lionshannah-c533c3db.fg5.site Open in urlscan Pro
2606:4700:3031::ac43:8bd3  Public Scan

Submitted URL: http://lionshannah-c533c3db.fg5.site/
Effective URL: https://lionshannah-c533c3db.fg5.site/
Submission: On December 07 via api from US — Scanned from US

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3031::ac43:8bd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is lionshannah-c533c3db.fg5.site.
TLS certificate: Issued by WE1 on October 28th 2024. Valid for: 3 months.
This is the only time lionshannah-c533c3db.fg5.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1 MB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 101face.ru
101face.ru
590 KB
2 bablosoft.com
customfingerprints.bablosoft.com — Cisco Umbrella Rank: 174713
664 KB
2 fg5.site
lionshannah-c533c3db.fg5.site
6 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
1 quiet-corner.com
quiet-corner.com
93 KB
42 9
Domain Requested by
27 pagead2.googlesyndication.com lionshannah-c533c3db.fg5.site
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 101face.ru lionshannah-c533c3db.fg5.site
2 customfingerprints.bablosoft.com lionshannah-c533c3db.fg5.site
customfingerprints.bablosoft.com
2 lionshannah-c533c3db.fg5.site
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 www.youtube.com lionshannah-c533c3db.fg5.site
1 quiet-corner.com lionshannah-c533c3db.fg5.site
42 10

This site contains links to these domains. Also see Links.

Domain
101face.ru
Subject Issuer Validity Valid
fg5.site
WE1
2024-10-28 -
2025-01-26
3 months crt.sh
customfingerprints.bablosoft.com
R10
2024-10-10 -
2025-01-08
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
101face.ru
WE1
2024-11-10 -
2025-02-08
3 months crt.sh
quiet-corner.com
WE1
2024-10-25 -
2025-01-23
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
adtrafficquality.google
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 6 frames:

Primary Page: https://lionshannah-c533c3db.fg5.site/
Frame ID: 00EABF9DD71C6A85E5DDBEAE1D172FAC
Requests: 37 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SHRCOo9A3Pk
Frame ID: C72D08E52AE1244894289E51D10CE8DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 329476A15BCA74AFF830CFF58A10CBEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381450471092372&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733593132&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Flionshannah-c533c3db.fg5.site%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733593132243&bpp=5&bdt=905&idt=248&shv=r20241120&mjsv=m202412030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1949284417894&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347444%2C95345967&oid=2&pvsid=433693225038539&tmod=1651750693&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: 5A843F2B3BBDF3C1DCB6D8F1A5542797
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: D4530395442BA64C71544CAE1CBF188B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2BF98B984694AC28DB26E5A97B491390
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

101face.ru 10 Foods to Help You Get Lean · 1. Avocados · 2. Mangoes · 3. Apples · 4. Fish · 5. Herbs and Spices · 6. Tea · 7. Beans · 8. Veggies and Leafy Greens.

Page URL History Show full URLs

  1. http://lionshannah-c533c3db.fg5.site/ HTTP 307
    https://lionshannah-c533c3db.fg5.site/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

