urlscan.io logo urlscan.io
SecurityTrails logo

pt.magicmodapk.com Open in urlscan Pro
172.67.153.132  Public Scan

Go To Rescan Add Verdict Report
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Submission: On November 02 via api from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 34 HTTP transactions. The main IP is 172.67.153.132, located in United States and belongs to CLOUDFLARENET, US. The main domain is pt.magicmodapk.com.
TLS certificate: Issued by WE1 on October 18th 2024. Valid for: 3 months.
This is the only time pt.magicmodapk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    172.67.153.132 (United States)

ASN13335 (CLOUDFLARENET, US)
pt.magicmodapk.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.pubxmedia.com
i.git99.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
5    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ba29282f7f1f53cb2919e1e53d9d04e7.safeframe.googlesyndication.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
ba29282f7f1f53cb2919e1e53d9d04e7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
92 KB
9 magicmodapk.com
pt.magicmodapk.com
63 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 517
104 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
183 KB
1 gstatic.com
fonts.gstatic.com
35 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
107 KB
1 git99.com
i.git99.com — Cisco Umbrella Rank: 163852
11 KB
1 pubxmedia.com
cdn.pubxmedia.com — Cisco Umbrella Rank: 971722
4 KB
34 10
Domain Requested by
9 pt.magicmodapk.com pt.magicmodapk.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pt.magicmodapk.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pt.magicmodapk.com
2 securepubads.g.doubleclick.net cdn.pubxmedia.com
securepubads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com pt.magicmodapk.com
1 ba29282f7f1f53cb2919e1e53d9d04e7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 i.git99.com pt.magicmodapk.com
1 cdn.pubxmedia.com pt.magicmodapk.com
34 12
Subject Issuer Validity Valid
magicmodapk.com
WE1		 2024-10-18 -
2025-01-16		 3 months crt.sh
pubxmedia.com
WE1		 2024-10-01 -
2024-12-30		 3 months crt.sh
git99.com
WE1		 2024-10-16 -
2025-01-14		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
misc-sni.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Frame ID: 8C3FCA1767269DE0DE542FFB5DF68FF2
Requests: 20 HTTP requests in this frame

Frame: https://ba29282f7f1f53cb2919e1e53d9d04e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 57B3BF63E593C2A7FC93C7F59D461245
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 9B1CB722B35F3064FAE187C61C7CD34A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Frame ID: 12F94406D5B91A2B8765D51EBF6B0C8D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Photoroom AI Photo Editor v5.5.7 Mod APK Unlocked/Pro grátis Baixar.

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

91 %
HTTPS

55 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

601 kB
Transfer

1671 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/ 		46 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9610e58bd71a5ace6871376bdfc6dd39eb2d530ba85c29641c67c2e47757702c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dc50c43db153847-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 02 Nov 2024 15:09:50 GMT
expires
Sun, 03 Nov 2024 15:09:50 GMT
last-modified
Sat, 02 Nov 2024 15:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynjzPs1uDza1oLiWEoFB%2BYQzb6cIEVLexho9w%2BP6fszT4AoRac3eNHZRVvxyvSiPMJEuS8jOflNWJDoQo%2FrMQIpcyadaTQ1xPZRVzcpN0%2FpnsSAJYgOjLVAdZBL63Ehxzti2tJ0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=44077&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4175&recv_bytes=4521&delivery_rate=432&cwnd=12000&unsent_bytes=0&cid=df3a57d53f001400&ts=206&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
jsloader.php
pt.magicmodapk.com/202209/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d2efd99e33acdafb6829999261f804bb316f9137e91af42c8fb8a4eb3a77ff8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/

