URL: https://car.top5dalat.com/
Submission: On December 17 via api from US — Scanned from AU

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3037::6815:55ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is car.top5dalat.com.
TLS certificate: Issued by WE1 on November 24th 2024. Valid for: 3 months.
This is the only time car.top5dalat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:303... 13335 (CLOUDFLAR...)
4 142.250.66.226 15169 (GOOGLE)
1 8 172.67.212.29 13335 (CLOUDFLAR...)
2 172.217.167.98 15169 (GOOGLE)
1 142.250.71.66 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 142.250.204.4 15169 (GOOGLE)
29 8
Apex Domain
Subdomains
Transfer
18 top5dalat.com
car.top5dalat.com
420 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
228 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
1 google.com
www.google.com — Cisco Umbrella Rank: 3
29 5
Domain Requested by
18 car.top5dalat.com 1 redirects car.top5dalat.com
4 pagead2.googlesyndication.com car.top5dalat.com
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
29 6

This site contains links to these domains. Also see Links.

Domain
www.kadencewp.com
Subject Issuer Validity Valid
top5dalat.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
adtrafficquality.google
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh

This page contains 5 frames:

Primary Page: https://car.top5dalat.com/
Frame ID: F73482A7E90763B732035FBF036D7590
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 1B53CAC745B723F8F7A1001C13C3E18F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5393859787999833&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1734411221&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fcar.top5dalat.com%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734411220989&bpp=7&bdt=547&idt=482&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3942451771756&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089329%2C31089338%2C95331833%2C95344789%2C95345967%2C31061690&oid=2&pvsid=1810067886874299&tmod=793704476&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=533
Frame ID: 3A23DA478029722FCF4506D533D9F7A9
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 251F46F0328BDD92CFB3158466312463
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BFEEBDD49E7D342452F0AA191682C9DA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

car.top5dalat.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

29
Requests

90 %
HTTPS

29 %
IPv6

5
Domains

6
Subdomains

8
IPs

2
Countries

666 kB
Transfer

1382 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://car.top5dalat.com/favicon.ico HTTP 302
  • https://car.top5dalat.com/wp-includes/images/w-logo-blue-white-bg.png

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
car.top5dalat.com/
68 KB
13 KB
Document
General
Full URL
https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d0a3bb1153cb70785a376f7e67da4101a897b44775e2abb424307f0464cd47f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f344f8c2ad78653-PER
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 04:53:40 GMT
link
<https://car.top5dalat.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YoTP68TCkC8XnHSUzCD536KCQO1kSkyX3cX5op63VqFBIRl8PXagLK8VY5cv3tzdRKlD2WJuZyH9Oia0m1ffe7K0QZYQEZJcKCXe2JWdz7nYH3N0ii7lszhy0ETrHNXjWfTbUDOWXbZGy9RFMkKjhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=47088&min_rtt=47007&rtt_var=7538&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3997&recv_bytes=2352&delivery_rate=85545&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=596&x=0"
vary
Accept-Encoding
x-litespeed-cache
hit
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5393859787999833
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
f84f9b9ce240ce2fa35f4961e16ebb126080704f275eb4e854c300b7c25b02e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://car.top5dalat.com
Referer
https://car.top5dalat.com/