42
Requests

98 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

2873 kB
Transfer

5891 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lionshannah-c533c3db.fg5.site/ HTTP 307
    https://lionshannah-c533c3db.fg5.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lionshannah-c533c3db.fg5.site/
Redirect Chain
  • http://lionshannah-c533c3db.fg5.site/
  • https://lionshannah-c533c3db.fg5.site/
13 KB
5 KB
Document
General
Full URL
https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8bd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
280dfdc23b9b421bfcc15123c5b7aa7fb35390217b9089a5a36e66e7469005ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ee64aacddd543a4-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 17:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDAsxjAL%2B2uD0Rdhw9kSp3m6NBD%2B0sm7wzrm9u%2BHZdjTZEMZGScTFe66z6a71eVipqB%2F03R4vO5dPpebLCx0ZnWO7id04JfrI4waBJ33A%2FhnlcCjMe%2FPm0aRRUEA%2BnHBKg62YY0Lq6pYXfMPRCG9p5E3XWcyW%2BKAG1RxRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=32766&min_rtt=29821&rtt_var=10161&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4133&recv_bytes=4437&delivery_rate=548&cwnd=12000&unsent_bytes=0&cid=7c8078a0af564e64&ts=313&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Location
https://lionshannah-c533c3db.fg5.site/
Non-Authoritative-Reason
HttpsUpgrades
clientsafe.js
customfingerprints.bablosoft.com/
662 KB
663 KB
Script
General
Full URL
https://customfingerprints.bablosoft.com/clientsafe.js
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
5e69c64e9cdc245d8c73bb61e3dd6ee4cab3ea1b66d36dfe1a1be8f46e4f910f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=0
etag
W/"a56fa-19345e3eae8"
accept-ranges
bytes
content-length
677626
date
Sat, 07 Dec 2024 17:38:51 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
last-modified
Tue, 19 Nov 2024 19:26:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4381450471092372
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b6663b5a7f55cef24343e2b34a88153b17a3fdb13908bcc213952511b799cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
209990706647567425
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:51 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53356
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4991270330482248
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4ff5bf9792ad1f60f40d3a2372c031803feb266f2146e10021ec7f1eb65b063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
2903488302749773198
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53361
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5516924106891393
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68f406725db40d56a7c1aa09b91269c0aa6fd44779329d47510120fe3d873511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
6166382236213974857
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53358
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1286511990417461
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
770c42d89ea795e5a956e4a30e012bc9ac770214359fe0c449f3d04021203167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
2254630605490050800
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53356
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1505722211134357
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef0e7917f203eac8cfda5339a443fea96d1ad9d224e78537ec0cc797999e15d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
7087920267769837396
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53355
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6160883591993602
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d7a2f14e3abb13d0089695dd43d75c6bfad125380d9e03a46b414f3e784a28f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
5327359237680838839
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53362
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1505886704041394
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc177b3cc9d63a37f9a2f104269da78dd5737b61397488f2a190e7dc1cb8da47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
9943628489882948405
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53357
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1293834118760231
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b405b63caa40f5ef7571b8e5b3e562e5bfc0bb8d6209fa789302202dab089bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
8035841187113501623
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53357
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8685033615445157
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c1fdd906dc5330ea4828b9c25aedb3b6da25cffdb9c5140a67a47559e6d0cf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
1538245792892316715
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53355
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1771184225745936
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f024e0a54df85e3520abd0df42ef9d1a5f7ae9de0b04ba897eba4375cac8bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
11248069852625450323
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53355
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8403089758241307
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d06b16efc921143804d2e4037994479eb7f1ffb2fa9819a5e7c8e26f5b5ac15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
4852044800090770279
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53360
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8777267453186740
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
540b7d7f9369bd32e6e41756a753f09af41ae2c6a2fa38d7f70ccde4fea05b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
17659892210345866287
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53355
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3196606717217226
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7190a5050f1b9f4b2590b8cdc9c55222e8b50b356c390096be80b4dad4602de5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
17190172840180872437
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53345
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3372043558337355
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf145a8a4748e13b3028ce2c524f495a6b3c082866d481f8f980bf941deded38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
18190110041386214653
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53360
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5600401146126967
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c872fc5653d05efec21fc4b4bc026274908362b2dbc75caee289d7c5d0303770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
17139345645009108877
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53359
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6526084229210989
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82274c3432eec0fd480525697c4fe871c1115241cd4b1dc0137f80e9f3ae6817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
13312089101277505405
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53359
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5023081697884682
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a4d83fe9190c0f10645af6aa77491b25aee4b36a62fb576459f2919f152e3ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
14735134167130690790
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53354
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4632439303583931
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d54bb72325a886281cb465d32fc837303fcfdbeee8ce7b3371b206924d317a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
5778882566885586142
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53346
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1614586312590602
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91dedaa86c300aadfc3a616fc3afc47584725e797e7ce97be36c69a69168bbfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
14133877894416447223
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53357
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6237787853850150
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0aaebeb710cdc7246f35a61286996628570d7c4d55cea16b6f038e0ba6e0147f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
9812396069088967719
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53356
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5553229232872235
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f71b8101f354eabcd905c14c48ff2a4781c3d4ddcdee2a3192ac9f7b2a78e257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
7869145877545333432
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53354
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1861260930818016
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3621dcc4deac979d22efdd4534b546e5ddab0bdfeaa4e64b95cce10802646b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
4473887523793488453
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53354
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1293933457375845
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fc7a0a3634f4a660fb7757769c3926389ca0b34319ae0c22de723d4c1e8371e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
7577166333425213230
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53358
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5086894436432557
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe0f7bf194d5487647476f779fedf3719f6c2b748cdfb506945aaf3399ee01cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
10248341031929002312
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53347
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3003657962875824
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
892c32f955201f976cc79797cddce0ff3ac53dfa95f1905e277878f242f089fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
15446322158218946586
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53358
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2352352267291302
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69fa42e1b314e03539db8cd090593648042d4e5deb47f2783463ca42b18cb1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lionshannah-c533c3db.fg5.site
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
10775879796367681261
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53357
x-xss-protection
0
server
cafe
banner1.jpg
101face.ru/
315 KB
306 KB
Image
General
Full URL
https://101face.ru/banner1.jpg
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d325a509b2aee7a1b584e3b3793a6b1406f392d4751df07c78e021246465a754