Response headers

cache-control
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cI5fUcVoYPufAQgDh%2FgkUWUfgobg2IRl%2FFoWiXmnL4SMhdC%2Fnvfb0wPzk2RZZoocO%2BBndBRxFp2ssKDXn1ZRWmbAG%2BJpf5U3TeXhWggUU9RTdZuKfGt9X3TiJq6V118tkUMAunY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc50c451c3b3847-MAD
expires
Sat, 02 Nov 2024 15:09:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43898&sent=25&recv=19&lost=0&retrans=0&sent_bytes=14180&recv_bytes=5894&delivery_rate=15343&cwnd=12000&unsent_bytes=0&cid=df3a57d53f001400&ts=372&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
jsloader.php
pt.magicmodapk.com/202209/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt.magicmodapk.com/202209/jsloader.php?f=jquery-3.6.1.min.js@lozad.min.js@common.js@imglozad.js@pdt.js
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa77814bb7e4476a7ef6584a1cc99709534706c20fb52a5c0732beb816c60a9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pt.magicmodapk.com
Referer
https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/

Response headers

cache-control
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FoTd03Ev7A0Fa6DIJTx3wnZ4Bb%2B%2FrgyBNyzWdq3zf8oNyluFwK4amMdGYAHJ0q%2BkvQXaUuXmSoz1e0nGhOCpMQmnfIOn9A3i%2BAXI4vb7oAgpNWxZuOxpQpwFSsMPneE3YorJXlM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc50c451c3f3847-MAD
expires
Sat, 02 Nov 2024 15:09:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43898&sent=31&recv=19&lost=0&retrans=0&sent_bytes=20212&recv_bytes=5894&delivery_rate=15343&cwnd=12000&unsent_bytes=0&cid=df3a57d53f001400&ts=402&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
display.js
cdn.pubxmedia.com/library/magicmodapk.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pubxmedia.com/library/magicmodapk.com/display.js
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9670a2f1aeb1e2b98b323770b0db2fc6d67992e09639b716b3bdd417a1a061d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
412217
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvQRc%2BCt6WY7zZabfmxP7KCpDvZFHcHkKf%2F9A1PwGbM6kiBW3ns4PfOkQh%2BKsl5LIFDcioyNPbJe3uOhLz%2BFQxUAIxsWL%2BeIyT%2FAsYYlMiO%2BElvF3fg3HsB4iMt1%2FBsIsBJ%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 04 Nov 2024 20:39:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41734&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4146&recv_bytes=4280&delivery_rate=69863&cwnd=12000&unsent_bytes=0&cid=36271545722376d0&ts=81&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
application/javascript
last-modified
Sat, 18 May 2024 09:47:18 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc50c4599c3cf98-MAD
x-turbo-charged-by
LiteSpeed
server
cloudflare
f1c181612b0086036a27f236fe227326.jpg
i.git99.com/upload/android/icon/2024/04/11/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.git99.com/upload/android/icon/2024/04/11/f1c181612b0086036a27f236fe227326.jpg
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adea2b9f4d4c477e98a898d620297199aec41dfa8591b045c5634c1052c9c1c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

cf-cache-status
HIT
etag
"66171817-2847"
age
517526
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OdoF5im1HYVJU8tuWQC0jcPJLJQyN0vzkKeGCgxKfY8gHw5qq6SGBVPbqFMT8AdcV%2FbtOdjT6LJi28bBusjh61IlAypE3OwtaLCgXTZfhfmIEmqvlg1m6s2dkVui%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 26 Nov 2024 15:24:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41614&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4153&recv_bytes=4346&delivery_rate=77533&cwnd=12000&unsent_bytes=0&cid=df6eab4f868e3064&ts=77&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
image/jpeg
last-modified
Wed, 10 Apr 2024 22:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc50c459842d052-MAD
accept-ranges
bytes
content-length
10311
server
cloudflare
email-decode.min.js
pt.magicmodapk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt.magicmodapk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"671bcbe9-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hlceh1s05bFglz84Y4lPfjTw4y7E8ZmMe8y6tq3VjoVRvkvewh7aOmd%2FCaUg6ejF3ATHqQwa0b8hj4JOXoXVbM2hwlt%2BQhieeZf4ye%2FiyBRdm6Q2bB5jEt7GNOKBzPhC6RWnd5E%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8dc50c451c423847-MAD
expires
Mon, 04 Nov 2024 15:09:50 GMT
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 16:48:41 GMT
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.pubxmedia.com
URL: https://cdn.pubxmedia.com/library/magicmodapk.com/display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8e0d2407b265d9221df87328e11d9a13118f90467dd6a8598e9e86d628c4bf9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
etag
306 / 20029 / 31088559 / config-hash: 10257544082128673461
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 15:09:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33701
x-xss-protection
0
server
cafe
navbj.png
pt.magicmodapk.com/static/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pt.magicmodapk.com/static/img/navbj.png
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab098d833582b1845c31f72798a04916074cae513b76315d5960970e6b1b024

