urlscan.io logo urlscan.io
SecurityTrails logo

nudepopsy71c.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tinyurl.com/2yjzc45t
Effective URL: https://nudepopsy71c.com/?utm_source=7oaUDq8t8q8iP
Submission: On August 07 via manual from SK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 8 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in and belongs to . The main domain is nudepopsy71c.com.
TLS certificate: Issued by WE1 on June 17th 2024. Valid for: 3 months.
This is the only time nudepopsy71c.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700::6811:70e9 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
14    2606:4700:3036::ac43:a5b5 (United States)

ASN13335 (CLOUDFLARENET, US)
medawarton.buzz
1    2a06:98c1:3121::3 (None, )

ASN- ()
nudepopsy71c.com
1    2a00:1450:4001:831::200a (None, )

ASN- ()
fonts.googleapis.com
1    2a04:4e42:400::649 (None, )

ASN- ()
code.jquery.com
1    2606:4700::6812:bb1f (None, )

ASN- ()
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
14 medawarton.buzz
medawarton.buzz
315 KB
1 jsdelivr.net
cdn.jsdelivr.net
2 KB
1 jquery.com
code.jquery.com
30 KB
1 googleapis.com
fonts.googleapis.com
968 B
1 nudepopsy71c.com
nudepopsy71c.com
6 KB
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 28394
758 B
0 gstatic.com Failed
fonts.gstatic.com Failed
0 cdn2-1.net Failed
cdn2-1.net Failed
24 8
Domain Requested by
14 medawarton.buzz medawarton.buzz
1 cdn.jsdelivr.net nudepopsy71c.com
1 code.jquery.com nudepopsy71c.com
1 fonts.googleapis.com nudepopsy71c.com
1 nudepopsy71c.com medawarton.buzz
nudepopsy71c.com
1 tinyurl.com 1 redirects
0 fonts.gstatic.com Failed fonts.googleapis.com
0 cdn2-1.net Failed nudepopsy71c.com
24 8

This site contains no links.

Subject Issuer Validity Valid
medawarton.buzz
WE1		 2024-06-26 -
2024-09-24		 3 months crt.sh
nudepopsy71c.com
WE1		 2024-06-17 -
2024-09-15		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh

This page contains 5 frames:

Primary Page: https://nudepopsy71c.com/?utm_source=7oaUDq8t8q8iP
Frame ID: E581AC9664667E27886311EDEEEF1A18
Requests: 14 HTTP requests in this frame

Frame: https://medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/index.html
Frame ID: DE917EB21AEA7FEA142096548BC7CB3A
Requests: 2 HTTP requests in this frame

Frame: https://medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/index.html
Frame ID: 20E208E7E04759A127732BB08F513268
Requests: 2 HTTP requests in this frame

Frame: https://medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
Frame ID: 56565BB855E55228F5BE2F5682B6C0A4
Requests: 3 HTTP requests in this frame

Frame: https://medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
Frame ID: 14D8866BECF042B00162EDC5FDAFF71D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tinyurl.com/2yjzc45t HTTP 307
    https://tinyurl.com/2yjzc45t HTTP 301
    https://medawarton.buzz/TrejoLilli91191 Page URL
  2. https://nudepopsy71c.com/?utm_source=7oaUDq8t8q8iP Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

75 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

6
IPs

1
Countries

354 kB
Transfer

1265 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tinyurl.com/2yjzc45t HTTP 307
    https://tinyurl.com/2yjzc45t HTTP 301
    https://medawarton.buzz/TrejoLilli91191 Page URL
  2. https://nudepopsy71c.com/?utm_source=7oaUDq8t8q8iP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://tinyurl.com/2yjzc45t HTTP 307
  • https://tinyurl.com/2yjzc45t HTTP 301
  • https://medawarton.buzz/TrejoLilli91191