Response headers

content-encoding
br
etag
13986177448382530301
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 17 Dec 2024 04:53:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53297
x-xss-protection
0
server
cafe
style.min.css
car.top5dalat.com/wp-includes/css/dist/block-library/
112 KB
17 KB
Stylesheet
General
Full URL
https://car.top5dalat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"1c012-67350801-8836ac;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MHjsGkt4%2B69Mu7ouvpIXIQk1jiZ7mCqQ5BKvJ99JO2TpKiIS1d3FN%2BdMhkFc%2FI96NgvHVQ%2FJ5M6k5EXUxhJsZ1%2BlTd3B8ZMU7NlbksKIuYM4LyYsH45ruhQBMrNdwelS5f8BVADqOw2uzHyhBXpAww%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f344f900ea88653-PER
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47154&min_rtt=47007&rtt_var=5784&sent=53&recv=21&lost=0&retrans=0&sent_bytes=33632&recv_bytes=3349&delivery_rate=424700&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1225&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 20:11:45 GMT
vary
Accept-Encoding
server
cloudflare
global.min.css
car.top5dalat.com/wp-content/themes/kadence/assets/css/
22 KB
6 KB
Stylesheet
General
Full URL
https://car.top5dalat.com/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.51
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"598d-65c39062-885096;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytrDy5CQa%2BM%2BkHNiiEhf2y5Q1W%2FydP6EOziFz2nfH2Ix5J71t8bVsnNH6DwKXA9g6RPOTvgd2MPMKB%2BtBr3Tjw9LgTjQqYQfRi8eFmMKDVtXn9LlW2Y%2ByRwUgymtxoCH7oon%2Bm0YgEzYj0Cm6aNntw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f344f900eab8653-PER
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47154&min_rtt=47007&rtt_var=5784&sent=72&recv=21&lost=0&retrans=0&sent_bytes=51235&recv_bytes=3349&delivery_rate=424700&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1226&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
text/css
last-modified
Wed, 07 Feb 2024 14:14:58 GMT
vary
Accept-Encoding
server
cloudflare
header.min.css
car.top5dalat.com/wp-content/themes/kadence/assets/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://car.top5dalat.com/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.51
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67ee-65c39062-885097;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2piwZzMKq2JAu2%2BPHHtSmknoDddwP6mb57gOy%2FtAPUOgeZl9dD5MqxSMUR3%2BTj8kSY%2FaQRbYRfuYMSlp2C%2Btu1D776jT%2BMthPa5HyvnmDPZTRqBEmneJde6WN1BuTpoevKm6x5D%2B1s2TN8BR3u%2FQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f344f900eac8653-PER
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47154&min_rtt=47007&rtt_var=5784&sent=46&recv=21&lost=0&retrans=0&sent_bytes=27919&recv_bytes=3349&delivery_rate=424700&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1223&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
text/css
last-modified
Wed, 07 Feb 2024 14:14:58 GMT
vary
Accept-Encoding
server
cloudflare
content.min.css
car.top5dalat.com/wp-content/themes/kadence/assets/css/
33 KB
7 KB
Stylesheet
General
Full URL
https://car.top5dalat.com/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.51
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bc53033d3cfc5f7c22af24a9512f3ff21170b8b500ed0ae7e5bc8cb1bb8ac6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"822e-65c39062-88508c;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opncXGWjdDaiNi5RU7WX9%2BzauZWBzpH661GxBIdheifeNK13v0%2FjluJAjZL9Qg7je6QK%2B%2F579WslRFW%2FM5FzMKF%2FPa3yfVf50KsBex77wCMCb0nT9BrYavvP7iEwuJ%2BSrWWNFX4kAiwwxZLB0NNifQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f344f900ead8653-PER
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47154&min_rtt=47007&rtt_var=5784&sent=37&recv=21&lost=0&retrans=0&sent_bytes=20543&recv_bytes=3349&delivery_rate=424700&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1217&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
text/css
last-modified
Wed, 07 Feb 2024 14:14:58 GMT
vary
Accept-Encoding
server
cloudflare
footer.min.css
car.top5dalat.com/wp-content/themes/kadence/assets/css/
20 KB
3 KB
Stylesheet
General
Full URL
https://car.top5dalat.com/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.51
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c239f270b71525869b3a8fcfbaa2bef403b6a7e8656b471b2f5a685e3431b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"4e07-65c39062-885094;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFk3RGg%2F3gDZebDPabX337EXTQmNOlPCQgymBfEaxWkqTM4P05klE6%2F%2BMQjrmYWr0iO1rE5s9EhRszFez8j4f6usqsU3KVNAVzycXwlGXlyClfYz1%2BZNM2VcKfJwhFrTg7m4esQE80ZcOQbiMH6JYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f344f900eaf8653-PER
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47154&min_rtt=47007&rtt_var=5784&sent=33&recv=21&lost=0&retrans=0&sent_bytes=17890&recv_bytes=3349&delivery_rate=424700&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1214&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
text/css
last-modified
Wed, 07 Feb 2024 14:14:58 GMT
vary
Accept-Encoding
server
cloudflare
snake-korean-traditional-art.jpg
car.top5dalat.com/wp-content/uploads/2024/02/
71 KB
72 KB
Image
General
Full URL
https://car.top5dalat.com/wp-content/uploads/2024/02/snake-korean-traditional-art.jpg
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbab8ac69fa6b991177a4aa50f5039a13d49ebef302bf646d929523b4c66282