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ffb1ef-4ea75"
age
175636
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qBAOBigy9c9kZCdAzEPSp%2FWI132TTsBwGLjBO8p4ecC6CNjiNOpttI2AIfd3d4RHMNlaZhbO%2FCnXEyEXPq6wch8z9dLCRT7Z4HnpRErXsRtYBMDlBphUprQ9b9YeXYmg5lDIizUWYK4w"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 16:51:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27589&min_rtt=27545&rtt_var=10360&sent=20&recv=8&lost=0&retrans=0&sent_bytes=15539&recv_bytes=4601&delivery_rate=107586&cwnd=12000&unsent_bytes=0&cid=da5b1af4fe796e83&ts=53&x=1", cfExtPri, cfHdrFlush;dur=25
date
Sat, 07 Dec 2024 17:38:51 GMT
content-type
image/jpeg
last-modified
Fri, 04 Oct 2024 09:14:23 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee64ab1deb40fa1-EWR
server
cloudflare
banner2.jpg
101face.ru/
293 KB
284 KB
Image
General
Full URL
https://101face.ru/banner2.jpg
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5bd57e8ed9d4a98c12fedb24d909231a90d00d4379c910aa304877c68811fe0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ffb30e-494bc"
age
175635
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZe0hkdLw%2FVtJbu2P2jPsBrWDmfcssGk%2BNSileZLGoJhEPJv3J%2BP29DmUH3chjGSg05ZY6%2FUFwoaX9qhI6Fw0kAFfPQ6LckHTKa3dbgQBp8fb%2Ba0pk98cn%2FDdc7WOH2cYKRpsITtz6v4"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 16:51:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27589&min_rtt=27545&rtt_var=10360&sent=10&recv=8&lost=0&retrans=0&sent_bytes=4121&recv_bytes=4601&delivery_rate=107586&cwnd=12000&unsent_bytes=0&cid=da5b1af4fe796e83&ts=51&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 17:38:51 GMT
content-type
image/jpeg
last-modified
Fri, 04 Oct 2024 09:19:10 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee64ab1deb70fa1-EWR
server
cloudflare
8-Nutritional-Rules-of-Lean-Eating-710x732.jpg
quiet-corner.com/wp-content/uploads/2017/06/
92 KB
93 KB
Image
General
Full URL
https://quiet-corner.com/wp-content/uploads/2017/06/8-Nutritional-Rules-of-Lean-Eating-710x732.jpg
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.11.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fced3c0b0abe147e60d90f1288de7ca212f644b9d7157970080e550aa81fb139