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css

Response headers

cf-cache-status
REVALIDATED
etag
"6639f718-473"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18XYkDfsAzkRtLpoHtwYk36e8pfgWKmeuVCMgsXM8jtrSq8WlC5XtNho5nBBbb9ctdEacSKcUYx4LnPyN%2BqlpftSQb%2FgLNR2VCcz365aIYX5hgaz9oAJO36VZuTU7%2FFn3nbEFRs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46705&sent=69&recv=42&lost=0&retrans=0&sent_bytes=61537&recv_bytes=8297&delivery_rate=515831&cwnd=32400&unsent_bytes=0&cid=df3a57d53f001400&ts=532&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
image/png
last-modified
Tue, 07 May 2024 09:40:40 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc50c460d143847-MAD
accept-ranges
bytes
content-length
1139
server
cloudflare
logo.png
pt.magicmodapk.com/static/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pt.magicmodapk.com/static/img/logo.png
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f634c325d043864e8bbe7dbdab11fbe6fba910cff944dbfee1aeb018f2cae8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css

Response headers

cf-cache-status
REVALIDATED
etag
"6639f718-454"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sjjlr%2FIaL0lWR0aFDpfHXUEkaFrlvKt%2BeGzXjfw9jSUuIqIL4YZSopz46NPDXC%2FwXDdT26iaQNC4CRPl6LOSQRbPOF5%2FmUdt9h1rkfq43Gn9X0bYJfbvuDgbZ4fijJTe%2Fiq1rp4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46705&sent=71&recv=42&lost=0&retrans=0&sent_bytes=63381&recv_bytes=8297&delivery_rate=515831&cwnd=32400&unsent_bytes=0&cid=df3a57d53f001400&ts=552&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
image/png
last-modified
Tue, 07 May 2024 09:40:40 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc50c460d173847-MAD
accept-ranges
bytes
content-length
1108
server
cloudflare
flag1.png
pt.magicmodapk.com/static/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pt.magicmodapk.com/static/img/flag1.png
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44cc5de8ea7cabcdc768722a0a6e3eafe84afe6a15e758116539a8bf06a3e1dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css

Response headers

cf-cache-status
REVALIDATED
etag
"6639f714-10ee"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=De979TuqqodiI3OlkyT5IAEy2b2dMAKIizDjv2m6T1VYgVRXoLyilHO4N3ZbapvQB8MPRgzCJvwWzOmRp5G2pvXD2DfmBA9gSI0iXFGviseyzlqtgmO4G4IoxyEmW8zCxwHex0I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46705&sent=64&recv=42&lost=0&retrans=0&sent_bytes=56428&recv_bytes=8297&delivery_rate=515831&cwnd=32400&unsent_bytes=0&cid=df3a57d53f001400&ts=519&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
image/png
last-modified
Tue, 07 May 2024 09:40:36 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc50c460d183847-MAD
accept-ranges
bytes
content-length
4334
server
cloudflare
home-icon.png
pt.magicmodapk.com/static/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pt.magicmodapk.com/static/img/home-icon.png
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32683c2458d9ad352cb0c0c56f455080f19099da38623aaee642ec139a87cca4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/202209/jsloader.php?f=common.css@list.css@product-details.css@pdt.css