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"11bfd-65c6d03e-888ea0;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSpKCdVsfSLkc7xTzaGb0z2iRCa0W3yTVoMs0osKBi4iuWSVsrqwtxlu2ww0DatcQAYCX43kzPJOFFP6ctAhyijkBSx8MBKVUX66rdt6l7bf45dF5lfuO77qy8zgr%2FAWjgY%2BysvLx%2BxZS05qXQ11WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47519&min_rtt=46912&rtt_var=353&sent=124&recv=55&lost=0&retrans=0&sent_bytes=106134&recv_bytes=3349&delivery_rate=1336997&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1872&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
image/jpeg
last-modified
Sat, 10 Feb 2024 01:24:14 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f900eb08653-PER
accept-ranges
bytes
content-length
72701
server
cloudflare
best-long-lasting-lipstick-for-wedding-day.jpg
car.top5dalat.com/wp-content/uploads/2024/02/
20 KB
20 KB
Image
General
Full URL
https://car.top5dalat.com/wp-content/uploads/2024/02/best-long-lasting-lipstick-for-wedding-day.jpg
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99cb6441ed97e8de7f65258624a6be136110b059235d639d3f2c14d8463cda29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"4e89-65c6cf49-889666;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RnJG2UAV1I4J3Vrv6u03rP%2BBYunlcSOP5UaUn%2FM7jCdcgBeLiWkmb7hCC30LTsjEpvrm7mjii5tULYljQOFrBWhThawC7h%2FhRNBEKq8dma3mqND6ZkQmHw9TXMkbXCBFsOIkZj%2F%2FGyM26BZnaDYFXg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47380&min_rtt=46912&rtt_var=390&sent=106&recv=37&lost=0&retrans=0&sent_bytes=85359&recv_bytes=3349&delivery_rate=1336997&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1508&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
image/jpeg
last-modified
Sat, 10 Feb 2024 01:20:09 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f900eb28653-PER
accept-ranges
bytes
content-length
20105
server
cloudflare
comfortable-sneakers-for-work.jpg
car.top5dalat.com/wp-content/uploads/2024/02/
22 KB
22 KB
Image
General
Full URL
https://car.top5dalat.com/wp-content/uploads/2024/02/comfortable-sneakers-for-work.jpg
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c224be7cedb9680f3e6f0ac2d2a685cf6be6dd13d61bede89a368237176a92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"5641-65c58243-88956a;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iaJlxUKd2goqjGPCWS38UntQRtWkQUGkek2PwbnvbeYcWzOn8x9wYoDICvmrj2O5cwvr%2FX%2BKOQeYvP6FqF35OsfyxTCIKekC1mSi1S9sfpDUxwtas749dXGUn%2BHrHJEXncja4lxjNtqUj3TnmM4w8g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47380&min_rtt=46912&rtt_var=390&sent=85&recv=37&lost=0&retrans=0&sent_bytes=62578&recv_bytes=3349&delivery_rate=1336997&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1493&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
image/jpeg
last-modified
Fri, 09 Feb 2024 01:39:15 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f900eb48653-PER
accept-ranges
bytes
content-length
22081
server
cloudflare
navigation.min.js
car.top5dalat.com/wp-content/themes/kadence/assets/js/
18 KB
5 KB
Script
General
Full URL
https://car.top5dalat.com/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.51
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bc741f7e4c28b38fb6f193b8e5601c0510e72d600cb243b9721516d7fda9836

