server cloudflare
GET H3	200	logoweb.png img.cantikselalu.life/prjtoto/	22 KB 22 KB	424ms 285ms	Image image/png	104.21.112.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.cantikselalu.life/prjtoto/logoweb.png Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9136c1ed5f58c4e7477f44ffcc9b2e316c564988071026bbb57123b55a822bc9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "562c-6658a853-13b014;;;" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOsIlFnpr52QC%2BsEgwLghjr9Sz5SQLmSUPST2wSw4YBv7vwfiM50dckd92f8O7%2Ft5o6pbzJ9IjZJX2XABv%2BmwPeXvscluQ4YN9ItLejq7Gd%2B41s89nEs0DBioAQq%2BraRpNcG9HY7dI4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8efded47cf02b7cd-AMS expires Tue, 17 Dec 2024 14:29:23 GMT accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 22060 date Tue, 10 Dec 2024 14:29:24 GMT content-type image/png last-modified Thu, 30 May 2024 16:24:51 GMT server cloudflare vary Accept-Encoding
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012410292120000/v0/	12 KB 4 KB	171ms 65ms	Script text/javascript	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012410292120000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://majuberdua.click Referer https://majuberdua.click/ Response headers content-encoding br etag "b22012622c63a36b" age 303221 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 07 Dec 2025 02:15:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 07 Dec 2024 02:15:42 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 3929 x-xss-protection 0 server sffe
GET H2	200	slot-gacor.webp seocartel.sgp1.cdn.digitaloceanspaces.com/	83 KB 84 KB	128ms 64ms	Image image/webp	2606:4700:4400::ac40:911d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seocartel.sgp1.cdn.digitaloceanspaces.com/slot-gacor.webp Requested by Host: majuberdua.click URL: https://majuberdua.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da56e1b04f157a2a7cab038f68db96e880be9fbbb7986db9867e9babb0487d63 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers x-envoy-upstream-healthchecked-cluster cf-cache-status HIT etag "a2b4d2b5992e79de4243ab99dac7d278" date Tue, 10 Dec 2024 14:29:23 GMT x-rgw-object-type Normal content-type image/webp last-modified Mon, 05 Aug 2024 23:40:38 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding x-do-cdn-uuid 6d96948b-d745-422e-a3ae-6e9c97b98f9e strict-transport-security max-age=15552000; includeSubDomains; preload cache-control max-age=3600 x-amz-request-id tx000007b66119e6686fa22-0067565807-3f4360c5-sgp1b cf-ray 8efded479a520ae1-AMS accept-ranges bytes content-length 84856 server cloudflare
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	48 B 182 B	318ms 105ms	Script text/html	149.56.240.27 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4903949&@f16&@g1&@h1&@i1&@j1733840963745&@k0&@l1&@mMANTUL%20BERKAH%20SETIAP%20HARI&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:175342991&@b3:1733840964&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fmajuberdua.click%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.27 Montreal, Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns534106.ip-149-56-240.net Software / Resource Hash 0ec1bcb240a53aa0a9652b960b56db9e79d1b380f7e8ecb67be7522462798a85 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers Content-Length 48 Date Tue, 10 Dec 2024 14:29:24 GMT Content-Type text/html;charset=UTF-8 Connection close
POST H3	200	getGrayInfo Show response ads.mythad.com/rest/n/adintl/gray/	201 B 209 B	239ms 186ms	XHR application/json	2.19.126.203 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=261155265554653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / Resource Hash 3e42ebe2767a6cd784eb6a3f3ae949351b9a057c1b741c94619091706bc92c74 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json Referer https://majuberdua.click/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://majuberdua.click alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 190 date Tue, 10 Dec 2024 14:29:24 GMT content-type application/json;charset=UTF-8 vary Accept-Encoding
