urlscan.io logo urlscan.io
SecurityTrails logo

lalafo.tj Open in urlscan Pro
176.9.70.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lalafo.esclick.me/sl?u=http://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&al_secret=66074...
Effective URL: https://lalafo.tj/user/login
Submission: On January 10 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 51 HTTP transactions. The main IP is 176.9.70.177, located in Germany and belongs to HETZNER-AS, DE. The main domain is lalafo.tj.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 21st 2019. Valid for: 3 months.
This is the only time lalafo.tj was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.229.41.10 16509 (AMAZON-02)
3 12 176.9.70.177 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 104.18.71.113 13335 (CLOUDFLAR...)
7 104.18.73.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 104.16.55.111 13335 (CLOUDFLAR...)
51 15
1    54.229.41.10 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-41-10.eu-west-1.compute.amazonaws.com
lalafo.esclick.me
12    176.9.70.177 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.177.70.9.176.clients.your-server.de
lalafo.tj
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
9    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
7    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
assets.zendesk.com
7    104.18.73.113 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.zdassets.com
ekr.zdassets.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
3    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    104.16.55.111 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
lalafo.zendesk.com
Domain Requested by
12 lalafo.tj 3 redirects lalafo.tj
9 www.google.com 2 redirects lalafo.tj
www.gstatic.com
7 fonts.gstatic.com lalafo.tj
5 static.zdassets.com lalafo.tj
static.zdassets.com
4 www.google-analytics.com lalafo.tj
www.google-analytics.com
2 lalafo.zendesk.com static.zdassets.com
2 www.facebook.com lalafo.tj
connect.facebook.net
2 ekr.zdassets.com static.zdassets.com
2 www.google.de lalafo.tj
2 stats.g.doubleclick.net 2 redirects
2 connect.facebook.net lalafo.tj
connect.facebook.net
2 apis.google.com lalafo.tj
apis.google.com
1 securepubads.g.doubleclick.net www.googletagservices.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com lalafo.tj
1 www.gstatic.com www.google.com
1 assets.zendesk.com 1 redirects
1 www.googletagmanager.com lalafo.tj
1 fonts.googleapis.com lalafo.tj
1 lalafo.esclick.me 1 redirects
51 21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
lalafo.tj
Let's Encrypt Authority X3		 2019-11-21 -
2020-02-19		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.zdassets.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-25 -
2021-05-31		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
lalafo.zendesk.com
CloudFlare Inc ECC CA-2		 2019-08-07 -
2020-08-06		 a year crt.sh

This page contains 9 frames:

Primary Page: https://lalafo.tj/user/login
Frame ID: 95AA5F08E378E7A40AE91A74A4DE8BCE
Requests: 36 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 606E68F4E9FBAB277D20CF6668B88676
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=1vzzux8kgkbo
Frame ID: BB04734C106FCA689B6745CC335CC0E8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=tsjp2aq7jfcn
Frame ID: D64C9B788BA6E7ED9FDFFA3077891994
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=9emdsxfpt55v
Frame ID: 265CCB16447C02D3CDB0C22D61C73CA2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=ea4ofzmbsn8z
Frame ID: 77C7CFB41D879FDA62B2DB1DC53B085D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=jifx1liiuhty
Frame ID: 4CA293D3F4DFAA2F22069718742FBB96
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=20oezybayank
Frame ID: 5DE264F0C3BE8F979AF267C342E3C3CF
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/runtime.d42d7bacc616ff81864a.js
Frame ID: 7428CAEEF5FB0C5D546180E899EAA930
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://lalafo.esclick.me/sl?u=http://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGl... HTTP 302
    http://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&utm_source=transa... HTTP 301
    https://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&utm_source=transa... HTTP 302
    https://lalafo.tj/account HTTP 302
    https://lalafo.tj/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

51
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

21
Subdomains

15
IPs

4
Countries

1548 kB
Transfer

5471 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lalafo.esclick.me/sl?u=http://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&al_secret=660749&redirect=ad%2Fdeactivate%2F65280084&event=DeactivateIn14Days&iid=0e775660-339f-11ea-9b0b-33b5175dafde HTTP 302
    http://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&utm_source=transactional&utm_medium=email&utm_campaign=Source_DeactivateIn14Days&utm_content=695228026&utm_term=password-resets_2CLalafo.az HTTP 301
    https://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&utm_source=transactional&utm_medium=email&utm_campaign=Source_DeactivateIn14Days&utm_content=695228026&utm_term=password-resets_2CLalafo.az HTTP 302
    https://lalafo.tj/account HTTP 302
    https://lalafo.tj/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 26
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-53215439-6&cid=1409599693.1578660667&jid=568612364&gjid=890138157&_gid=1148232216.1578660667&_u=aHDAiEIhB~&z=1338682038 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-6&cid=1409599693.1578660667&jid=568612364&_v=j79&z=1338682038 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-6&cid=1409599693.1578660667&jid=568612364&_v=j79&z=1338682038&slf_rd=1&random=791795074
Request Chain 28
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-53215439-35&cid=1409599693.1578660667&jid=626250175&gjid=428464102&_gid=1148232216.1578660667&_u=aHDAiEIhB~&z=1752416169 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-35&cid=1409599693.1578660667&jid=626250175&_v=j79&z=1752416169 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-35&cid=1409599693.1578660667&jid=626250175&_v=j79&z=1752416169&slf_rd=1&random=2156367248