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
TrejoLilli91191
medawarton.buzz/
Redirect Chain
  • http://tinyurl.com/2yjzc45t
  • https://tinyurl.com/2yjzc45t
  • https://medawarton.buzz/TrejoLilli91191
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/TrejoLilli91191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f919f8a8687903ce173056d45203f19de23b6fa58396db79457362fb8418cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af58bfd6c223617-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Aug 2024 07:27:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVvCLaeqM4zelNCD6OTkn66jD1Bpu26UCm%2BSGRsl41T1sE9jrrKrSoi7QGJGcpzVCezuishkJJUq0Tx1Qm67x%2B%2B%2BP08KzjgKaUHssuCTwTMgHNB92t8peZyHDqZRlgG6tard%2BVmHBOlat%2FQWe5o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status
MISS
cf-ray
8af58bf7e97f6aba-FRA
content-type
text/html; charset=utf-8
date
Wed, 07 Aug 2024 07:27:54 GMT
location
https://medawarton.buzz/TrejoLilli91191
referrer-policy
unsafe-url
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex
x-tinyurl-redirect
eyJpdiI6IitwYjZpY1puL0xEand5OXpYTENTcnc9PSIsInZhbHVlIjoiazdJS280dHJ6SEQ5MWtQUVdFNFJXYUR2Um1TZzdxMW9OMlRBRmh4MnN6VjVtaWo3OFNYTi9zWHhTbFFyMys5RiIsIm1hYyI6IjBhMDViYmMyOTVlYjRkZTE3NmI0NWU4ZWRiNWJkYTNmYTU5ZjYwYWI2NjI5ZThjMTg3YjFkYWM2OTNiMGYxY2YiLCJ0YWciOiIifQ==
x-tinyurl-redirect-type
redirect
x-xss-protection
1; mode=block
index.html
medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/ Frame DE91 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/index.html
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/TrejoLilli91191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a925011ed082601ce22f383c019e54703da5cc677e87e09bc6908817aa8d4f

Request headers

Referer
https://medawarton.buzz/TrejoLilli91191
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af58bfecde13617-FRA
content-encoding
br
content-type
text/html
date
Wed, 07 Aug 2024 07:27:54 GMT
last-modified
Wed, 31 Jul 2024 08:55:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0KWKqIy6Qhs4tUOWVpJ5Npo2OVzSz67b3a3KhuY7ORklDKqmSQWb%2BL9Ags0M5yWSDC4RdTnGMGOoPAwXatJe294MHXFIaHqVwE%2FmPsltzVVZ%2B4yg3y3y2oMUeimXmh6GhhBMWa8DumrMcrk%2FZw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
index.html
medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/ Frame 20E2 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/index.html
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/TrejoLilli91191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46ca59205f4c7f32e907c77687f5b8839ced69f78261157239dd33d2eb2cf7a

Request headers

Referer
https://medawarton.buzz/TrejoLilli91191
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af58bfecdeb3617-FRA
content-encoding
br
content-type
text/html
date
Wed, 07 Aug 2024 07:27:54 GMT
last-modified
Wed, 31 Jul 2024 08:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KTVfK%2FdfyG8RByF84S4R0RW6wHkMpMHlpOkkhrpEqPj1nlCWtdlJz7laJ16nPzF90ZMykIqW%2FbOEm1bZj9ChEoyqkZDDnrEPNHCxFBDY%2B%2FDhF%2Fy1etPgYzo5R8nI0N5MTUQq6XboEJDkzbdUhBY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
background-image.webp
medawarton.buzz/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medawarton.buzz/images/background-image.webp
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/TrejoLilli91191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medawarton.buzz/TrejoLilli91191
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:27:54 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 07 Aug 2024 07:27:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oP1Tqw1pPzs5EFdoR5BYbv%2F%2BcROsdlk59%2BI6WQKepAQqu98qvygL2cwkZQSFT%2FhTLgev6M7i45G8wRypWmqigiSb%2BOQoHdbrM1FKkBeITuV10t6yvcaaiO%2BLn5beA7SLoC4Hd1dqSPVbt8JQsHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
8af58bfecde93617-FRA
alt-svc
h3=":443"; ma=86400
api.js
medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/client-api.arkoselabs.com/v2/0152B4EB-D2DC-460A-89A1-629838B529C9/ Frame DE91 		125 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/client-api.arkoselabs.com/v2/0152B4EB-D2DC-460A-89A1-629838B529C9/api.js
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf9540772da352de0fd196d2e7626f4ae6bfd54eaff556d95f59e3d1a792dea