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

cf-cache-status
HIT
age
643312
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcFWYoqXVpqrwyTsCRnX321nDNN4syZrZ5Ln5ME982xcjUOhJotouRhZalfdCXWjDm1teJnMeEgkJmegW1ftb50niYTDS7ushG3GFqhSlnw2MKtZSZZ1AJCoZsEgY3w1ycWx"}],"group":"cf-nel","max_age":604800}
expires
Sat, 28 Dec 2024 06:57:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27485&min_rtt=27146&rtt_var=10422&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4112&recv_bytes=4367&delivery_rate=99930&cwnd=12000&unsent_bytes=0&cid=5b01c60973058820&ts=55&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 17:38:52 GMT
content-type
image/jpeg
last-modified
Tue, 02 Jan 2018 10:34:46 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee64ab44dc3c439-EWR
accept-ranges
bytes
content-length
94342
server
cloudflare
SHRCOo9A3Pk
www.youtube.com/embed/ Frame C72D
0
0
Document
General
Full URL
https://www.youtube.com/embed/SHRCOo9A3Pk
Requested by
Host: lionshannah-c533c3db.fg5.site
URL: https://lionshannah-c533c3db.fg5.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lionshannah-c533c3db.fg5.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-EPwLonNjgD0PiHJRxS9gpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Dec 2024 17:38:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/
434 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4381450471092372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
058d40abbf959e31b1d3282f707a52965ada28461f555664158a93e5f3b48e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
br
etag
16976266772740233961
age
11464
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 14:27:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 14:27:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147614
x-xss-protection
0
server
cafe
perfectcanvas
customfingerprints.bablosoft.com/
43 B
538 B
Fetch
General
Full URL
https://customfingerprints.bablosoft.com/perfectcanvas?publickey=hnmqgcgu1egp0mq23n71kofsc5ooyt3y3eva3f19einqozc4g01jrop1o5hg04ai
Requested by
Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
e712196d1dcbc326262000b48d50e9042c2e3d44714cf993a3cab742277b928c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
date
Sat, 07 Dec 2024 17:38:52 GMT
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 3294
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lionshannah-c533c3db.fg5.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
32920
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 Dec 2024 08:30:12 GMT
etag
17661348622971093804
expires
Sat, 21 Dec 2024 08:30:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5A84
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381450471092372&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733593132&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Flionshannah-c533c3db.fg5.site%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733593132243&bpp=5&bdt=905&idt=248&shv=r20241120&mjsv=m202412030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1949284417894&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95347444%2C95345967&oid=2&pvsid=433693225038539&tmod=1651750693&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=274
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lionshannah-c533c3db.fg5.site/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 Dec 2024 17:38:52 GMT