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
lalafo.tj/user/
Redirect Chain
  • https://lalafo.esclick.me/sl?u=http://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&al_secret=660749&redirect=ad%2Fdeactivate%2F65280084&event=DeactivateIn14Days&iid=0e775660...
  • http://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&utm_source=transactional&utm_medium=email&utm_campaign=Source_DeactivateIn14Days&utm_content=695228026&utm_term=password-...
  • https://lalafo.tj/account/autologin?al_hash=By7Qb4KHiOHqKcC7RRd0VilbkPGlkOHH&utm_source=transactional&utm_medium=email&utm_campaign=Source_DeactivateIn14Days&utm_content=695228026&utm_term=password...
  • https://lalafo.tj/account
  • https://lalafo.tj/user/login
41 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
1cce3a1a0af4fb750a019975bb23ba641a0ab44bedb07b960398bd1fcbfbb624
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Host
lalafo.tj
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=b7610533773de26cfb31db892cfe58f6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

Server
nginx
Date
Fri, 10 Jan 2020 12:51:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
affinity=1578660666.741.18456.577117; Path=/([a-zA-Z]{2}/)?user; HttpOnly _csrf=32dfe8d5ee130fce9c2b7e069ede295c3e000d523859fb91469741ccb0064c92a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22isYdcDxaC5sHqtsSGosWQaicuUFrM3Vk%22%3B%7D; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000; includeSubDomains

Redirect headers

Server
nginx
Date
Fri, 10 Jan 2020 12:51:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
affinity=1578660666.708.18456.486158; Path=/([a-zA-Z]{2}/)?account; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://lalafo.tj/user/login
Strict-Transport-Security
max-age=15768000; includeSubDomains
db2d658c9790c71e3221e47af2f5983e.css
lalafo.tj/assets/css-compress/ 		397 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lalafo.tj/assets/css-compress/db2d658c9790c71e3221e47af2f5983e.css?v=1577411428
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
d7edf3fa1d2158fe2cca63b8bcba4966a97522fceb75ba66e085bb2084ab45fb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Fri, 10 Jan 2020 12:51:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Dec 2019 01:02:07 GMT
Server
nginx
ETag
W/"5e05580f-63569"
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Fri, 17 Jan 2020 12:51:06 GMT
css
fonts.googleapis.com/ 		68 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5ba963c74c35592c028c823bc5df98e1e1769b633295985ea18aa32da9248fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 10 Jan 2020 12:51:06 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 10 Jan 2020 12:51:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 10 Jan 2020 12:51:06 GMT
client.js
apis.google.com/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=init
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3e44c7dae99f05dced214960c95d519849e8087c553d82408aa0bc89b309d3a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-M1pUzXZrAaDpSSwVn+ezBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"0c053b14c5a58e7aeed31924773edf7c"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Fri, 10 Jan 2020 12:51:06 GMT
logo-color.svg
lalafo.tj/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lalafo.tj/img/logo-color.svg?v=1577353794
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
895e5d76e6fb3e2badc7b9f5e48bbe2cdc56ac5c2abf2ebede038b386a074c17
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Fri, 10 Jan 2020 12:51:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Dec 2019 09:46:21 GMT
Server
nginx
ETag
W/"5e04816d-954"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 17 Jan 2020 12:51:06 GMT
logo-gray.svg
lalafo.tj/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lalafo.tj/img/logo-gray.svg?v=1577353794
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
4fa3ebd61f05ff8c38462bfd45471fb8e769eab4f0a351bb9b76afc5d4d4f33e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Fri, 10 Jan 2020 12:51:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Dec 2019 09:46:03 GMT
Server
nginx
ETag
W/"5e04815b-911"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 17 Jan 2020 12:51:06 GMT
icon-plane.svg
lalafo.tj/img/ 		691 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lalafo.tj/img/icon-plane.svg
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
e488069576ed2e94e2e16649a5e290517e0325eeadee2c1e90ac52f8c72d10ac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Fri, 10 Jan 2020 12:51:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Dec 2019 09:46:13 GMT
Server
nginx
ETag
W/"5e048165-2b3"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 17 Jan 2020 12:51:06 GMT
api.js
www.google.com/recaptcha/ 		797 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=ru_RU&render=explicit&onload=recaptchaOnloadCallback
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
812508ca7f2fa3a8a8bb448f3359a2ae7c94013208e57b58e867bac863b73882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
489
x-xss-protection
1; mode=block
expires
Fri, 10 Jan 2020 12:51:06 GMT
b8396150b382f7d4fd01708c19dbbe3c.js
lalafo.tj/assets/js-compress/ 		1 MB
435 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lalafo.tj/assets/js-compress/b8396150b382f7d4fd01708c19dbbe3c.js?v=1578064050
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
24af44bdcad1ddc7773aa41ce039949a582fc4a146fe2046ed59546bd6e5332b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Fri, 10 Jan 2020 12:51:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Dec 2019 15:08:31 GMT
Server
nginx
ETag
W/"5e0b646f-14f63c"
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Fri, 17 Jan 2020 12:51:06 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1051
date
Fri, 10 Jan 2020 12:33:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 10 Jan 2020 14:33:35 GMT
gtm.js
www.googletagmanager.com/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQKL6F
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9c6530eed387a592ab652960ec505ef2a2c09e5cccedbf3739e9d835bb4dc65
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:06 GMT
content-encoding
br
last-modified
Fri, 10 Jan 2020 12:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
19786
x-xss-protection
0
expires
Fri, 10 Jan 2020 12:51:06 GMT
fb.png
lalafo.tj/assets/0e0e1fe8a1e64d15d82c8e0d8d8dd351/img/ 		788 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lalafo.tj/assets/0e0e1fe8a1e64d15d82c8e0d8d8dd351/img/fb.png
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
8cdecc18299a148960d266b7ce98f3c1b95cda2824ca71cc214e8a38be427429
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://lalafo.tj/assets/css-compress/db2d658c9790c71e3221e47af2f5983e.css?v=1577411428
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Fri, 10 Jan 2020 12:51:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Dec 2019 09:45:51 GMT
Server
nginx
ETag
W/"5e04814f-314"
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Fri, 17 Jan 2020 12:51:06 GMT
gp.png
lalafo.tj/assets/0e0e1fe8a1e64d15d82c8e0d8d8dd351/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lalafo.tj/assets/0e0e1fe8a1e64d15d82c8e0d8d8dd351/img/gp.png
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
52a30fb0f46c29e59a33460d288194e92c832e076081814a57908952c7ce68a5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://lalafo.tj/assets/css-compress/db2d658c9790c71e3221e47af2f5983e.css?v=1577411428
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Fri, 10 Jan 2020 12:51:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Dec 2019 09:45:51 GMT
Server
nginx
ETag
W/"5e04814f-651"
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Fri, 17 Jan 2020 12:51:06 GMT
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Origin
https://lalafo.tj