Request headers

Referer
https://medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:27:54 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 31 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a9fbf2-1f2e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uwgcZWUAZWPsf5oofyJpj6sTh%2BwF88GsL6RuUgPXUXJLnvoJreDmF2Ccv42LSem1rmUFMvbNgNOhSZNzza46l1Vrk2O47ZIfijkGAvkFgmcaV5rEtDGHIONBkEKIzOM4DsDDa%2B06IquxXufamw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8af58bff6edf3617-FRA
alt-svc
h3=":443"; ma=86400
api.js
medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/client-api.arkoselabs.com/v2/2CB16598-CB82-4CF7-B332-5990DB66F3AB/ Frame 20E2 		125 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/client-api.arkoselabs.com/v2/2CB16598-CB82-4CF7-B332-5990DB66F3AB/api.js
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf9540772da352de0fd196d2e7626f4ae6bfd54eaff556d95f59e3d1a792dea

Request headers

Referer
https://medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:27:54 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 31 Jul 2024 08:55:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a9fbf6-1f2e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gaJn6iqgB%2BOsMt2Dl%2B1jihmi1Jjs%2FSVSgPNeyoEkeQ6xtYQzSDv8q2WCtLXFmPr3OdpRsvEt7ToSYN4wxpM9UiMBJjMOV9V8SankzkzrDZ5A%2BOm%2Fg5wniaVXUlGvKnv%2B0S6CIBPqGCg%2F6nmKRAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8af58bff6ee03617-FRA
alt-svc
h3=":443"; ma=86400
enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/ Frame 5656 		547 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/client-api.arkoselabs.com/v2/0152B4EB-D2DC-460A-89A1-629838B529C9/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a3422c88969d1883d9951593e1cea9d178ab523c676e729490e54302b37ceb

Request headers

Referer
https://medawarton.buzz/iframe.arkoselabs.com/0152B4EB-D2DC-460A-89A1-629838B529C9/index.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af58c002f9d3617-FRA
content-encoding
br
content-type
text/html
date
Wed, 07 Aug 2024 07:27:54 GMT
last-modified
Wed, 31 Jul 2024 08:55:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVphtUBjsf7G6BqzGgweUtcK29Rou90L0G3v8Z7KydmfJ%2FJm5tbnr7Z%2FkoaqyW6owF65EujbmQb8jTHuZmNv9%2B3M%2B1PLfO9rI2RoeSe2gSHbQ3eW2jaIbqpxKs2F0hm9JSwXL3TWhptuWWKGK1s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/ Frame 14D8 		547 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/client-api.arkoselabs.com/v2/2CB16598-CB82-4CF7-B332-5990DB66F3AB/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a3422c88969d1883d9951593e1cea9d178ab523c676e729490e54302b37ceb

Request headers

Referer
https://medawarton.buzz/iframe.arkoselabs.com/2CB16598-CB82-4CF7-B332-5990DB66F3AB/index.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af58c005fcf3617-FRA
content-encoding
br
content-type
text/html
date
Wed, 07 Aug 2024 07:27:54 GMT
last-modified
Wed, 31 Jul 2024 08:55:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FJGcolhu%2FcunqTZZHCsIssxiIzySmKWlyQx9Y133UZhfyfOVjebS%2FJI4I6z%2BajpilRtBm4BHRDXynhl9dgOmjZ6SqunJaYM5xZzL6Ii03%2FWnxEKRFn6OMwfrKtsKoFs4y72ZdNPGGU3ETR%2F2po%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
enforcement.b3b1c9343f2ef3887d61d74272d6a3af.js
medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/ Frame 5656 		433 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.js
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51fef1a9cbaa0b7ed3d7177b6c4f00bed50e74e769ed60ff487b3521d4ba24c8