OPTIONS H2	200	getGrayInfo ads.mythad.com/rest/n/adintl/gray/	0 0	319ms 234ms	Preflight	2a02:26f0:480:f::213:7ecb AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://majuberdua.click Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://majuberdua.click access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Tue, 10 Dec 2024 14:29:24 GMT
GET H/1.1	200 OK	core.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/core/	290 KB 77 KB	22ms 22ms	Script application/javascript	43.152.28.77 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261155265554653&lib=kwaiq Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=261155265554653&lib=kwaiq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.28.77 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length x-oss-storage-class Standard Content-Encoding gzip x-ks-client-ip 31.204.150.113 Etag "8BACD25B485D37EB16DC48306BA2221A" x-oss-object-type Normal kwaisign NULL Expires Thu, 02 Jan 2025 08:32:30 GMT Date Tue, 03 Dec 2024 08:32:30 GMT x-oss-server-time 39 Last-Modified Wed, 11 Sep 2024 08:21:14 GMT Content-Type application/javascript Cache-Control no-cache X-NWS-LOG-UUID 7618027640191917558 X-Ks-Cache Hit from 43.152.28.77 x-oss-hash-crc64ecma 1814864409054748518 Connection keep-alive Accept-Ranges bytes X-Ks-Request-ID 7618027640191917558 Access-Control-Allow-Origin * Content-Length 78021 x-oss-request-id 674EC21DA7F3F43630819926 X-Cache-Lookup Cache Hit Server Lego Server
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	71 B 282 B	308ms 215ms	XHR text/plain	2.19.126.218 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261155265554653&lib=kwaiq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.126.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-218.deploy.static.akamaitechnologies.com Software / Resource Hash 628073fdb5750a88bfc76d8abc6125f2ba985a9f0eebda277b0aa9787e4ad02e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://majuberdua.click/ Response headers access-control-allow-origin https://majuberdua.click alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 71 date Tue, 10 Dec 2024 14:29:24 GMT content-type text/plain;charset=UTF-8 access-control-allow-credentials true
GET H3	200	getPixelConfig Show response ads.mythad.com/rest/n/adintl/ad/	777 B 486 B	191ms 191ms	XHR application/json	2.19.126.203 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=261155265554653&pageId=pageId-1733840964672-7317321620184 Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261155265554653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / Resource Hash 464305f009f29e7d7d215c01188de315b20190154a0099297534720926684757 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://majuberdua.click alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 466 date Tue, 10 Dec 2024 14:29:24 GMT content-type application/json;charset=UTF-8 vary Accept-Encoding
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	69 B 191 B	184ms 182ms	XHR text/plain	2.19.126.218 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261155265554653&lib=kwaiq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.126.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-218.deploy.static.akamaitechnologies.com Software / Resource Hash ced36dabb901fe50f65679992e7a36e9300ccb713ff246a138bb41d8368ffd76 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://majuberdua.click/ Response headers access-control-allow-origin https://majuberdua.click content-length 69 date Tue, 10 Dec 2024 14:29:25 GMT content-type text/plain;charset=UTF-8 access-control-allow-credentials true
GET H3	404	favicon.ico majuberdua.click/	1 KB 1 KB	657ms 657ms	Other text/html	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://majuberdua.click/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers cache-control private, no-cache, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status BYPASS pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZGqvpsem7QtpWE8krPM8n2trQQrJY1E7%2BLCaPK9Y3yi9obLv29inC26eYdIWJH4f724rHFmDs5LmJyOgCmGxYKgAjQ4brAHZi9qVF7qO8NK4R0f2AQpTbX0ETTdxVRDajCS"}],"group":"cf-nel","max_age":604800} cf-ray 8efded4e4a4c0a6f-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15420&min_rtt=14463&rtt_var=336&sent=628&recv=126&lost=0&retrans=0&sent_bytes=723465&recv_bytes=12470&delivery_rate=6809311&cwnd=133200&unsent_bytes=0&cid=ff55d53742801dfd&ts=3543&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 10 Dec 2024 14:29:25 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=1,i