Response headers

date
Tue, 19 Nov 2019 01:25:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:45 GMT
server
sffe
age
4533944
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13720
x-xss-protection
0
expires
Wed, 18 Nov 2020 01:25:22 GMT
icomoon.ttf
lalafo.tj/themes/uiux_desktop/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lalafo.tj/themes/uiux_desktop/fonts/icomoon.ttf?sc8bbo
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.70.177 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.177.70.9.176.clients.your-server.de
Software
nginx /
Resource Hash
74231eb968cbdb3e9274fa40905b983cdfd39575175da2a3eef4ba0c4a8b7294
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/assets/css-compress/db2d658c9790c71e3221e47af2f5983e.css?v=1577411428
Origin
https://lalafo.tj

Response headers

Date
Fri, 10 Jan 2020 12:51:06 GMT
Last-Modified
Thu, 26 Dec 2019 09:45:35 GMT
Server
nginx
ETag
"5e04813f-4124"
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16676
Expires
Fri, 17 Jan 2020 12:51:06 GMT
4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Origin
https://lalafo.tj

Response headers

date
Fri, 22 Nov 2019 01:47:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:36 GMT
server
sffe
age
4273431
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13588
x-xss-protection
0
expires
Sat, 21 Nov 2020 01:47:15 GMT
4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Origin
https://lalafo.tj

Response headers

date
Thu, 21 Nov 2019 04:21:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:36 GMT
server
sffe
age
4350602
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13848
x-xss-protection
0
expires
Fri, 20 Nov 2020 04:21:04 GMT
4iCv6KVjbNBYlgoCxCvjtGyNPYZvg7UI.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCxCvjtGyNPYZvg7UI.woff2
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c9ef010b9b7280d0e123c57ffc483892410dc453739b658fb70c36590657ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Origin
https://lalafo.tj

Response headers

date
Fri, 10 Jan 2020 04:19:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:52 GMT
server
sffe
age
30719
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7800
x-xss-protection
0
expires
Sat, 09 Jan 2021 04:19:07 GMT
asset_composer.js
static.zdassets.com/ekr/ Frame 606E
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
68ef14094971c85cb858a14229b66434ba058647685e7995efeb003907843680
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:06 GMT
content-encoding
br
cf-cache-status
HIT
age
10
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
7CA0F1C2247E0BA2
x-amz-id-2
1MRQ3aaKwifJvyUjD7jkAm6FoJm1+NY9Ax8SRyIxRAH/CcMX5VzbqvwjLI1P294Lf5yJickoVNc=
last-modified
Mon, 25 Nov 2019 03:12:11 GMT
server
cloudflare
etag
W/"f23e2e8621b39c963c5314230b30e8f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
vA138V8AjTSx.rHWOBKMdQTbxk4qg8M4
cf-ray
552ec7cefda59d24-AMS

Redirect headers

date
Fri, 10 Jan 2020 12:51:06 GMT
server
cloudflare
location
https://static.zdassets.com/ekr/asset_composer.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
strict-transport-security
max-age=0
cf-ray
552ec7cddc7c726f-AMS
expires
Fri, 10 Jan 2020 13:51:06 GMT
4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Origin
https://lalafo.tj

Response headers

date
Fri, 20 Dec 2019 04:32:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:43 GMT
server
sffe
age
1844337
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8128
x-xss-protection
0
expires
Sat, 19 Dec 2020 04:32:09 GMT
4iCv6KVjbNBYlgoCjC3jtGyNPYZvg7UI.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCjC3jtGyNPYZvg7UI.woff2
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ae184cd595b89f965d824a9e8748f6ec8f8d3a76ce836e054162207ccb69c251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Origin
https://lalafo.tj

Response headers

date
Fri, 20 Dec 2019 04:17:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:55 GMT
server
sffe
age
1845212
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8024
x-xss-protection
0
expires
Sat, 19 Dec 2020 04:17:34 GMT
4iCv6KVjbNBYlgoC1CzjtGyNPYZvg7UI.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoC1CzjtGyNPYZvg7UI.woff2
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
886377d2c328ffdcb3b8790aa71d95b80f0520a1a44bc5e0c40b3ab9ddcb6a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Origin
https://lalafo.tj