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"4655-65c39062-88511c;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sdyeLC%2BdVEoW7yU9eXqGyVX1ZFh0zHr7VvZ5ZFmEnCcvo1RYBmXRORts%2BHrMnP3YjEb7ZnusoGIyquoDG%2FIUwuF75nYGz3VFe9abEY1IkxbyWzuuzGRZqS4efr5F9iJvA1iLiBUR3Af%2FWilLyDiR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f344f906f2b8653-PER
expires
Tue, 24 Dec 2024 04:53:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47160&min_rtt=47007&rtt_var=4351&sent=79&recv=22&lost=0&retrans=0&sent_bytes=57134&recv_bytes=3349&delivery_rate=424700&cwnd=253&unsent_bytes=0&cid=2907f16ddbd8d7c9&ts=1262&x=0"
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
application/x-javascript
last-modified
Wed, 07 Feb 2024 14:14:58 GMT
vary
Accept-Encoding
server
cloudflare
9c11a85a-683f-4ec3-bff0-447f1956d93c
https://car.top5dalat.com/ Frame
0
0

slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/
90 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5393859787999833
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
c02906e72511fc855226593838c021064e65dda425d101633e5e56a4ca7d868c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

content-encoding
br
etag
10373476757252002022
age
29614
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 20:40:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 20:40:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31831
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/
435 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5393859787999833
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