OPTIONS H3	200	api ads.mythad.com/log/common/co/	0 0	241ms 240ms	Preflight	2.19.126.203 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://majuberdua.click Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://majuberdua.click access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Tue, 10 Dec 2024 14:29:25 GMT quic-version 0x00000001
GET H/1.1	200 OK	checkPixel.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/core/	126 KB 40 KB	23ms 22ms	Script application/javascript	43.152.28.77 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=261155265554653&lib=kwaiq Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261155265554653&lib=kwaiq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.28.77 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://majuberdua.click/ Response headers Content-MD5 AW9CEWCiJefwVj7zcti69w== Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length x-oss-storage-class Standard Content-Encoding gzip x-ks-client-ip 31.204.150.113 Etag "016F421160A225E7F0563EF372D8BAF7" x-oss-object-type Normal kwaisign NULL Expires Sat, 04 Jan 2025 02:45:24 GMT Date Thu, 05 Dec 2024 02:45:24 GMT x-oss-server-time 7 Last-Modified Mon, 27 May 2024 07:18:27 GMT Content-Type application/javascript Vary Accept-Encoding Cache-Control no-cache X-NWS-LOG-UUID 15513196323405763971 X-Ks-Cache Hit from 43.152.28.77 x-oss-hash-crc64ecma 11760214008123873659 Connection keep-alive Accept-Ranges bytes X-Ks-Request-ID 15513196323405763971 Access-Control-Allow-Origin * Content-Length 39702 x-oss-request-id 675113C4E2A27F30323F5073 X-Cache-Lookup Cache Hit Server Lego Server
POST H3	200	api Show response ads.mythad.com/log/common/co/	2 KB 997 B	197ms 195ms	XHR application/json	2.19.126.203 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261155265554653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / Resource Hash de90159131047e057fadb3beb28e55bc53d4d5925f20db36fd024d463d0744c9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json Referer https://majuberdua.click/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://majuberdua.click alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 978 date Tue, 10 Dec 2024 14:29:25 GMT content-type application/json;charset=utf-8 vary Accept-Encoding
POST H3	200	api Show response ads.mythad.com/log/common/co/	2 KB 1 KB	192ms 191ms	XHR application/json	2.19.126.203 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261155265554653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / Resource Hash 21581df9d167432e2dc66e328da316f76dff3228b2447779ba009084d17eb53b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json Referer https://majuberdua.click/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://majuberdua.click alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 1051 date Tue, 10 Dec 2024 14:29:25 GMT content-type application/json;charset=utf-8 vary Accept-Encoding
OPTIONS H3	200	api ads.mythad.com/log/common/co/	0 0	204ms 204ms	Preflight	2.19.126.203 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://majuberdua.click Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://majuberdua.click access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Tue, 10 Dec 2024 14:29:25 GMT quic-version 0x00000001
OPTIONS H3	200	checkPixelCompress ads.mythad.com/rest/n/adintl/ad/	0 0	227ms 227ms	Preflight	2.19.126.203 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://majuberdua.click Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://majuberdua.click access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Tue, 10 Dec 2024 14:29:25 GMT quic-version 0x00000001