Response headers

date
Fri, 22 Nov 2019 01:40:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:53 GMT
server
sffe
age
4273831
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7772
x-xss-protection
0
expires
Sat, 21 Nov 2020 01:40:35 GMT
recaptcha__ru.js
www.gstatic.com/recaptcha/releases/eQmzkx3d5dtuXlLOA4pEID3I/ 		286 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/eQmzkx3d5dtuXlLOA4pEID3I/recaptcha__ru.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=ru_RU&render=explicit&onload=recaptchaOnloadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4d88f10652c5b8b6f478077c86abd99a3a0cf893c62d777dea0ef0b54181841a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 17:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jan 2020 05:06:04 GMT
server
sffe
age
327582
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
95703
x-xss-protection
0
expires
Tue, 05 Jan 2021 17:51:24 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1817
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Fri, 10 Jan 2020 13:20:49 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30426
x-xss-protection
0
pragma
public
x-fb-debug
MnRjFODlGfOwUQBYRBI7qqvLGJoq1Lz16d+5Re/6ygxkkJUeV5va54CsMmX7iWVMIEYRsgcNKgWzy5/qfMekmQ==
x-fb-trip-id
1850256238
date
Fri, 10 Jan 2020 12:51:06 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/assets/js-compress/b8396150b382f7d4fd01708c19dbbe3c.js?v=1578064050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
93c2c045217491c0522ba4f03186838b5c99d63cdd94d967e55a33b447d4ed0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"393 / 326 of 1000 / last-modified: 1578589733"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15914
x-xss-protection
0
expires
Fri, 10 Jan 2020 12:51:06 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1045369948&t=pageview&_s=1&dl=https%3A%2F%2Flalafo.tj%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20lalafo.tj%3A%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B2%20%D0%A2%D0%B0%D0%B4%D0%B6%D0%B8%D0%BA%D0%B8%D1%81%D1%82%D0%B0%D0%BD%D0%B5.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEIhB~&jid=568612364&gjid=890138157&cid=1409599693.1578660667&tid=UA-53215439-6&_gid=1148232216.1578660667&cg1=lalafo.tj&cg5=Desktop&cg3=Other%20pages&cg4=tajikistan&z=873340000
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jan 2020 18:58:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64345
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-53215439-6&cid=1409599693.1578660667&jid=568612364&gjid=890138157&_gid=1148232216.1578660667&_u=aHDAiEIhB~&z=1338682038
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-6&cid=1409599693.1578660667&jid=568612364&_v=j79&z=1338682038
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-6&cid=1409599693.1578660667&jid=568612364&_v=j79&z=1338682038&slf_rd=1&random=791795074
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-6&cid=1409599693.1578660667&jid=568612364&_v=j79&z=1338682038&slf_rd=1&random=791795074
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jan 2020 12:51:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Jan 2020 12:51:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-6&cid=1409599693.1578660667&jid=568612364&_v=j79&z=1338682038&slf_rd=1&random=791795074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1045369948&t=pageview&_s=1&dl=https%3A%2F%2Flalafo.tj%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20lalafo.tj%3A%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B2%20%D0%A2%D0%B0%D0%B4%D0%B6%D0%B8%D0%BA%D0%B8%D1%81%D1%82%D0%B0%D0%BD%D0%B5.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEIhB~&jid=626250175&gjid=428464102&cid=1409599693.1578660667&tid=UA-53215439-35&_gid=1148232216.1578660667&cg1=lalafo.tj&cg5=Desktop&cg3=Other%20pages&cg4=tajikistan&z=123035858
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jan 2020 18:58:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64345
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-53215439-35&cid=1409599693.1578660667&jid=626250175&gjid=428464102&_gid=1148232216.1578660667&_u=aHDAiEIhB~&z=1752416169
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-35&cid=1409599693.1578660667&jid=626250175&_v=j79&z=1752416169
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-35&cid=1409599693.1578660667&jid=626250175&_v=j79&z=1752416169&slf_rd=1&random=2156367248
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-35&cid=1409599693.1578660667&jid=626250175&_v=j79&z=1752416169&slf_rd=1&random=2156367248
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jan 2020 12:51:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Jan 2020 12:51:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53215439-35&cid=1409599693.1578660667&jid=626250175&_v=j79&z=1752416169&slf_rd=1&random=2156367248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=client/rt=j/sv=1/d=1/ed=1/am=gQc/rs=AGLTcCPqBV3I8WSHGVZdFwzpG63NJd9nNw/ 		288 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=client/rt=j/sv=1/d=1/ed=1/am=gQc/rs=AGLTcCPqBV3I8WSHGVZdFwzpG63NJd9nNw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
16a05e375ef097ef97b85b1392ea42acb32d31ee4d43c370771a2de037c6b4c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 10:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2019 23:42:29 GMT
server
sffe
age
353861
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
101381
x-xss-protection
0
expires
Tue, 05 Jan 2021 10:33:25 GMT
anchor
www.google.com/recaptcha/api2/ Frame BB04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=1vzzux8kgkbo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eQmzkx3d5dtuXlLOA4pEID3I/recaptcha__ru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rEheUNPo6J1xFb5//me2yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=1vzzux8kgkbo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://lalafo.tj/user/login
accept-encoding
gzip, deflate, br
cookie
NID=195=MrCmM5QsZmoQXmoRvjgLqULORpgAZ3fcy2lE3Xvt5DXa5g13SE44yvHqcDlSl9k-uXF6QKbv-Lw5Y27LJSEClmtBdDEdccWgMXXm1vCSo9dyc20_-QRtrFO8yAC9nRNF0rq9b9EgYwGfrr5CumH8PkHzvoUGNG_Slrf8i5gM_Cg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/user/login