Response headers

cf-cache-status
REVALIDATED
etag
"663c9561-b82"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BekHUSaUvvJd2ohItNFL7F%2FuNkulHfLspNg%2F4ojnY7PYdrnR6QUzzVVP%2BdZEpd%2FJmOXaY2WIBeRyCeR8VZoJuWhIAomUTmnudh8Bu0Lq%2Fs%2BCIl4L1aRDsnxs8wVDFmiYkAPGkCs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46705&sent=73&recv=42&lost=0&retrans=0&sent_bytes=65199&recv_bytes=8297&delivery_rate=515831&cwnd=32400&unsent_bytes=0&cid=df3a57d53f001400&ts=557&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:50 GMT
content-type
image/png
last-modified
Thu, 09 May 2024 09:20:33 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc50c460d1a3847-MAD
accept-ranges
bytes
content-length
2946
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/ 		483 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d630051aa81b7895bed44adcca3d35bbf6c0aa68eb99446712e43cf0d34386d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
etag
16074489216520974051
age
503
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 15:01:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 02 Nov 2024 15:01:27 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
153218
x-xss-protection
0
server
cafe
ads
pagead2.googlesyndication.com/gampad/ 		66 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=4260746972605437&correlator=1174404695669600&eid=31088368%2C31088371%2C31088373%2C31085777%2C31088559&output=ldjh&gdfp_req=1&vrg=202410290101&ptt=17&impl=fifs&iu_parts=23081990290%3A22869266701%2Cmagicmodapk.com.Banner0.1713351096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C300x250%7C300x600%7C320x280%7C336x280%7C360x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1730560191245&lmt=1730560190&adxs=650&adys=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpt.magicmodapk.com%2Fphotography%2F42639-photoroom-ai-photo-editor%2F&vis=1&psz=1120x0&msz=300x0&fws=4&ohw=1600&td=1&egid=40718&tan=6e7ca823-be07-4b08-bcb7-025b5f8b6ce2&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730560190216&idt=987&adks=2489080962&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9c03c720711c7f7b3ac9d50c141e0ab4a6d8a1cdc7f46763841d6ff6acfe6320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
br
google-lineitem-id
-1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 02 Nov 2024 15:09:52 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pt.magicmodapk.com
content-length
13878
x-xss-protection
0
server
cafe
ads
pagead2.googlesyndication.com/gampad/ 		549 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=4260746972605437&correlator=1174404695669600&eid=31088368%2C31088371%2C31088373%2C31085777%2C31088559&output=ldjh&gdfp_req=1&vrg=202410290101&ptt=17&impl=fifs&iu_parts=23081990290%3A22869266701%2Cmagicmodapk.com.Banner0.1713351173&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C300x100%7C320x50%7C320x100%7C970x90&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1730560191256&lmt=1730560190&adxs=650&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpt.magicmodapk.com%2Fphotography%2F42639-photoroom-ai-photo-editor%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&td=1&egid=40718&tan=6e7ca823-be07-4b08-bcb7-025b5f8b6ce3&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730560190216&idt=987&adks=3374445348&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8e590ea811731632f260f5e7eef9d278af1567070d9ffb0743cbced1a3b6d13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 02 Nov 2024 15:09:51 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pt.magicmodapk.com
content-length
237
x-xss-protection
0
server
cafe
container.html
ba29282f7f1f53cb2919e1e53d9d04e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 57B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ba29282f7f1f53cb2919e1e53d9d04e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.magicmodapk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 15:09:51 GMT
expires
Sat, 02 Nov 2024 15:09:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		321 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-01G7TY8TBZ
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/202209/jsloader.php?f=jquery-3.6.1.min.js@lozad.min.js@common.js@imglozad.js@pdt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92d2f9529217d63cba93b490c9221a045c3942f164a62b61b4760fb7eb25063c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 02 Nov 2024 15:09:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:09:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108928
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-01G7TY8TBZ&gtm=45je4au0v9170308633za200&_p=1730560191271&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=982954975.1730560192&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fmagicmodapk.com%2Fpt%2Fphotography%2F42639-photoroom-ai-photo-editor%2F&sid=1730560191&sct=1&seg=0&dt=Photoroom%20AI%20Photo%20Editor%20v5.5.7%20Mod%20APK%20Unlocked%2FPro%20gr%C3%A1tis%20Baixar.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1827
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-01G7TY8TBZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pt.magicmodapk.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:09:51 GMT
content-type
text/plain
server
Golfe2
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
37b83c10fa733bdbfcbd2088c15ad7767d42615ed7e1a146f621596f8d93afd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13116
date
Sat, 02 Nov 2024 15:09:51 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
pt.magicmodapk.com/ 		9 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pt.magicmodapk.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6e841f0d31b7b5981366b2e99cd6550407485c2b22cf746985e56142dd1767

