urlscan.io logo urlscan.io
SecurityTrails logo

kayamoolavibes.com Open in urlscan Pro
2606:4700:3032::6815:35fa  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://clix.ac/nzxBj7x
Effective URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id...
Submission: On November 17 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 16 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3032::6815:35fa, located in United States and belongs to CLOUDFLARENET, US. The main domain is kayamoolavibes.com.
TLS certificate: Issued by R3 on October 21st 2021. Valid for: 3 months.
This is the only time kayamoolavibes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3033::ac43:ab94 (United States)

ASN13335 (CLOUDFLARENET, US)
clix.ac
1    2606:4700:3037::ac43:beec (United States)

ASN13335 (CLOUDFLARENET, US)
lottojive.com
1    2606:4700:3031::6815:23b8 (United States)

ASN13335 (CLOUDFLARENET, US)
roilnks.net
5    2606:4700:3032::6815:35fa (United States)

ASN13335 (CLOUDFLARENET, US)
kayamoolavibes.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.248.117 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.66.248.33 (United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
2    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.248.69 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
3    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
6 fonts.gstatic.com fonts.googleapis.com
5 kayamoolavibes.com kayamoolavibes.com
3 www.facebook.com 1 redirects kayamoolavibes.com
3 fonts.googleapis.com kayamoolavibes.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net kayamoolavibes.com
connect.facebook.net
2 s.yimg.com kayamoolavibes.com
s.yimg.com
2 clix.ac 2 redirects
1 sp.analytics.yahoo.com kayamoolavibes.com
1 t.co kayamoolavibes.com
1 analytics.twitter.com static.ads-twitter.com
1 vars.hotjar.com static.hotjar.com
1 static.ads-twitter.com kayamoolavibes.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com kayamoolavibes.com
1 www.googletagmanager.com kayamoolavibes.com
1 ajax.googleapis.com kayamoolavibes.com
1 roilnks.net 1 redirects
1 lottojive.com 1 redirects
31 19

This site contains links to these domains. Also see Links.

Domain
www.kayamoola.co.za
Subject Issuer Validity Valid
*.kayamoolavibes.com
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-11-08 -
2021-12-29		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-27 -
2021-11-25		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Frame ID: 30E5A9340AD4150BD3C4951E9A75D8E1
Requests: 30 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: 48E500280032A7F39F94049726FD9BDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kaya Moola

Page URL History Show full URLs

  1. http://clix.ac/nzxBj7x HTTP 301
    https://clix.ac/nzxBj7x HTTP 303
    https://lottojive.com/?affiliate_id=2749&offer_id=822&sys_id=0&utm_medium=sms&utm_source=sms&utm_c... HTTP 302
    https://roilnks.net/aff_el?url=https://kayamoolavibes.com/grab_the_balls/&aff_id=2749&offer_id=8... HTTP 302
    https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB... Page URL

Page Statistics

31
Requests

97 %
HTTPS

63 %
IPv6

16
Domains

19
Subdomains

16
IPs

3
Countries

588 kB
Transfer

1389 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://clix.ac/nzxBj7x HTTP 301
    https://clix.ac/nzxBj7x HTTP 303
    https://lottojive.com/?affiliate_id=2749&offer_id=822&sys_id=0&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17 HTTP 302
    https://roilnks.net/aff_el?url=https://kayamoolavibes.com/grab_the_balls/&aff_id=2749&offer_id=822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17 HTTP 302
    https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://www.facebook.com/tr/?id=384007253140696&ev=PageView&dl=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0&rl=&if=false&ts=1637171709876&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637171709875.2054889266&it=1637171709753&coo=false&exp=p0&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0&ec=0&ev=PageView&exp=p0&fbp=fb.1.1637171709875.2054889266&id=384007253140696&if=false&it=1637171709753&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1637171709876&v=2.9.48