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 10 Jan 2020 12:51:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-rEheUNPo6J1xFb5//me2yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9709
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
anchor
www.google.com/recaptcha/api2/ Frame D64C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=tsjp2aq7jfcn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eQmzkx3d5dtuXlLOA4pEID3I/recaptcha__ru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Rc2FbV74dhrZOAL3w0aFkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=tsjp2aq7jfcn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://lalafo.tj/user/login
accept-encoding
gzip, deflate, br
cookie
NID=195=MrCmM5QsZmoQXmoRvjgLqULORpgAZ3fcy2lE3Xvt5DXa5g13SE44yvHqcDlSl9k-uXF6QKbv-Lw5Y27LJSEClmtBdDEdccWgMXXm1vCSo9dyc20_-QRtrFO8yAC9nRNF0rq9b9EgYwGfrr5CumH8PkHzvoUGNG_Slrf8i5gM_Cg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/user/login

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 10 Jan 2020 12:51:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-Rc2FbV74dhrZOAL3w0aFkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9401
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
anchor
www.google.com/recaptcha/api2/ Frame 265C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=9emdsxfpt55v
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eQmzkx3d5dtuXlLOA4pEID3I/recaptcha__ru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2JNHY5TuyZmMuTQxnvY+OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&co=aHR0cHM6Ly9sYWxhZm8udGo6NDQz&hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&size=normal&cb=9emdsxfpt55v
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://lalafo.tj/user/login
accept-encoding
gzip, deflate, br
cookie
NID=195=MrCmM5QsZmoQXmoRvjgLqULORpgAZ3fcy2lE3Xvt5DXa5g13SE44yvHqcDlSl9k-uXF6QKbv-Lw5Y27LJSEClmtBdDEdccWgMXXm1vCSo9dyc20_-QRtrFO8yAC9nRNF0rq9b9EgYwGfrr5CumH8PkHzvoUGNG_Slrf8i5gM_Cg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/user/login

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 10 Jan 2020 12:51:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-2JNHY5TuyZmMuTQxnvY+OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8751
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
534858416675160
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/534858416675160?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
4aea153fe35031d0c8a0962b06505128e15ff431933a45d2cbb21fcc4410c820
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
E1eErAe8jHhhfMAaPvn7FhlcaUMsNEWD83Pl7m1EvbXzA28Rz4e+oOrivj/rbLT4RRtWlEWIv0lf6qMwqZwpUw==
x-fb-trip-id
1850256238
date
Fri, 10 Jan 2020 12:51:06 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=lalafo.tj
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=lalafo.tj
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js?21065354
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Fri, 10 Jan 2020 12:51:06 GMT
bframe
www.google.com/recaptcha/api2/ Frame 77C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=ea4ofzmbsn8z
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eQmzkx3d5dtuXlLOA4pEID3I/recaptcha__ru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DNX/x0L1mFGpq3ocvvXslw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=ea4ofzmbsn8z
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://lalafo.tj/user/login
accept-encoding
gzip, deflate, br
cookie
NID=195=MrCmM5QsZmoQXmoRvjgLqULORpgAZ3fcy2lE3Xvt5DXa5g13SE44yvHqcDlSl9k-uXF6QKbv-Lw5Y27LJSEClmtBdDEdccWgMXXm1vCSo9dyc20_-QRtrFO8yAC9nRNF0rq9b9EgYwGfrr5CumH8PkHzvoUGNG_Slrf8i5gM_Cg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/user/login

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 10 Jan 2020 12:51:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-DNX/x0L1mFGpq3ocvvXslw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
lalafo.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame 606E 		275 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/web_widget/lalafo.zendesk.com
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
94563a8d77bf90526f3a35b3928840a6af31f477d26c86a1007147d302f5e6a1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/user/login
Origin
https://lalafo.tj

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
status
200, 200 OK
strict-transport-security
max-age=0
x-request-id
e2e28973-75af-4709-8f8f-a8649484a104
x-runtime
0.029129
server
cloudflare
etag
W/"94563a8d77bf90526f3a35b3928840a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=600, s-maxage=60
cf-ray
552ec7d0483dd8b9-AMS
bframe
www.google.com/recaptcha/api2/ Frame 4CA2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=jifx1liiuhty
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eQmzkx3d5dtuXlLOA4pEID3I/recaptcha__ru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ecrWHECSU1dy20L5KMnPpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=jifx1liiuhty
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://lalafo.tj/user/login
accept-encoding
gzip, deflate, br
cookie
NID=195=MrCmM5QsZmoQXmoRvjgLqULORpgAZ3fcy2lE3Xvt5DXa5g13SE44yvHqcDlSl9k-uXF6QKbv-Lw5Y27LJSEClmtBdDEdccWgMXXm1vCSo9dyc20_-QRtrFO8yAC9nRNF0rq9b9EgYwGfrr5CumH8PkHzvoUGNG_Slrf8i5gM_Cg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/user/login