expires
Sat, 07 Dec 2024 17:38:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37db85e0a45820ca9714d3c41e794649611e517a89084315333d1a875af14c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13111
date
Sat, 07 Dec 2024 17:38:53 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
lionshannah-c533c3db.fg5.site/
265 B
970 B
Other
General
Full URL
https://lionshannah-c533c3db.fg5.site/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8bd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5291ef5cc8f03e3b074952ffcd698a37a25b710632acea4419e8b2d8c10fbbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"640ccb9d-109"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKg867G0vNImL6sz9mzOHi7li3dk4%2FCvWuYPuWUoW%2FfQU8ebcVp1FQsU85x%2FbOujdurtKgBtn%2BWEptpKpw2tKEPE8MKrZTP4FKnjydVaQikwCwoUtkcScYnuKiS0vll0TcJ4vWdlmEwuilz6KtlNnl72RNZM90jz2jYm6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee64abad91843a4-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30457&min_rtt=25683&rtt_var=7745&sent=18&recv=14&lost=0&retrans=0&sent_bytes=9411&recv_bytes=4955&delivery_rate=204563&cwnd=12000&unsent_bytes=0&cid=7c8078a0af564e64&ts=2509&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 17:38:53 GMT
content-type
image/x-icon
last-modified
Sat, 11 Mar 2023 18:42:37 GMT
vary
Accept-Encoding
priority
u=1,i
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lionshannah-c533c3db.fg5.site/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 17:38:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 17:38:53 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D453
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lionshannah-c533c3db.fg5.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Dec 2024 16:56:22 GMT
expires
Sat, 07 Dec 2024 17:46:22 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2BF9
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FazFsdojGkXsAcXNu0C0_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lionshannah-c533c3db.fg5.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FazFsdojGkXsAcXNu0C0_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Dec 2024 17:38:53 GMT
expires
Sat, 07 Dec 2024 17:38:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=433693225038539&bg=!Z2SlZCvNAAaIaF9IqGg7ADQBe5WfONGzzcWUL2wZA5gu4-T7ID3KMqpf1ozPE6iC3pWTf2CtzKFnC2rHS_mQHYURAA1PAgAAAGRSAAAABWgBB34ANnlFsCmTiLTxydHYINxj18qOQ2Z6d_HRCAlTnqC1IEkrINkflxjVUkTqnn0JOp1iS48x8Pym0pkCq5rHTWk2r9Qtm4lCDGn0RIRFMEjagfQLVLFgNQDa4HycbqMA4ZUSOE3rt1VwjN0H4hJGacH39eYyPyv_Pjgbncwon6pchNjswpn5AUTwo2C04AvLrgZW2Eg_SUZaX6MWq2FThkHDQ2StNXvSovqgV-PgQ-WmThTE1SIv_UpZ8HGCdC-Z-7PqwnJqrp7cLfz9azrPbsr7qx09roR_dZptgI3ed9N8drvoJtIWbbaneQU3UEXOpJrN1ovXJSfwL2nhgGgYgjMnkVjk3-zLXvM14h4vuvBpg4J_HvXqEloZlaZGvjSBeGZ0ZmXRhJvvZPVICvbvfVKHOt55VNOJ6bzReVde4KF4frmnhJPlcE-ZqwWH0FSdZR10t5E0m0S0mEAjGO1dxFu2Jyn62_J-i66Xpj0FpOa6mxCO7snUFxfxNFZq6Bc0yVS4sraU5Zz_iWgG_48vVzl5Zy81ZF2O_rz9Dv8OZLTP8pAHDgX_LMtSWjavda6GuC7YR4-fsM8T-IN0X8LBbfiqDDX-_7Y30W37mgeHuwwvZNoFeTzyYeHLG85wTF7IX1K8Q3Au7VjDpRLyc5HDpFMti11LxSntLMXZM8udEWcA7Rf-h_Owul5ijv6PIcnuPoV60WeumIJnxvh1k6mCOEitiFnawa20j4QoACeHwTYrJkLLuAQuOmLuaZSx3eGAfrfOGKFI609OLtFSaLH4Orj2WsK1wvUFdX2yTQPn0hN36Ry62MqMGQ2ETpj7381bPTqkwne02E3lEpZ_lQJEuim1LuzoFEHCHs7zEr-o3kDgwiSQ4z_DU94hsDBM0-rXeaK2YyBR7B_hnE7-ho56DaAFVZXq5Bj_NgLpWqf50z8jZXWWsng8ieo3QGDqhW4qSVZOsYitheXEh0xwmuWAovz0HAv1WXPU