Request headers

Referer
https://medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:27:55 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 31 Jul 2024 08:55:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6c561-61e8740c014e6-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hDnfN71qWV%2BIc%2B9eUujiTncKWJSubX1H%2B149jPHZ8bDAlRQKJWcH9%2FeuZhfGe49lEyfLU4E1ggt%2FJEQobAIgShrNYG0hf5Dw9mcL0uGVnG6tpvL1NjWHSTvfllZcYLm3D%2F590rK8ep4jb5tWZQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8af58c00980b3617-FRA
alt-svc
h3=":443"; ma=86400
enforcement.b3b1c9343f2ef3887d61d74272d6a3af.js
medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/ Frame 14D8 		433 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.js
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
342011f73d57512495adeefaef9a3c48ad5bc79ae6e304abd25e2cc882a95ef9

Request headers

Referer
https://medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:27:55 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 31 Jul 2024 08:55:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6c565-61e8740de2bf4-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCQOAvuW%2BfzfTHg2sjVBkZAft%2BTl2cMxMmQj7rHlJ0PuAtwb1dQBxSS28ssnEnQCdTEuWLnVwehjTZ7jYhS%2FZ7CwjbrSXguRT5CI%2B5z6wvhqbLAJ9wNHee%2FRjChVLC0vznWcQtj%2BIhDoAq%2BDufw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8af58c00b8303617-FRA
alt-svc
h3=":443"; ma=86400
1.webp
medawarton.buzz/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medawarton.buzz/images/1.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1b980efe782cad3bd351ea858cd343cf2df909e41de9543bdc633ad8644a8e

Request headers

Referer
https://medawarton.buzz/TrejoLilli91191
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:27:55 GMT
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2024 14:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"662e5c35-6474"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCsYGnFKvCAOa6r3N8yjKFik6poTxkWeHqfO6L%2Fv9U5psvZnycjONPy4uQNyP3EaqbD0LDnhGEpHgC1YqIBxkCUaGZ9JBd47pB7p%2BWFu2FAsrN%2FXhhPCKmjEjw2pHDR6jeQtQaDJFs28XUDQh6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8af58c029a093617-FRA
alt-svc
h3=":443"; ma=86400
content-length
25716
favicon.ico
medawarton.buzz/ 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f919f8a8687903ce173056d45203f19de23b6fa58396db79457362fb8418cf