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 10 Jan 2020 12:51:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-ecrWHECSU1dy20L5KMnPpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
bframe
www.google.com/recaptcha/api2/ Frame 5DE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=20oezybayank
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eQmzkx3d5dtuXlLOA4pEID3I/recaptcha__ru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EWmMjqGBE0Heq/qNndQeaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=ru&v=eQmzkx3d5dtuXlLOA4pEID3I&k=6LcaME8UAAAAAAAgidjyJ4YsrVA3Kvdo-bf9yxT3&cb=20oezybayank
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://lalafo.tj/user/login
accept-encoding
gzip, deflate, br
cookie
NID=195=MrCmM5QsZmoQXmoRvjgLqULORpgAZ3fcy2lE3Xvt5DXa5g13SE44yvHqcDlSl9k-uXF6QKbv-Lw5Y27LJSEClmtBdDEdccWgMXXm1vCSo9dyc20_-QRtrFO8yAC9nRNF0rq9b9EgYwGfrr5CumH8PkHzvoUGNG_Slrf8i5gM_Cg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/user/login

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 10 Jan 2020 12:51:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-EWmMjqGBE0Heq/qNndQeaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=534858416675160&ev=PageView&dl=https%3A%2F%2Flalafo.tj%2Fuser%2Flogin&rl=&if=false&ts=1578660667034&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1578660667034.511901815&it=1578660666759&coo=false&rqm=GET
Requested by
Host: lalafo.tj
URL: https://lalafo.tj/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lalafo.tj/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Fri, 10 Jan 2020 12:51:07 GMT
9402b0744b408b5beb9f54dbaf579aa0a78a4984
ekr.zdassets.com/compose_product/web_widget/ Frame 606E 		339 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose_product/web_widget/9402b0744b408b5beb9f54dbaf579aa0a78a4984?features[]=help_center&features[]=ticket_submission&use_json=true
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
787e547207ff31615c9cbccab872b909dc20e112a91ded03332a9049a50f9ae5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://lalafo.tj/user/login
Origin
https://lalafo.tj

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
HIT
age
1954
status
200, 200 OK
strict-transport-security
max-age=0
x-request-id
d4dafd22-4344-4c0f-9e9c-e5e72f8ee26a
x-runtime
0.004459
server
cloudflare
etag
W/"787e547207ff31615c9cbccab872b909"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=31536000
cf-ray
552ec7d1ab91d8b9-AMS
runtime.d42d7bacc616ff81864a.js
static.zdassets.com/web_widget/latest/ Frame 7428 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/runtime.d42d7bacc616ff81864a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c30d505ea46d6fe1310ff6d7937a5a24baaa10add6a8262f47f01e48099f0964
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
378392
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
C3DD3E0CA6161043
x-amz-id-2
1eW2lQtnAXnFjM5ewIwZ412OzsRt2Kt1QJ1K7WbhITFTSzW5N0J6HZdxEL+Y0Z7C38dJs9KcMAU=
last-modified
Mon, 06 Jan 2020 01:34:41 GMT
server
cloudflare
etag
W/"e710079b74190494c4e7d427dff3d90d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
8mkcVWT.XetZs1kHGtYguO1vbpWhEwFF
cf-ray
552ec7d1d8859d24-AMS
expires
Tue, 05 Jan 2021 01:34:40 GMT
common_vendor.42c113f847a5fac8c457.js
static.zdassets.com/web_widget/latest/ Frame 7428 		399 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/common_vendor.42c113f847a5fac8c457.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea062fe96a930bc20703961612837b91044300db85ae6849c6ba44dfc3f40a44
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
378392
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
A6BE9F9B6BAB32DE
x-amz-id-2
PAIoXF/GE5/fzNnva9nD8OPgbUrqb+A8CiZlNskbrnRqTGV1BC3FDW0IHLwtDZNW3TmRdFM5Ba8=
last-modified
Mon, 06 Jan 2020 01:34:41 GMT
server
cloudflare
etag
W/"a2c41beb7bb00ed28cc72afa8d68876a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Lz7EBpODuV8znftSFsqnhT0p4pl8_ElV
cf-ray
552ec7d1d8869d24-AMS
expires
Tue, 05 Jan 2021 01:34:40 GMT
web_widget.db55b0287300b3f1af43.js
static.zdassets.com/web_widget/latest/ Frame 7428 		2 MB
320 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.db55b0287300b3f1af43.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e8a946a9ce5fd222fad067a418fc123c001fe72dd9b8f7230603e826dd174c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
38
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
E4A2921255390EEF
x-amz-id-2
OojWyuhGnzxBxzf2hNjr5m6DqjEzzZNCC1XLRVpnytcYfrJ7CexoKELHbQaU629xnJ8trC93naU=
last-modified
Tue, 07 Jan 2020 22:35:13 GMT
server
cloudflare
etag
W/"8839508bb3ed9900c69d150031b2de65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
x4y3l1_3Zv02teMDsleobZy2xUg1n.9a
cf-ray
552ec7d1d8879d24-AMS
expires
Wed, 06 Jan 2021 22:35:12 GMT
config
lalafo.zendesk.com/embeddable/ Frame 7428 		382 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lalafo.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/common_vendor.42c113f847a5fac8c457.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.55.111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
67953fdba491e56adaec7ae37f852d6442a54d4fd1ca2c20e32136ea482a682e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://lalafo.tj