content-encoding
br
etag
4174761130244020438
age
60321
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 12:08:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 12:08:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147831
x-xss-protection
0
server
cafe
define-non-traditional-art.jpg
car.top5dalat.com/wp-content/uploads/2024/02/
51 KB
51 KB
Image
General
Full URL
https://car.top5dalat.com/wp-content/uploads/2024/02/define-non-traditional-art.jpg
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0e3897e812bd168070ed1566a61c86b30360b22ed937349b0a5e34a21263d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"caf6-65c57e8f-889567;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u24ucqrP1XJx0MGuTQimOWVqPTqxYkCo0Arz0Dk%2BFb5K8eEsi1rI8AkmcuEK4gDKFt7VExinhMiRP2CX7z4DIhnKLJE%2FbNnSmu7RQIgbGT13hDciIXm034ZyKgB1ihFrZ7iNNw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49530&min_rtt=47479&rtt_var=5665&sent=28&recv=18&lost=0&retrans=0&sent_bytes=22468&recv_bytes=6394&delivery_rate=10411&cwnd=12000&unsent_bytes=0&cid=507bda6354d451f6&ts=1322&x=1", cfExtPri, cfHdrFlush;dur=48
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
image/jpeg
last-modified
Fri, 09 Feb 2024 01:23:27 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f940c6f865b-PER
accept-ranges
bytes
content-length
51958
server
cloudflare
listen-to-music-free.jpg
car.top5dalat.com/wp-content/uploads/2024/02/
44 KB
44 KB
Image
General
Full URL
https://car.top5dalat.com/wp-content/uploads/2024/02/listen-to-music-free.jpg
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b07033638e486c5a6b034bc8225a82170369c0af18c1b1e334f8bc4ee226cb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"ae60-65c57dee-889564;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4M%2BIR4rBkI%2FMBuI5lgoOQjn90qsbEbweOXmF%2BzPg5XZ6vG7UKKJGnJ4S%2B%2F4BwzuhH0FSyC1y21ZUiMIDkdU%2FLjt1qJzZzGnDUr7jDu9%2BO3oWMcZFm1rhB3pRYs2nPdXi0QHSA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49530&min_rtt=47479&rtt_var=5665&sent=18&recv=18&lost=0&retrans=0&sent_bytes=10468&recv_bytes=6394&delivery_rate=10411&cwnd=12000&unsent_bytes=0&cid=507bda6354d451f6&ts=1321&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
image/jpeg
last-modified
Fri, 09 Feb 2024 01:20:46 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f940c74865b-PER
accept-ranges
bytes
content-length
44640
server
cloudflare
benefits-for-healthy-lifestyle.jpg
car.top5dalat.com/wp-content/uploads/2024/02/
68 KB
69 KB
Image
General
Full URL
https://car.top5dalat.com/wp-content/uploads/2024/02/benefits-for-healthy-lifestyle.jpg
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
391bc8afe57948405c1a727f488ca18ec919bb0076e9c6b123bebf6bb2140907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"10f27-65c5534d-889551;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uvbX%2BdSJtLKkhTK0Nus93QTuPpGZTC7AMjo5D5z8JlI9Gug0UL8R%2Fobprj05dtde4st%2B1x1LnVoC0zjyRh%2FeW%2FkVcFGVpgipQYuj3i5L4s3%2Bls66MQtYWFg3Xq4AIyLmMld0hg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48110&min_rtt=47479&rtt_var=321&sent=170&recv=70&lost=0&retrans=0&sent_bytes=188003&recv_bytes=8978&delivery_rate=663938&cwnd=62400&unsent_bytes=0&cid=507bda6354d451f6&ts=1867&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 04:53:42 GMT
content-type
image/jpeg
last-modified
Thu, 08 Feb 2024 22:18:53 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f940c76865b-PER
accept-ranges
bytes
content-length
69415
server
cloudflare
what-is-buffalo-performing-arts-high-schools-mascot.jpg
car.top5dalat.com/wp-content/uploads/2024/02/
53 KB
53 KB
Image
General
Full URL
https://car.top5dalat.com/wp-content/uploads/2024/02/what-is-buffalo-performing-arts-high-schools-mascot.jpg
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcbd5bc80148c6f3d97be92488b5d72cd3548a9ea572e6f143ae88ca7770c33f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"d203-65c53b63-88954a;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GaCLmlaF7NPNp689U6x0p2Ha8NUGx04jDEarLY%2BO6J0CFyifaThJpAYCHT1ZcgbtGVUoyDroVm4UVPJ5PiolAi612vbHRozwyvJjmoNjyY%2Fn3yWPitJwJmaQQduvfJvd53SyvA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47927&min_rtt=47479&rtt_var=299&sent=123&recv=65&lost=0&retrans=0&sent_bytes=132320&recv_bytes=8757&delivery_rate=983340&cwnd=62400&unsent_bytes=0&cid=507bda6354d451f6&ts=1766&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 04:53:42 GMT
content-type
image/jpeg
last-modified
Thu, 08 Feb 2024 20:36:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f940c79865b-PER
accept-ranges
bytes
content-length
53763
server
cloudflare
redoxon-vitamin-c-benefits-for-skin.jpg
car.top5dalat.com/wp-content/uploads/2024/02/
20 KB
21 KB
Image
General
Full URL
https://car.top5dalat.com/wp-content/uploads/2024/02/redoxon-vitamin-c-benefits-for-skin.jpg
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c6719e2eca116d438acfbc753e547692923978c3ae36bdf8080530dcad57f1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"4fb3-65c4d326-889343;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ii%2Bsy%2Fx3v9y5qNgX%2BeA59gfweESWvspJ1YL53nY%2F118S9Wk1cW4%2F9O3ttXfZmZf%2BV5w2O4d6HrE4k8F9qvDbWeiBn3sFSKrhgnV4PzFRQl6rQjURGWLiFzSUBWlMsN6ZAT3VA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49232&min_rtt=47479&rtt_var=171&sent=82&recv=32&lost=0&retrans=0&sent_bytes=87268&recv_bytes=6996&delivery_rate=439567&cwnd=43200&unsent_bytes=0&cid=507bda6354d451f6&ts=1467&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
image/jpeg
last-modified
Thu, 08 Feb 2024 13:12:06 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f940c7b865b-PER
accept-ranges
bytes
content-length
20403
server
cloudflare
wp-emoji-release.min.js
car.top5dalat.com/wp-includes/js/
18 KB
6 KB
Script
General
Full URL
https://car.top5dalat.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: car.top5dalat.com
URL: https://car.top5dalat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"4926-660cbb3b-883d8a;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXNLmk%2FK13AoR59yEJM%2Bjru407mXC%2FUxFLi%2Fiao8LfmgoQZlHTOkGidUzf%2FjT38KLfmONUy%2B9vJUemMg4XNWV3gCpGjMTgWsL0T0iPpxkC%2BLtP1EP%2F8uHm1nxGsOcgihywXtJw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47966&min_rtt=47479&rtt_var=7854&sent=12&recv=15&lost=0&retrans=0&sent_bytes=4235&recv_bytes=6265&delivery_rate=382&cwnd=12000&unsent_bytes=0&cid=507bda6354d451f6&ts=1196&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 04:53:41 GMT
content-type
application/x-javascript
last-modified
Wed, 03 Apr 2024 02:13:15 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344f940c7f865b-PER
server
cloudflare
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5393859787999833
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://car.top5dalat.com/