Request headers

Referer
https://medawarton.buzz/TrejoLilli91191
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:27:55 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 07 Aug 2024 07:27:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cytym5VgSY%2BziJvNPxs4ooWx2%2FWc8dgCQnPnlilETcX%2FFIEj8WmwtYxP%2Ff8dO5PVvc8GUVmq4exlxMjQ2V1690ohOGuboTMk6zBPalvDGDTbNxQaQi0%2BaQnF5E%2BH280WwJDSVLGkwQw5FN%2B5Trc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
8af58c029a0d3617-FRA
alt-svc
h3=":443"; ma=86400
dd.php
medawarton.buzz/ Frame 5656 		2 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/dd.php
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://medawarton.buzz/iframe.arkoselabs.com/0152b4eb-d2dc-460a-89a1-629838b529c9/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Aug 2024 07:27:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BAIDUp%2BoIsaQexE1rIumnFwxLm7cKVXQkvB9VZR5K7lUrJ4ZeZDtXOOWVbjzglCVUm1s1KbuMX3nztb3dvgWUn12I60kRvmpAlxLv8CuVZqiaKCk74DWwBq%2FfAr16sZcItMsGvz15DK34pO56as%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8af58c029a153617-FRA
alt-svc
h3=":443"; ma=86400
ddS.php
medawarton.buzz/ Frame 14D8 		2 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medawarton.buzz/ddS.php
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://medawarton.buzz/iframe.arkoselabs.com/2cb16598-cb82-4cf7-b332-5990db66f3ab/client-api.arkoselabs.com/v2/2.9.0/enforcement.b3b1c9343f2ef3887d61d74272d6a3af.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Aug 2024 07:27:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gJu2%2Bj2dyOPpygTPBHhG53GfskNKs5xMxTVDcy5KZuNvh%2FSUxlSnAnNJivD4kdEGNehjZQ8bj5fbHxnst%2FZ8OlcsnjPQx%2Bd7k8gA%2BIdQXI7TZCDPytZ7ikQ7vtf%2Fsi%2FaujZGfAn3lsnqMvzVvVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8af58c02aa163617-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
nudepopsy71c.com/ 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nudepopsy71c.com/?utm_source=7oaUDq8t8q8iP
Requested by
Host: medawarton.buzz
URL: https://medawarton.buzz/TrejoLilli91191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
10296d9d87608f8a1525892ac13116c9369991e721beec82541d1c1ad57e6601
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://medawarton.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8af58c1fbdd63831-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 07 Aug 2024 07:28:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DD80gZd16hXCDAr5MNwnUU6hY8kkjJJDhfZJz7IZxtKnDAEwV3n%2BG9WGGS%2FRQZc0evHgxymMsqTuZZ4UY1ACLT6xBQe0xDx92fALmJd335akKio9yIauThRwpwNVHhwIdMaUjJPhvBe6fM5ByPOr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
css
fonts.googleapis.com/ 		2 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Requested by
Host: nudepopsy71c.com
URL: https://nudepopsy71c.com/?utm_source=7oaUDq8t8q8iP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nudepopsy71c.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 07:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Aug 2024 07:11:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Aug 2024 07:28:00 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: nudepopsy71c.com
URL: https://nudepopsy71c.com/?utm_source=7oaUDq8t8q8iP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://nudepopsy71c.com/
Origin
https://nudepopsy71c.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:28:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2323823
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-fra-etou8220120-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723015680.255604,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3, 171441
jquery.background-video.min.js
cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js
Requested by
Host: nudepopsy71c.com
URL: https://nudepopsy71c.com/?utm_source=7oaUDq8t8q8iP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
980080db04de0f4a4aa86505dfab04f57bfe273681d72017211c2be9f18c004b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nudepopsy71c.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 07:28:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8072042
x-jsd-version
1.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1530
x-served-by
cache-fra-etou8220029-FRA, cache-lga21964-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"c3b-lIl9pzEZiV7OmGro+1ER2vHJtY0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q7TnfJy1%2BStx9bMzsSkDeVmVfqYwaXQyFKv%2BYWuhlcXKJgYSbeKzrIoJ76VGD0nRX7ICqsFP5UCnkqEs9kIJ3J%2BlDRlEwwmpkg3yUob%2FXC9ZonNeImB25UIcyHGWQh6HDqivBd4i8DzcfRKvYR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8af58c219acb3600-FRA
info.min.js
cdn2-1.net/assets/ 		0
0
uuidv4.min.js
cdn2-1.net/assets/ 		0
0
p.js
nudepopsy71c.com/ 		0
0
m1.mp4
cdn2-1.net/assets/9d275660f3a97f50a546584fb89ecf4e/video/ 		0
0
m1.jpg
cdn2-1.net/assets/9d275660f3a97f50a546584fb89ecf4e/images/ 		0
0
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn2-1.net
URL
https://cdn2-1.net/assets/info.min.js
Domain
cdn2-1.net
URL
https://cdn2-1.net/assets/uuidv4.min.js
Domain
nudepopsy71c.com
URL
https://nudepopsy71c.com/p.js?a=1963444&cr=68173&lid=15055&mh=aldVcHN2ZFhNVGpLeUVzTVhtdGFLUWdYcnhkampibGNlcWRoeE8tMzU3ODQ%3D&mmid=2944&p=0&rf=&rn=zc40mdeUys4WmdmVEhG&t=notrack
Domain
cdn2-1.net
URL
https://cdn2-1.net/assets/9d275660f3a97f50a546584fb89ecf4e/video/m1.mp4
Domain
cdn2-1.net
URL
https://cdn2-1.net/assets/9d275660f3a97f50a546584fb89ecf4e/images/m1.jpg
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| checkLocalStorage

1 Cookies

Domain/Path Name / Value
.tinyurl.com/ Name: __cf_bm
Value: h4PDQxgag7EpNMey8khT7OqD0x8JiH0sV8p6cyKJxeo-1723015674-1.0.1.1-o39.ZE2O75Tzz5DF9FCHcmLiwNg7mQpwezoBzi3GPy3TumQk7g3MKTFV7_q1UfbWTc_9bCTr3y.cDcHL0eH1Pw