POST H3	200	checkPixelCompress Show response ads.mythad.com/rest/n/adintl/ad/	146 B 164 B	1065ms 978ms	XHR application/json	2.19.126.203 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=261155265554653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / Resource Hash 1bd19c0a949843864825804b7f1c911cf59801b9cb09e201c53bf6021fb1543e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json Referer https://majuberdua.click/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://majuberdua.click alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 145 date Tue, 10 Dec 2024 14:29:26 GMT content-type application/json;charset=UTF-8 vary Accept-Encoding

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS string| KwaiAnalyticsObject object| kwaiq object| install object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| events object| _HistatsCounterGraphics_0_setValues object| google_tag_manager object| google_tag_data object| dataLayer function| onYouTubeIframeAPIReady function| Radar object| core object| _WEBLOGGER function| Weblog object| checkPixel

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			majuberdua.click/	1970-01-21 10:22:56	Name: HstCfa4903949 Value: 1733840963745
			majuberdua.click/	1970-01-21 10:22:56	Name: HstCla4903949 Value: 1733840963745
			majuberdua.click/	1970-01-21 10:22:56	Name: HstCmu4903949 Value: 1733840963745
			majuberdua.click/	1970-01-21 10:22:56	Name: HstPn4903949 Value: 1
			majuberdua.click/	1970-01-21 10:22:56	Name: HstPt4903949 Value: 1
			majuberdua.click/	1970-01-21 10:22:56	Name: HstCnv4903949 Value: 1
			majuberdua.click/	1970-01-21 10:22:56	Name: HstCns4903949 Value: 1
			majuberdua.click/	1970-01-21 10:22:56	Name: _did Value: web_68990743132D9D9F
			.mythad.com/	1970-01-21 11:13:20	Name: kwai_ckid Value: 1733840964770_22680944975544762
			.majuberdua.click/	1970-01-21 10:22:56	Name: kwai_uuid Value: 0a432d8bd512626f0b59f726adb376b8
			.majuberdua.click/	1970-01-21 01:38:47	Name: _k_cp Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://majuberdua.click/css(1) Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://majuberdua.click/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D00B40A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://majuberdua.click/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
ajax.googleapis.com
cdn.ampproject.org
fonts.googleapis.com
img.cantikselalu.life
logsdk.kwai-pro.com
majuberdua.click
s1.kwai.net
s10.histats.com
s4.histats.com
seocartel.sgp1.cdn.digitaloceanspaces.com
104.21.112.1
142.250.186.129
149.56.240.27
188.114.96.9
2.19.126.203
2.19.126.218
2606:4700:10::6814:245
2606:4700:4400::ac40:911d
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:831::200a
2a02:26f0:480:f::213:7ecb
43.152.28.77
041505251d149648fabcdd142c8ef22810f3673346be4c257a1760113c966adf
0ec1bcb240a53aa0a9652b960b56db9e79d1b380f7e8ecb67be7522462798a85
1bd19c0a949843864825804b7f1c911cf59801b9cb09e201c53bf6021fb1543e
21581df9d167432e2dc66e328da316f76dff3228b2447779ba009084d17eb53b
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3490cecf807f1d80e52677ca1ff59668d4bbec3f9129d039c65938a0b8cc289c
3c50c86a3171f821d518b257ecc9ba8252f8e03556818ecd301a516326f695d7
3e42ebe2767a6cd784eb6a3f3ae949351b9a057c1b741c94619091706bc92c74
464305f009f29e7d7d215c01188de315b20190154a0099297534720926684757
5a35d00a774f3b426ab1b3161b1b22805236a09fa8f54e82d42674d06e337902
628073fdb5750a88bfc76d8abc6125f2ba985a9f0eebda277b0aa9787e4ad02e
66c7a1482916bdad066df3308d409a75c56617b47b92c8ae57e2a2430854f9f6
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b
75e9ff5f893e623b74873ca97d3ef1706ca6f317948f7fa7c1c5ff40ddddd075
9136c1ed5f58c4e7477f44ffcc9b2e316c564988071026bbb57123b55a822bc9
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
a558c4a23f6fcd95199e2f7cbb92b1cb62a9f0adf94d7ff42a1be070a4978c6c
a581bef700bfc315c12a6fbe2875ac449e1c5941e125adf7ee7b897d98034fdb
b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87
c99503294b8839f60f99cfa6dbc39161405eba2b41316443627037bf520c3c55
ced36dabb901fe50f65679992e7a36e9300ccb713ff246a138bb41d8368ffd76
da56e1b04f157a2a7cab038f68db96e880be9fbbb7986db9867e9babb0487d63
de90159131047e057fadb3beb28e55bc53d4d5925f20db36fd024d463d0744c9
e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed
f9ba8e2be46fd7bb7a7036efe13dd091cb05dd9764218b0957d68501f9dd34b9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e