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"65b0c689-25be"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9WZupobZ2CNYyLUI9QzZG5I%2FTHEa2F7%2BIrOPlVE6c32mfcQzTBpc7R%2BHRnjNKHkh%2BvhFp7DESssjLrOwafI5w2LrJG6F8qDXUIWn%2BaDOFvr8KjWpd5VNt%2FqS7BENolYbDr48c7I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc50c4ebcb83847-MAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44926&sent=79&recv=50&lost=0&retrans=0&sent_bytes=68951&recv_bytes=9051&delivery_rate=308891&cwnd=32400&unsent_bytes=0&cid=df3a57d53f001400&ts=1942&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 02 Nov 2024 15:09:51 GMT
content-type
image/x-icon
last-modified
Wed, 24 Jan 2024 08:12:57 GMT
vary
Accept-Encoding
priority
u=1,i
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 15:09:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:09:52 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 9B1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.magicmodapk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1357
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 14:47:15 GMT
expires
Sat, 02 Nov 2024 15:37:15 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012406241625000/ Frame 12F9 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
etag
"cc18f0752fb26ed7"
age
257048
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:45:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:45:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56144
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 12F9 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
etag
"a54ee7ef81300879"
age
257834
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:32:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:32:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5218
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 12F9 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
etag
"ed67e306da4f50af"
age
257665
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:35:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:35:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29004
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 12F9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
etag
"318c9ffc754fdb7f"
age
44704
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 02:44:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 02:44:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1913
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 12F9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406241625000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
br
etag
"6b189ee8e91db6e8"
age
257540
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:37:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:37:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12940
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame 12F9 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 15:09:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:09:52 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 02 Nov 2024 14:58:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
14763004658117789537
tpc.googlesyndication.com/simgad/12416315842159757022/ Frame 12F9 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12416315842159757022/14763004658117789537
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e18371c89840d923e59e07b0248b50ceadf00b37579d82e82d3b30023c193e72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

age
257546
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:37:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 30 Oct 2024 15:37:26 GMT
last-modified
Thu, 30 May 2024 14:09:45 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
56133
x-xss-protection
0
server
sffe
truncated
/ Frame 12F9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b698acef06f5e47bfc1c9bb3ad3c46e31065d807e48a4f688888e69e6df0ceb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
pt.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 12F9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
7735524722462771930
age
84796
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 15:36:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2886
x-xss-protection
0
date
Fri, 01 Nov 2024 15:36:36 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 12F9 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: pt.magicmodapk.com
URL: https://pt.magicmodapk.com/photography/42639-photoroom-ai-photo-editor/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pt.magicmodapk.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
6766994032117382215
age
55966
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 23:37:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
344
x-xss-protection
0
date
Fri, 01 Nov 2024 23:37:06 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
adview
pagead2.googlesyndication.com/pagead/ Frame 12F9 		0
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v62/ Frame 12F9 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pt.magicmodapk.com
Referer
https://fonts.googleapis.com/