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kayamoolavibes.com/grab_the_balls/
Redirect Chain
  • http://clix.ac/nzxBj7x
  • https://clix.ac/nzxBj7x
  • https://lottojive.com/?affiliate_id=2749&offer_id=822&sys_id=0&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17
  • https://roilnks.net/aff_el?url=https://kayamoolavibes.com/grab_the_balls/&aff_id=2749&offer_id=822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=...
  • https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:35fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.25 PleskLin
Resource Hash
f5716f8a1ed2fe1308e915a26c9af5778c3da89ee8813a149bbd79b769c6dd58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.25 PleskLin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq1IBePgpkysRGGY8I2U835iEiyIK50PnnngzbSkB0lc6EyDHb4k1FnW2e5XyZjycxdbUQjW1UJl4xyih52Ij6ZuFtzLx%2BSZHF4Gi39SQ8bdgGHA51RV5Rwp%2FsFOQ4lmtpiuZ31%2BYEwFICXpU2B5Jhs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6afad4106c884eb6-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 17 Nov 2021 17:55:09 GMT
content-type
text/html; charset=UTF-8
location
https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
x-envoy-upstream-service-time
63
x-envoy-decorator-operation
tracking.tracking.svc.cluster.local:80/*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BR1y4ILLjUcAhkEjy7Kw9eHRhau3cQFugErhrEckNXnS4%2BYzk1h4qWFzbMCwNK%2BsSNSVVraLT6cDzAXtHDbiF0aoNkiPiNrTSoXWr6M2iER1%2BYh%2FOs067Txm3sJHMvBx6tpgSUZLph0JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6afad40f8e04c2a4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
81408645645e46284ab4d8b643341ff8eb01e4cf5de3b6d0ef31d0c788f76d30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 16:34:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Nov 2021 17:55:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Nov 2021 17:55:09 GMT
css2
fonts.googleapis.com/ 		8 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1f98ccf79d380deb41bb2c3a281390b81ccee0e182e47827847a15a4f8e9411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 16:08:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Nov 2021 17:55:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Nov 2021 17:55:09 GMT
css2
fonts.googleapis.com/ 		4 KB
603 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 16:47:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Nov 2021 17:55:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Nov 2021 17:55:09 GMT
bootstrap.css
kayamoolavibes.com/grab_the_balls/css/ 		143 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kayamoolavibes.com/grab_the_balls/css/bootstrap.css?v=1
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:35fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 10 Nov 2021 10:03:13 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"618b98e1-23a5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nqvS35PGD6xWmPLl%2Bbc20jzPRUydUmRG2EIb6eJy1yifPKDJ3aSoXF93nHGbF2VPqbqPK%2BoYWbWEUfLaj85etJi0B07FtGP5oI4pOcZdx3IPS%2BBurX2z970vzoh7oKhMk2rC4m1N4iHqV42Oz5xdYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6afad410dd5e4eb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
styles.css
kayamoolavibes.com/grab_the_balls/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kayamoolavibes.com/grab_the_balls/css/styles.css?v=2.31637171709
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:35fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d2dcebd67ec5c5d3c9473226b50e4cc3c927e727e78b7dfdb0286e5b6a21c94b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 16 Nov 2021 15:25:50 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"6193cd7e-2624"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8V1dZ2sp0v1hlp%2FcT00iKBeR1hsCNll%2B3EJnPTxV8NofURZmyRp0hXBlBxCk0JQ0N29fdZAWXYkE4JWlAQoU2vDMDh3QXkcOVmSmtMzVjrqusMR7Kr%2BfRhxQzQ%2Fbufdhi8JaaMBTVdGWBnU0AjR9B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6afad410dd644eb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 09:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Nov 2022 09:44:01 GMT
gtm.js
www.googletagmanager.com/ 		146 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNNPFW6
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3db67e983b18f5387743fe6c88be849376964c9e913e26a11e65323b62efe5e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48856
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 17:24:46 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Nov 2021 17:55:09 GMT
hotjar-2018068.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2018068.js?sv=6
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
66fe33cbddd725272fc5ccf65e176d0df041be2f290014d57330c219df9610e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
8
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1895
access-control-allow-origin
*
x-cache-hit
1
etag
W/af5b67e4b113ec4ccb12f35686e92aea
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 9135737f9852a1a33e45e8c90861e8bf.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
B7fz6r5eGrwJIpJ7zrjbXC4smMTb6aMRrwpHstsB0M3QARFlHhQ1Kw==
bg1.jpg
kayamoolavibes.com/grab_the_balls/img/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kayamoolavibes.com/grab_the_balls/img/bg1.jpg?v=2
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/css/styles.css?v=2.31637171709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:35fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
df5f8c79034fb18d499f3ce4a3e66f7503b4ac1443f826f0cbf64940310a0f68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/grab_the_balls/css/styles.css?v=2.31637171709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
176813
last-modified
Tue, 16 Nov 2021 15:17:21 GMT
server
cloudflare
etag
"6193cb81-2b2ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r458glDnxu1KfSE3m9gPXOO9x5VqNAy%2Fg8o3FyTeUrO49a4m41eOnDHNQITLpL%2BC73NED%2FnK94bOpm78I378u0K2AnVVu%2B1pFqMJnt%2FnJRCg5V85n15lxa8ttFrtpW%2BYDaSbhoc9uaIUVbW6RllaEsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6afad4114e434eb6-FRA
logo.png
kayamoolavibes.com/grab_the_balls/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kayamoolavibes.com/grab_the_balls/img/logo.png
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/css/styles.css?v=2.31637171709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:35fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0b71a66fed94c21158cd57758b970459269d287d54a5d53570490901727e4780