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200
vary
Origin, Accept-Encoding
x-request-id
552ec7d3bd939d72-FRA
x-runtime
0.000849
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server
embeddable-app-server-66d47f8c5d-dprkz
cf-ray
552ec7d3bd939d72-AMS
ru.9a949184fdaa6202260a.js
static.zdassets.com/web_widget/latest/locales/ Frame 7428 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/locales/ru.9a949184fdaa6202260a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.db55b0287300b3f1af43.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.73.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffe3c48fd4f83ae5ca7a8b98d16117925a50aa9b048c318e65c28b3b8d56166a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4016259
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
7F1E753DA626B662
x-amz-id-2
Q4sFeBap8NTQoaKueIs3SethRTLLRkQ50fpNpXtbg4fCNgjeJdpsN/M5JQcQgjDvaEXRTzqo8OM=
last-modified
Mon, 25 Nov 2019 00:55:32 GMT
server
cloudflare
etag
W/"9a949184fdaa6202260a093b4358ec61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
pHzqLLqCRzbI5kecd_76Flx5Q89jDlzg
cf-ray
552ec7d41a7d9d24-AMS
expires
Tue, 24 Nov 2020 00:55:31 GMT
/
www.facebook.com/tr/ 		0
79 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lalafo.tj/user/login
Origin
https://lalafo.tj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary4weUIasAdDxDAvKu

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://lalafo.tj
date
Fri, 10 Jan 2020 12:51:07 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
embeddable_blip
lalafo.zendesk.com/ Frame 7428 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lalafo.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vbGFsYWZvLnRqL3VzZXIvbG9naW4iLCJ0aW1lIjoyMTYsImxvYWRUaW1lIjpudWxsLCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoi0KHQtdGA0LLQuNGBINC%2B0LHRitGP0LLQu9C10L3QuNC5IGxhbGFmby50ajog0LHQtdGB0L%2FQu9Cw0YLQvdCw0Y8g0LTQvtGB0LrQsCDQvtCx0YrRj9Cy0LvQtdC90LjQuSDQsiDQotCw0LTQttC40LrQuNGB0YLQsNC90LUuIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc5LjAuMzk0NS44OCBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6ImEyNDRkYjdkOTMxMGVkYWM2NGRmNzczNDAzNjIzYmY0Iiwic3VpZCI6IjRlYjBiYTAzYjQyYTUyZDkzODBmZDE5NWIxNjgxYTM4IiwidmVyc2lvbiI6Ijk0MDJiMDc0NCIsInRpbWVzdGFtcCI6IjIwMjAtMDEtMTBUMTI6NTE6MDcuNjMxWiIsInVybCI6Imh0dHBzOi8vbGFsYWZvLnRqL3VzZXIvbG9naW4ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/common_vendor.42c113f847a5fac8c457.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.55.111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://lalafo.tj

Response headers

date
Fri, 10 Jan 2020 12:51:07 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lalafo.tj
accept-ranges
bytes
cf-ray
552ec7d4ce729d72-AMS
content-length
0

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga string| languageId string| languageUrl string| baseUrl number| countryId string| languageCurrent object| dataLayer function| zEmbed function| zE object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| fbq function| _fbq object| recaptcha function| _createClass function| _classCallCheck function| Cookie function| EventHelper string| cookieName number| expireTime function| Session function| UserHash function| ElementViewer object| V3Analytic object| Main function| scrollFunction function| topFunction function| textAreaAdjust function| scrollPaymentTable function| disableScrollButtons function| paymentError function| closeMessage function| sendConfirmCode function| deleteAccount function| closeCookieInformer function| submitAddComplain function| removeAvatarConfirm function| removeAvatar function| seoSpoiler function| getAuthPopup boolean| loadProgress function| loadMorePro number| pageProAccounts boolean| nextProAccounts boolean| loadProgressProAccounts object| proAccountsBlock function| loadProAccounts function| clickableCell function| onKeyPress function| readMoreSpoiler function| readLessSpoiler function| dropDownIcon function| mobileAppsClose object| favoritesIds function| enableFavorites function| clearStorage function| getFromStorage function| setToStorage function| addToFavorites function| removeFromFavorites function| stayHere function| showCities function| getPassword function| deleteAd function| renderImageFromInput object| filePath object| emptyPath function| changeAvatar function| resetAvatar string| url string| endpoint boolean| isSubscribed object| swRegistration function| urlB64ToUint8Array function| initOnLog function| subscribeUser function| unsubscribeUser function| subscriptionOnServer string| serviceWorkerUrl number| totalClicks function| Frm object| AnalyticsLogger object| swfobject object| dtjava string| deviceFingerprint string| deviceFingerprintForCustomerId string| customerId string| fingerprintParams string| salt object| evercookieOptions object| fingerprintForCustomerIdOptions object| ec object| FingerprintParamsHandler object| dialog function| removeDoubleSelect function| grabFormErrors object| googletag function| $ function| jQuery object| yii function| Tether object| lil function| md5 boolean| postponeNativePluginInstallation function| _evercookie_flash_var function| Evercookie function| evercookie function| Fingerprint2 object| html5 object| Modernizr function| yepnope object| respond object| intlTelInputUtils function| recaptchaOnloadCallback string| env object| gapi object| ___jsl object| closure_lm_992322 object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| gadgets object| osapi object| shindig object| googleapis object| oauth2 object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id boolean| zEACLoaded function| $zopim