Response headers

zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 1B53
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://car.top5dalat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
30774
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 20:20:47 GMT
etag
17661348622971093804
expires
Mon, 30 Dec 2024 20:20:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A23
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5393859787999833&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1734411221&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fcar.top5dalat.com%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734411220989&bpp=7&bdt=547&idt=482&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3942451771756&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089329%2C31089338%2C95331833%2C95344789%2C95345967%2C31061690&oid=2&pvsid=1810067886874299&tmod=793704476&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=533
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://car.top5dalat.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 04:53:41 GMT
expires
Tue, 17 Dec 2024 04:53:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b177c7faca5d786b25e7e9349d716f70bd67442d87ef80e28cb5911fd36a9d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13165
date
Tue, 17 Dec 2024 04:53:42 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
w-logo-blue-white-bg.png
car.top5dalat.com/wp-includes/images/
Redirect Chain
  • https://car.top5dalat.com/favicon.ico
  • https://car.top5dalat.com/wp-includes/images/w-logo-blue-white-bg.png
4 KB
5 KB
Other
General
Full URL
https://car.top5dalat.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
172.67.212.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

cf-cache-status
MISS
etag
"1017-65c38e47-883be6;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2B6p9BVsmJeiMUzmMcgP8kmnZH9otUW48FLINw%2FtYhKc3mZXlN7ls0Ul2L9D9wu%2FUELysBUXf%2FnVEDp5zoWNqtNDOal%2FN0FD7rRFFpxboeXoLbWw4ym5dz1LTKhzT0O9UAgwgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 04:53:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48068&min_rtt=47479&rtt_var=354&sent=232&recv=78&lost=0&retrans=0&sent_bytes=260633&recv_bytes=9672&delivery_rate=18575&cwnd=110400&unsent_bytes=0&cid=507bda6354d451f6&ts=3298&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 04:53:43 GMT
content-type
image/png
last-modified
Wed, 07 Feb 2024 14:05:59 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f344fa2ecee865b-PER
accept-ranges
bytes
content-length
4119
server
cloudflare