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/grab_the_balls/css/styles.css?v=2.31637171709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2285
last-modified
Wed, 10 Nov 2021 10:03:16 GMT
server
cloudflare
etag
"618b98e4-8ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K508Gs%2FX4orLzLzPXek3neQQ6USqnfb6RCexFsglvBDAUpsFoyojncLvinXFp9iH%2F8XFr9qKo17bvqiBs5ntUwJNiAe3XaDh8BiKinGz9DLZdTMJ9GE16qHzogdfuWVwEQwYz89IMNc1Y9Th%2BNX1mkU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6afad4114e454eb6-FRA
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kayamoolavibes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:18:02 GMT
x-content-type-options
nosniff
age
448627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:18:02 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kayamoolavibes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:53:14 GMT
x-content-type-options
nosniff
age
115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 17:53:14 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kayamoolavibes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:59:11 GMT
x-content-type-options
nosniff
age
122158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 07:59:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kayamoolavibes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:39:48 GMT
x-content-type-options
nosniff
age
447321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:39:48 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kayamoolavibes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 16:54:46 GMT
x-content-type-options
nosniff
age
90023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 16:54:46 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kayamoolavibes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 21:14:29 GMT
x-content-type-options
nosniff
age
160840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 15 Nov 2022 21:14:29 GMT
modules.1810afb089b838b62ed8.js
script.hotjar.com/ 		226 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1810afb089b838b62ed8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2018068.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 13:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
16203
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60615
access-control-allow-origin
*
last-modified
Wed, 17 Nov 2021 13:25:01 GMT
etag
"1f23634605f98b007e0df34e60106bb8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
4S_OzlfdI_OitUxMfJx0Wy9iZHc80u7jcJwjdyTLcSGVbbg4ZE5Zfw==
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 17 Nov 2021 17:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1230
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5652
x-amz-id-2
HemXdLrArLkGUF5OFYSOacS/kxFZEhLi7gRWYvixkM5bZ06m/R72rkVEDXDHtCPeO064QBieAqY=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 04 Nov 2021 15:26:13 GMT
server
ATS
etag
"146f99405588b7446958a732612c901d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
Q8QZP56JEFFVJPHK
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges
bytes
content-type
application/javascript
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
gkSb1HJHsrBg4TV23A5Ba+N6pguDJ2q+mTdozRoeIeMLpehX2xz7x4xs2rRUaoZJF1hB9HScUd81U737vxouyw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 17 Nov 2021 17:55:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kcgs7200131-IAD, cache-hhn11570-HHN
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNNPFW6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3242
date
Wed, 17 Nov 2021 17:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 17 Nov 2021 19:01:07 GMT
384007253140696
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384007253140696?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4972f14a161ef909b040e30cd333dfa60e67aa47fa493fdc957f240e31c56a7b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
cPFcY2nlQFNd8+XJTDo4AoS10VghTmh/JoJiIDCP0mJOt7TPDI529rM+ktTVJwlON86r137UHxXuZOmhE8v+Eg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 17 Nov 2021 17:55:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-ad575b5823df97fc9725e14a57070642.html
vars.hotjar.com/ Frame 48E5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2018068.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/