Response headers

age
257704
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:34:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:34:48 GMT
last-modified
Tue, 29 Oct 2024 18:37:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36216
x-xss-protection
0
server
sffe
view
pagead2.googlesyndication.com/btr/ Frame 12F9 		0
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=C0kx8v0AmZ_qPMvGn9u8Ptr-04QjY97CdeqLo5tWbEqer9P0IEAEg44TEoQFg1bXXAqABrdSE5D3IAQmpAiS00t1ELbI-4AIAqAMByAMKqgTvAk_Qp_6RNKqlKai_QRdkjNIcmsrBNTPjoyljKnEmUNyUNbLWQddSOk6E5uohEq7HDTSSeV7f6cwsOzAanl4wy71bDLd5og4FcACjfzDEmUodIvrde6d0IatwcnkFQQPr8aB5gxAs0_R_kBDGBDyHi0HO-88OVZZj7Xvwd37zPqEMusC8hPEehxkCEWgmKyQcOlQ0RnVpou4lSNkax2Gd_9bh5CkYbiPlnzpvqfnwjb0S183XKMsl9Rwyx5iRuSHdeFqVAtmWu502HzDeb0zw86CQVDSKWHkrxQ1_lQuh-R_5Zmt8sdfnxC514Qe2WsCP3_84zjaKtyTYEEoAnU7BOnFrwtPV-fRL-7UtD5cGStOYSlsbRuZJAqt5B6IM1ydaNVZf4rUG-BOsu3zkR47lmqgZ1d6fK1U0C01B2m_VHqp-jnrAD6VjWfN8eIK-_s8PA0Qx3m1jBh7gWLVU68ZTLIczCNPzapH5p7TIAnglMx3ABI-o3qPxBOAEAYgFvvyuhlCSBQQIBBgBkgUECAUYBKAGLoAHlsupxBioB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEJ_VAtIILAiR4YBwEAEYHTIH64uA4L-AAToKAICAgICAlK7gA0i9_cE6WP-h5Yv3vYkDmgmvAWh0dHBzOi8vbXVwdW5jYS5jb20vP2Zsb3c9ZjM0NTMmcGlkPWU2YzZkZGEzMWMyNjMzNjdjYzNhOWJkNWE3Y2RmMDhlJmdhX2NvbnZfaWQ9Njg1MzcyNDMxMCZnYV9tY2NfaWQ9T0ZGXzY0MC0yNjktMDQyNyZnYV9zaWdjb252X2lkPTY4MjE3MTA3MzQmcndfdG9rZW49RVIyZzFMc0ZlMCZnYWRfc291cmNlPTWACgPICwHiDRMI89fli_e9iQMV8ZP9Bx22Hy2M6g0TCK3y5Yv3vYkDFfGT_Qcdth8tjNgTDtAVAYAXAbIXIQodCAASFHB1Yi03NjU5MzQ3ODIzMTM4MzI3GJvDnwEYAboXAjgBshgJEgL5VBguIgEA0BgB6BgB&sigh=dMnXOrUTe84&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&template_id=5000&ebtr=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/btr/view?ai=C0kx8v0AmZ_qPMvGn9u8Ptr-04QjY97CdeqLo5tWbEqer9P0IEAEg44TEoQFg1bXXAqABrdSE5D3IAQmpAiS00t1ELbI-4AIAqAMByAMKqgTvAk_Qp_6RNKqlKai_QRdkjNIcmsrBNTPjoyljKnEmUNyUNbLWQddSOk6E5uohEq7HDTSSeV7f6cwsOzAanl4wy71bDLd5og4FcACjfzDEmUodIvrde6d0IatwcnkFQQPr8aB5gxAs0_R_kBDGBDyHi0HO-88OVZZj7Xvwd37zPqEMusC8hPEehxkCEWgmKyQcOlQ0RnVpou4lSNkax2Gd_9bh5CkYbiPlnzpvqfnwjb0S183