9 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 195=MrCmM5QsZmoQXmoRvjgLqULORpgAZ3fcy2lE3Xvt5DXa5g13SE44yvHqcDlSl9k-uXF6QKbv-Lw5Y27LJSEClmtBdDEdccWgMXXm1vCSo9dyc20_-QRtrFO8yAC9nRNF0rq9b9EgYwGfrr5CumH8PkHzvoUGNG_Slrf8i5gM_Cg
.lalafo.tj/ Name: _fbp
Value: fb.1.1578660667034.511901815
.lalafo.tj/ Name: _gat_global
Value: 1
.lalafo.tj/ Name: _gat
Value: 1
lalafo.tj/ Name: event_user_hash
Value: b69fb978-0937-43ff-8acc-b86a28c6c7e6
.lalafo.tj/ Name: _gid
Value: GA1.2.1148232216.1578660667
.lalafo.tj/ Name: _ga
Value: GA1.2.1409599693.1578660667
lalafo.tj/ Name: _csrf
Value: 32dfe8d5ee130fce9c2b7e069ede295c3e000d523859fb91469741ccb0064c92a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22isYdcDxaC5sHqtsSGosWQaicuUFrM3Vk%22%3B%7D
.lalafo.tj/ Name: PHPSESSID
Value: b7610533773de26cfb31db892cfe58f6

4 Console Messages

Source Level URL
Text
console-api log URL: https://lalafo.tj/assets/js-compress/b8396150b382f7d4fd01708c19dbbe3c.js?v=1578064050(Line 7)
Message:
JQMIGRATE: Migrate is installed, version 3.0.0
console-api warning URL: https://lalafo.tj/assets/js-compress/b8396150b382f7d4fd01708c19dbbe3c.js?v=1578064050(Line 162)
Message:
Push messaging is not supported
console-api log URL: https://lalafo.tj/assets/js-compress/b8396150b382f7d4fd01708c19dbbe3c.js?v=1578064050(Line 83)
Message:
generating uuid: b69fb978-0937-43ff-8acc-b86a28c6c7e6
console-api info URL: https://static.zdassets.com/web_widget/latest/common_vendor.42c113f847a5fac8c457.js(Line 9)
Message:
Our embeddable contains third-party, open source software and/or libraries. To view them and their license terms, go to http://goto.zendesk.com/embeddable-legal-notices

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
assets.zendesk.com
connect.facebook.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
lalafo.esclick.me
lalafo.tj
lalafo.zendesk.com
securepubads.g.doubleclick.net
static.zdassets.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.16.55.111
104.18.71.113
104.18.73.113
172.217.23.98
176.9.70.177
2a00:1450:4001:800::200e
2a00:1450:4001:808::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:821::2008
2a00:1450:4001:825::2003
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.229.41.10
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
16a05e375ef097ef97b85b1392ea42acb32d31ee4d43c370771a2de037c6b4c1
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1cce3a1a0af4fb750a019975bb23ba641a0ab44bedb07b960398bd1fcbfbb624
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
24af44bdcad1ddc7773aa41ce039949a582fc4a146fe2046ed59546bd6e5332b
3e44c7dae99f05dced214960c95d519849e8087c553d82408aa0bc89b309d3a5
4aea153fe35031d0c8a0962b06505128e15ff431933a45d2cbb21fcc4410c820
4d88f10652c5b8b6f478077c86abd99a3a0cf893c62d777dea0ef0b54181841a
4fa3ebd61f05ff8c38462bfd45471fb8e769eab4f0a351bb9b76afc5d4d4f33e
52a30fb0f46c29e59a33460d288194e92c832e076081814a57908952c7ce68a5
5ba963c74c35592c028c823bc5df98e1e1769b633295985ea18aa32da9248fb4
67953fdba491e56adaec7ae37f852d6442a54d4fd1ca2c20e32136ea482a682e
68ef14094971c85cb858a14229b66434ba058647685e7995efeb003907843680
74231eb968cbdb3e9274fa40905b983cdfd39575175da2a3eef4ba0c4a8b7294
787e547207ff31615c9cbccab872b909dc20e112a91ded03332a9049a50f9ae5
812508ca7f2fa3a8a8bb448f3359a2ae7c94013208e57b58e867bac863b73882
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
886377d2c328ffdcb3b8790aa71d95b80f0520a1a44bc5e0c40b3ab9ddcb6a2b
895e5d76e6fb3e2badc7b9f5e48bbe2cdc56ac5c2abf2ebede038b386a074c17
8cdecc18299a148960d266b7ce98f3c1b95cda2824ca71cc214e8a38be427429
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93c2c045217491c0522ba4f03186838b5c99d63cdd94d967e55a33b447d4ed0e
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
94563a8d77bf90526f3a35b3928840a6af31f477d26c86a1007147d302f5e6a1
ae184cd595b89f965d824a9e8748f6ec8f8d3a76ce836e054162207ccb69c251
c30d505ea46d6fe1310ff6d7937a5a24baaa10add6a8262f47f01e48099f0964
d1e8a946a9ce5fd222fad067a418fc123c001fe72dd9b8f7230603e826dd174c
d7edf3fa1d2158fe2cca63b8bcba4966a97522fceb75ba66e085bb2084ab45fb
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e488069576ed2e94e2e16649a5e290517e0325eeadee2c1e90ac52f8c72d10ac
e9c6530eed387a592ab652960ec505ef2a2c09e5cccedbf3739e9d835bb4dc65
ea062fe96a930bc20703961612837b91044300db85ae6849c6ba44dfc3f40a44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c9ef010b9b7280d0e123c57ffc483892410dc453739b658fb70c36590657ce
ffe3c48fd4f83ae5ca7a8b98d16117925a50aa9b048c318e65c28b3b8d56166a