Response headers

content-type
text/html
content-length
1050
date
Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified
Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
OSJtFfoRCJFG4PlfKH8RLOJxSY2QzWmuMTuFfoYVdkjt9MhggEzirA==
age
110343
10159021.json
s.yimg.com/wi/config/ 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10159021.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:03:02 GMT
x-content-type-options
nosniff
age
3127
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
S2MMDKBB8H13SE77
x-amz-id-2
oY5rRERWDWsDTyTTscG8IU8oOqC6JOL2APSIX64kab+ytghNDC6+PqsFxSzLhOFI8W4kzUB8oU4=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1374419849&t=pageview&_s=1&dl=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0&dp=%2Fgrab_the_balls%2F&ul=en-us&de=UTF-8&dt=Kaya%20Moola&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=test_source&cm=&_u=YGBACEABBAAAAC~&jid=1424199233&gjid=1617995722&cid=855226460.1637171710&tid=UA-203030395-1&_gid=663368113.1637171710&_r=1&gtm=2wgba1NNNPFW6&z=1765795230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kayamoolavibes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 17:55:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kayamoolavibes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o6kik&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a94d434d-7691-47da-b0ee-ca9af905488d&tw_document_href=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
122
pragma
no-cache
last-modified
Wed, 17 Nov 2021 17:55:09 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d5db31d6811130b7aa5ad43b0e29862225b5e25785191b33cf70ce7b5ff8a2c3
x-transaction
28bc53871cb4c280
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o6kik&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a94d434d-7691-47da-b0ee-ca9af905488d&tw_document_href=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Wed, 17 Nov 2021 17:55:09 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
30f18356afec209436bf5c3c770b9145ffc66f4ee5dbdf6d9077e98df439cb63
x-transaction
d3d2a747048f542f
expires
Tue, 31 Mar 1981 05:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2017%20Nov%202021%2017%3A55%3A09%20GMT&n=0&b=Kaya%20Moola&.yp=10159021&f=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0&enc=UTF-8&yv=1.10.2&tagmgr=gtm
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 17:55:09 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 17 Nov 2021 17:55:09 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=384007253140696&ev=PageView&dl=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WN...
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%...
44 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0&ec=0&ev=PageView&exp=p0&fbp=fb.1.1637171709875.2054889266&id=384007253140696&if=false&it=1637171709753&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1637171709876&v=2.9.48
Requested by
Host: kayamoolavibes.com
URL: https://kayamoolavibes.com/grab_the_balls/?aff_id=802749&offer_id=800822&transaction_id=c1mKmYu0Q_1HHlB361bYc1WNy9C&goal_id=1008&utm_medium=sms&utm_source=sms&utm_content=discoball&utm_campaign=nov17&country_code=DE&trk_sys_id=10&test=0
Protocol
H2
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 17 Nov 2021 17:55:09 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 17:55:09 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
location
/tr/?coo=false&dl=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0&ec=0&ev=PageView&exp=p0&fbp=fb.1.1637171709875.2054889266&id=384007253140696&if=false&it=1637171709753&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1637171709876&v=2.9.48
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
expires
0
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384007253140696&ev=Microdata&dl=https%3A%2F%2Fkayamoolavibes.com%2Fgrab_the_balls%2F%3Faff_id%3D802749%26offer_id%3D800822%26transaction_id%3Dc1mKmYu0Q_1HHlB361bYc1WNy9C%26goal_id%3D1008%26utm_medium%3Dsms%26utm_source%3Dsms%26utm_content%3Ddiscoball%26utm_campaign%3Dnov17%26country_code%3DDE%26trk_sys_id%3D10%26test%3D0&rl=&if=false&ts=1637171711380&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Kaya%20Moola%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637171709875.2054889266&it=1637171709753&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kayamoolavibes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:55:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 17 Nov 2021 17:55:11 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| redirect_page_link_new object| dataLayer function| $ function| jQuery function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| dotq function| fbq function| _fbq function| twq object| google_tag_data string| GoogleAnalyticsObject function| ga object| twttr object| YAHOO object| gaplugins object| gaGlobal object| gaData