XKMsl9Rwyx5iRuSHdeFqVAtmWu502HzDeb0zw86CQVDSKWHkrxQ1_lQuh-R_5Zmt8sdfnxC514Qe2WsCP3_84zjaKtyTYEEoAnU7BOnFrwtPV-fRL-7UtD5cGStOYSlsbRuZJAqt5B6IM1ydaNVZf4rUG-BOsu3zkR47lmqgZ1d6fK1U0C01B2m_VHqp-jnrAD6VjWfN8eIK-_s8PA0Qx3m1jBh7gWLVU68ZTLIczCNPzapH5p7TIAnglMx3ABI-o3qPxBOAEAYgFvvyuhlCSBQQIBBgBkgUECAUYBKAGLoAHlsupxBioB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEJ_VAtIILAiR4YBwEAEYHTIH64uA4L-AAToKAICAgICAlK7gA0i9_cE6WP-h5Yv3vYkDmgmvAWh0dHBzOi8vbXVwdW5jYS5jb20vP2Zsb3c9ZjM0NTMmcGlkPWU2YzZkZGEzMWMyNjMzNjdjYzNhOWJkNWE3Y2RmMDhlJmdhX2NvbnZfaWQ9Njg1MzcyNDMxMCZnYV9tY2NfaWQ9T0ZGXzY0MC0yNjktMDQyNyZnYV9zaWdjb252X2lkPTY4MjE3MTA3MzQmcndfdG9rZW49RVIyZzFMc0ZlMCZnYWRfc291cmNlPTWACgPICwHiDRMI89fli_e9iQMV8ZP9Bx22Hy2M6g0TCK3y5Yv3vYkDFfGT_Qcdth8tjNgTDtAVAYAXAbIXIQodCAASFHB1Yi03NjU5MzQ3ODIzMTM4MzI3GJvDnwEYAboXAjgBshgJEgL5VBguIgEA0BgB6BgB&sigh=dMnXOrUTe84&uach_m=%5B%5D&ase=2&nis=4&template_id=5000&ibtr=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410290101&jk=4260746972605437&bg=!2Nul25TNAAbaVSD0-lU7ADQBe5WfON9Q30CxzS1-guaW7qG7jBtpPp-qKPMmKXF6HClg3xzgiHxEiz3q9jsMM6F7zUA9AgAAAD5SAAAAA2gBB34ANnQ5gEvLE6bp4cSNg5Yrhf9koOHow_bjE8_yeCDq52K-FnNPdYPy9Nf4lx6D3u5oi3JbULdHTJkCn19pAe0rnJumt4tSLt2W99VF61UFW-dX81ilJF5HOj6D9c6WYcoeP2AeRqZ-48tPUvtVY2BAhF9RmeQl8YkVwlLU8ioDoDW-9p2kyYZhjzgN-ODPHAosuCQO9y0SlOMnOKZiXKGFgczTcFbMS0rHXQ3ZDE8moIhJ34rhie7DK_feb3shrMLewGbAbnE-2u_L93lDDVcYVoXycH5BN7YDksAF9plYX97UXtvftx2z_Bv4JzSBmDzsaVnwmCyEiZ9NVn9Ntx2CP4v6eXJxP7u8HTxy7P1ePyLl3byiTim2ritDEZgWad4FW1Yz5u_t7U7VlFfs_BrvEV7UbZHG4e5GL5qQUKhU_7j-4YjtaLUHKnrQ3m9SKNO0vjGh2SJNEloFy2SPXSavpaEjU_m_BlEvpjukvykh1rlu8P6o8i7aKOLsO6HutI6bHvCRDl83zdh6opzB-TMx4FmOVS1ip5-HnsnAA4hrzaLUpE5yP1c67XuS2q29N17J-kC0_mhB2-wJRq31ly_amGVyP2dazQd8pHRi_tKhVxLKrmE3WCwMm2adul-ACtxNoIzaAx8seJRVWZjwcIkacZ6lZt1Au8r6aykISWHKbWVYap8s-j6wVf4KmbIUOOI_P3ESiMnDcQuGx-f-WblMz8F7OjUqkUPORgqPfn-vzPpV6qDEoti1Tyb2iN-z61GX570GxXeXdc5_ts0UoXv_WLtlPLLJDkt_bpVEx7N7jZl3aw5sCkOl2RXTRND1W6IAKbtq2OVS3K_NXxZKHq6Jwm_9Q8xxn0zvSc1jB88m5Fu9i1LGctOvC6MlQOBJMv5hJCPkia2G0kqlU-hfCI_pYc4niV2cuiwH6VCv44QhvtGH6CMuV4bx7jgGfN8Rt2M0BtHVhVmiblfp