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| FontManagerData function| FontManagerGlyphs function| FontManagerHashGenerator function| FontManager function| GetSystemFontData function| GetWebGPUData function| getInstalledExtensions function| PerfectCanvasPrecomputed function| PerfectCanvas function| ProcessFingerprint function| ProcessFingerprintNoCache function| ProcessFingerprintInternal function| showNextBanner object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
lionshannah-c533c3db.fg5.site/ Name: c622a72f64fe9536fec1acab15086c7f
Value: 0
.youtube.com/ Name: YSC
Value: r6Q39IoNN9w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gWW7fd3lGAY
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgTw%3D%3D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

101face.ru
customfingerprints.bablosoft.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
lionshannah-c533c3db.fg5.site
pagead2.googlesyndication.com
quiet-corner.com
www.google.com
www.youtube.com
ep1.adtrafficquality.google
104.21.11.159
143.198.242.75
2606:4700:3031::ac43:8bd3
2606:4700:3033::6815:4499
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c17::6a
2607:f8b0:4004:c19::5b
2607:f8b0:4004:c1d::9a
058d40abbf959e31b1d3282f707a52965ada28461f555664158a93e5f3b48e8c
0a4d83fe9190c0f10645af6aa77491b25aee4b36a62fb576459f2919f152e3ff
0aaebeb710cdc7246f35a61286996628570d7c4d55cea16b6f038e0ba6e0147f
0b405b63caa40f5ef7571b8e5b3e562e5bfc0bb8d6209fa789302202dab089bc
280dfdc23b9b421bfcc15123c5b7aa7fb35390217b9089a5a36e66e7469005ea
2d7a2f14e3abb13d0089695dd43d75c6bfad125380d9e03a46b414f3e784a28f
37db85e0a45820ca9714d3c41e794649611e517a89084315333d1a875af14c6a
4fc7a0a3634f4a660fb7757769c3926389ca0b34319ae0c22de723d4c1e8371e
540b7d7f9369bd32e6e41756a753f09af41ae2c6a2fa38d7f70ccde4fea05b1e
5e69c64e9cdc245d8c73bb61e3dd6ee4cab3ea1b66d36dfe1a1be8f46e4f910f
68f406725db40d56a7c1aa09b91269c0aa6fd44779329d47510120fe3d873511
69fa42e1b314e03539db8cd090593648042d4e5deb47f2783463ca42b18cb1ec
6b6663b5a7f55cef24343e2b34a88153b17a3fdb13908bcc213952511b799cb0
7190a5050f1b9f4b2590b8cdc9c55222e8b50b356c390096be80b4dad4602de5
770c42d89ea795e5a956e4a30e012bc9ac770214359fe0c449f3d04021203167
7c1fdd906dc5330ea4828b9c25aedb3b6da25cffdb9c5140a67a47559e6d0cf8
7f024e0a54df85e3520abd0df42ef9d1a5f7ae9de0b04ba897eba4375cac8bc8
82274c3432eec0fd480525697c4fe871c1115241cd4b1dc0137f80e9f3ae6817
892c32f955201f976cc79797cddce0ff3ac53dfa95f1905e277878f242f089fb
91dedaa86c300aadfc3a616fc3afc47584725e797e7ce97be36c69a69168bbfd
a3621dcc4deac979d22efdd4534b546e5ddab0bdfeaa4e64b95cce10802646b6
b4ff5bf9792ad1f60f40d3a2372c031803feb266f2146e10021ec7f1eb65b063
c5bd57e8ed9d4a98c12fedb24d909231a90d00d4379c910aa304877c68811fe0
c872fc5653d05efec21fc4b4bc026274908362b2dbc75caee289d7c5d0303770
cf145a8a4748e13b3028ce2c524f495a6b3c082866d481f8f980bf941deded38
d06b16efc921143804d2e4037994479eb7f1ffb2fa9819a5e7c8e26f5b5ac15b
d325a509b2aee7a1b584e3b3793a6b1406f392d4751df07c78e021246465a754
d54bb72325a886281cb465d32fc837303fcfdbeee8ce7b3371b206924d317a54
dc177b3cc9d63a37f9a2f104269da78dd5737b61397488f2a190e7dc1cb8da47
e712196d1dcbc326262000b48d50e9042c2e3d44714cf993a3cab742277b928c
ef0e7917f203eac8cfda5339a443fea96d1ad9d224e78537ec0cc797999e15d7
f5291ef5cc8f03e3b074952ffcd698a37a25b710632acea4419e8b2d8c10fbbc
f71b8101f354eabcd905c14c48ff2a4781c3d4ddcdee2a3192ac9f7b2a78e257
fced3c0b0abe147e60d90f1288de7ca212f644b9d7157970080e550aa81fb139
fe0f7bf194d5487647476f779fedf3719f6c2b748cdfb506945aaf3399ee01cb
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99