12 Cookies

Domain/Path Name / Value
roilnks.net/ Name: click_time
Value: "2|1:0|10:1637171709|10:click_time|16:MTYzNzE3MTcwOQ==|e0c2c84f9af3a035eb207dfa1592ddeb4cd6b6dea3afdfe31c034e7c233c6c83"
roilnks.net/ Name: redirect_url
Value: "2|1:0|10:1637171709|12:redirect_url|316:aHR0cHM6Ly9rYXlhbW9vbGF2aWJlcy5jb20vZ3JhYl90aGVfYmFsbHMvP2FmZl9pZD04MDI3NDkmb2ZmZXJfaWQ9ODAwODIyJnRyYW5zYWN0aW9uX2lkPWMxbUttWXUwUV8xSEhsQjM2MWJZYzFXTnk5QyZnb2FsX2lkPTEwMDgmdXRtX21lZGl1bT1zbXMmdXRtX3NvdXJjZT1zbXMmdXRtX2NvbnRlbnQ9ZGlzY29iYWxsJnV0bV9jYW1wYWlnbj1ub3YxNyZjb3VudHJ5X2NvZGU9REUmdHJrX3N5c19pZD0xMCZ0ZXN0PTA=|4dc269be04fc334306fdbefd2c5cb8af0fbb7c540cff96b64c1378346cb78557"
.kayamoolavibes.com/ Name: _ga
Value: GA1.2.855226460.1637171710
.kayamoolavibes.com/ Name: _gid
Value: GA1.2.663368113.1637171710
.kayamoolavibes.com/ Name: _gat_UA-203030395-1
Value: 1
.kayamoolavibes.com/ Name: _hjSessionUser_2018068
Value: eyJpZCI6Ijg4OGYxZWE2LWM1NzEtNTc2Ny05NGZjLTc3YTcxNzA3OWQ3ZiIsImNyZWF0ZWQiOjE2MzcxNzE3MDk3NjIsImV4aXN0aW5nIjpmYWxzZX0=
.kayamoolavibes.com/ Name: _hjFirstSeen
Value: 1
.kayamoolavibes.com/ Name: _hjSession_2018068
Value: eyJpZCI6IjVlNzE2NGY4LTQ2ZDUtNGFhNS04YzQxLTExNWQ1NjM3NDg5MyIsImNyZWF0ZWQiOjE2MzcxNzE3MDk4MjZ9
.kayamoolavibes.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.kayamoolavibes.com/ Name: _fbp
Value: fb.1.1637171709875.2054889266
.yahoo.com/ Name: A3
Value: d=AQABBP1BlWECEByBKsaPdjAD7SmGu_-pmF8FEgEBAQGTlmGfYQAAAAAA_eMAAA&S=AQAAAqlgFcFZulLvsgihBVTiyD4
.twitter.com/ Name: personalization_id
Value: "v1_7QRWAnoExZyz1EKNGC6pwA=="

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
clix.ac
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
kayamoolavibes.com
lottojive.com
roilnks.net
s.yimg.com
script.hotjar.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.hotjar.com
t.co
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.244.42.131
104.244.42.197
18.66.248.117
18.66.248.33
18.66.248.69
199.232.136.157
212.82.100.181
2606:4700:3031::6815:23b8
2606:4700:3032::6815:35fa
2606:4700:3033::ac43:ab94
2606:4700:3037::ac43:beec
2a00:1288:80:800::7001
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
0b71a66fed94c21158cd57758b970459269d287d54a5d53570490901727e4780
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3db67e983b18f5387743fe6c88be849376964c9e913e26a11e65323b62efe5e6
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165
4972f14a161ef909b040e30cd333dfa60e67aa47fa493fdc957f240e31c56a7b
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
66fe33cbddd725272fc5ccf65e176d0df041be2f290014d57330c219df9610e3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
81408645645e46284ab4d8b643341ff8eb01e4cf5de3b6d0ef31d0c788f76d30
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d2dcebd67ec5c5d3c9473226b50e4cc3c927e727e78b7dfdb0286e5b6a21c94b
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df5f8c79034fb18d499f3ce4a3e66f7503b4ac1443f826f0cbf64940310a0f68
e1f98ccf79d380deb41bb2c3a281390b81ccee0e182e47827847a15a4f8e9411
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f5716f8a1ed2fe1308e915a26c9af5778c3da89ee8813a149bbd79b769c6dd58