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| _0x1651 function| _0x36ea object| googletag string| ga4 function| getImage function| $ function| jQuery function| lozad object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state number| google_unique_id function| gtag object| dataLayer object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

3 Cookies

Domain/Path Name / Value
.magicmodapk.com/ Name: _ga
Value: GA1.1.982954975.1730560192
.magicmodapk.com/ Name: _ga_01G7TY8TBZ
Value: GS1.1.1730560191.1.0.1730560191.0.0.0
.magicmodapk.com/ Name: __eoi
Value: ID=c36dd2a4d921c691:T=1730560191:RT=1730560191:S=AA-AfjaHBjpwyb-r2tRvPlakja28

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ba29282f7f1f53cb2919e1e53d9d04e7.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.pubxmedia.com
fonts.googleapis.com
fonts.gstatic.com
i.git99.com
pagead2.googlesyndication.com
pt.magicmodapk.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.184.194
142.250.184.195
142.250.186.34
172.67.153.132
188.114.97.3
2001:4860:4802:32::36
2a00:1450:4001:806::2001
2a00:1450:4001:810::200a
2a00:1450:4001:813::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::2001
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
32683c2458d9ad352cb0c0c56f455080f19099da38623aaee642ec139a87cca4
37b83c10fa733bdbfcbd2088c15ad7767d42615ed7e1a146f621596f8d93afd6
44cc5de8ea7cabcdc768722a0a6e3eafe84afe6a15e758116539a8bf06a3e1dd
48f634c325d043864e8bbe7dbdab11fbe6fba910cff944dbfee1aeb018f2cae8
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
7c6e841f0d31b7b5981366b2e99cd6550407485c2b22cf746985e56142dd1767
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
8d2efd99e33acdafb6829999261f804bb316f9137e91af42c8fb8a4eb3a77ff8
8e0d2407b265d9221df87328e11d9a13118f90467dd6a8598e9e86d628c4bf9f
8e590ea811731632f260f5e7eef9d278af1567070d9ffb0743cbced1a3b6d13f
92d2f9529217d63cba93b490c9221a045c3942f164a62b61b4760fb7eb25063c
9610e58bd71a5ace6871376bdfc6dd39eb2d530ba85c29641c67c2e47757702c
9c03c720711c7f7b3ac9d50c141e0ab4a6d8a1cdc7f46763841d6ff6acfe6320
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
adea2b9f4d4c477e98a898d620297199aec41dfa8591b045c5634c1052c9c1c4
b698acef06f5e47bfc1c9bb3ad3c46e31065d807e48a4f688888e69e6df0ceb8
bab098d833582b1845c31f72798a04916074cae513b76315d5960970e6b1b024
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
d630051aa81b7895bed44adcca3d35bbf6c0aa68eb99446712e43cf0d34386d9
e18371c89840d923e59e07b0248b50ceadf00b37579d82e82d3b30023c193e72
f9670a2f1aeb1e2b98b323770b0db2fc6d67992e09639b716b3bdd417a1a061d
fa77814bb7e4476a7ef6584a1cc99709534706c20fb52a5c0732beb816c60a9a
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99