Redirect headers

x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
0e5_HTTP.200,0e5_HTTP.302,0e5_default,0e5_URL.b54ff2eddcb0060bcd786ce388d8d4d7,0e5_
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7N%2Bg0Lou5BuTntGYiJmQ%2FfIoZZZZM5cjv5oN8QbEwiA%2BtYHHKCXreLiJO%2BJ95WQIOwuKttAt1SDlXCZz3tQKELppy3peTPTw4fDVBsFwyrxHhPl1ZXEqBNd%2BmYzkC4pknGNf3w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48125&min_rtt=47479&rtt_var=320&sent=230&recv=77&lost=0&retrans=0&sent_bytes=259687&recv_bytes=9294&delivery_rate=376165&cwnd=110400&unsent_bytes=0&cid=507bda6354d451f6&ts=2982&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 04:53:43 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-redirect-by
WordPress
link
<https://car.top5dalat.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://car.top5dalat.com/wp-includes/images/w-logo-blue-white-bg.png
cf-ray
8f344f9acb5b865b-PER
x-litespeed-cache
miss
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://car.top5dalat.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 04:53:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 04:53:42 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 251F
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://car.top5dalat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 04:15:52 GMT
expires
Tue, 17 Dec 2024 05:05:52 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BFEE
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YXQsJg7-2Nn01ZVB9Cxivw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://car.top5dalat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YXQsJg7-2Nn01ZVB9Cxivw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Dec 2024 04:53:43 GMT
expires
Tue, 17 Dec 2024 04:53:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
car.top5dalat.com
URL
blob:https://car.top5dalat.com/9c11a85a-683f-4ec3-bff0-447f1956d93c
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=1810067886874299&bg=!XF-lXxDNAAbtGp3CzRo7ADQBe5WfOEjuQqwUksV6VO04edgfHDWhYLnW8avrCrogZavMz3d6tYp_zITBd9D7ZTydK4PtAgAAAIBSAAAAAmgBB34ANmRBZJOrgVeq_OZi2w_pFVnfG2PR5SasTCftmOE5NqXUVahounBUdbgh-KP0T8wYly_dzGDzd5kCrDwreKM_ftMV6qFpRbg547KIDcUsPVvepQiVTN-0a05bgg9P1njcxk5PJ87xOz8FUAcsgtrONQehxaueuKFjgar7xFgY9oKbkWVc1KRKmIX71uVHrzJF0Hs8DvOOZy7JEqxnnR8NP2W11rU2lS2SY5xO3tVzFO1HeDlpWnfgAdChHmtTIE2NJx9MkxfcQF4FHGdEvf6tb-DD7qHsvOK8P6TdZcEyijN6MzIFfUzIqB_vpxCWTd2310q55e_D046jv3UUtk6sUmENRv4Z9jxsfmwCsAQbXlAq7f-_bURrRH69SaVBBhSx7MC8PfUCLSIy-yH4G074naPf_TGa19r-r9iG6X00IibtjqA7jyPYYz3BmaxSuOA0tLBClBxGNzcy_xAElQE7SB1ij7fQIuCFiAU2gJQsGuov6QnOSvqDFO4_ZpqOKcFdaazSCdB2UzirQhAyjEVXGvY3uVFhJx6sgI3fW3plqvB_2RKraHLhnadRQOolYZVkHT1YlHFAMPLOLdj0UwLd0Ucs_5AFkWKs5VP1WZUNuFO97PBk8rDh33N6ugWhXUyjKFvm0lCgYsvc1NYPUdcH8ymxywV6OA6AkKH3y6Bi1Q1hOMaLyYm44cdJ7saAl04Tu55bUVJJt4FKCRvsbMRjE5-xk6iHmJzJjBtJlUIPYiORiD61NYX0_r2lIm_aaO_hFUI6UL7n_ZYd3rBjBeEQcFmAM4cLPLCN3XS3gFYHwI8NECL3njdacuTFXWSBKa44w2TthI1Hpk1QWuMOt1fsyQNwWxSYX0jv7MROOZ2z7ovL2fAfjCPIe2Kd3K_hk7QFAntqDQZXRPUzO72AarnICsCjH-NiVaHHYs3o4NWMrFqOaHRIjiMIhCcgi_Qq3Lr1H2C83QvCcxgFSF93TRUxDzoiYhC7fg

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| kadenceConfig object| kadence function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

car.top5dalat.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google.com
car.top5dalat.com
ep1.adtrafficquality.google
142.250.204.4
142.250.66.226
142.250.71.66
172.217.167.98
172.67.212.29
2404:6800:4006:809::2001
2606:4700:3037::6815:55ef
0c6719e2eca116d438acfbc753e547692923978c3ae36bdf8080530dcad57f1f
12c224be7cedb9680f3e6f0ac2d2a685cf6be6dd13d61bede89a368237176a92
1bc741f7e4c28b38fb6f193b8e5601c0510e72d600cb243b9721516d7fda9836
1d0a3bb1153cb70785a376f7e67da4101a897b44775e2abb424307f0464cd47f
391bc8afe57948405c1a727f488ca18ec919bb0076e9c6b123bebf6bb2140907
3b07033638e486c5a6b034bc8225a82170369c0af18c1b1e334f8bc4ee226cb5
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
43c239f270b71525869b3a8fcfbaa2bef403b6a7e8656b471b2f5a685e3431b2
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
7a0e3897e812bd168070ed1566a61c86b30360b22ed937349b0a5e34a21263d5
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
99cb6441ed97e8de7f65258624a6be136110b059235d639d3f2c14d8463cda29
9cbab8ac69fa6b991177a4aa50f5039a13d49ebef302bf646d929523b4c66282
9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791
b177c7faca5d786b25e7e9349d716f70bd67442d87ef80e28cb5911fd36a9d45
b1bc53033d3cfc5f7c22af24a9512f3ff21170b8b500ed0ae7e5bc8cb1bb8ac6
bcbd5bc80148c6f3d97be92488b5d72cd3548a9ea572e6f143ae88ca7770c33f
c02906e72511fc855226593838c021064e65dda425d101633e5e56a4ca7d868c
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8
f84f9b9ce240ce2fa35f4961e16ebb126080704f275eb4e854c300b7c25b02e0
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99