urlscan.io logo urlscan.io
SecurityTrails logo

roblox.tousekinursemanblog.com Open in urlscan Pro
162.43.118.32  Public Scan

Go To Rescan Add Verdict Report
URL: https://roblox.tousekinursemanblog.com/
Submission Tags: phishingrod
Submission: On May 04 via api from DE — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 34 HTTP transactions. The main IP is 162.43.118.32, located in Jingūmae, Japan and belongs to XSERVER Xserver Inc., JP. The main domain is roblox.tousekinursemanblog.com.
TLS certificate: Issued by R3 on May 3rd 2024. Valid for: 3 months.
This is the only time roblox.tousekinursemanblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    162.43.118.32 (Jingūmae, Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv13351.xserver.jp
roblox.tousekinursemanblog.com
1    2404:6800:4004:812::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2404:6800:4004:813::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.251.222.14 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
22 tousekinursemanblog.com
roblox.tousekinursemanblog.com
3 MB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 380
305 KB
3 gstatic.com
fonts.gstatic.com
90 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2270
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
0 fit-theme.com Failed
thor-demo.fit-theme.com Failed
34 7
Domain Requested by
22 roblox.tousekinursemanblog.com 1 redirects roblox.tousekinursemanblog.com
ajax.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com roblox.tousekinursemanblog.com
www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com roblox.tousekinursemanblog.com
1 secure.gravatar.com roblox.tousekinursemanblog.com
1 ajax.googleapis.com roblox.tousekinursemanblog.com
1 www.googletagmanager.com roblox.tousekinursemanblog.com
0 thor-demo.fit-theme.com Failed roblox.tousekinursemanblog.com
34 8

This site contains links to these domains. Also see Links.

Domain
fit-theme.com
www.facebook.com
twitter.com
plus.google.com
fit-jp.com
wordpress.org
Subject Issuer Validity Valid
roblox.tousekinursemanblog.com
R3		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://roblox.tousekinursemanblog.com/
Frame ID: D66D02C12F5921CF3560D2E636910425
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ロブロックスの部屋 - エンジョイライフ

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

3355 kB
Transfer

4892 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://roblox.tousekinursemanblog.com/favicon.ico HTTP 302
  • https://roblox.tousekinursemanblog.com/wp-includes/images/w-logo-blue-white-bg.png

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
roblox.tousekinursemanblog.com/ 		45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
b8cbe0777a736150045b4489a25d13a439b7eadb1515ebe1c447c4ea6b971e9a

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 02:15:27 GMT
expires
Sat, 04 May 2024 02:15:27 GMT
link
<https://roblox.tousekinursemanblog.com/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding Accept-Encoding
js
www.googletagmanager.com/gtag/ 		298 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2RP685Q1XB
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7cb11fd1bf03b9b7eb36894ba2bb9bfd7c05c832d390d1798f333dec98f0d637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101547
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 May 2024 02:15:27 GMT
dashicons.min.css
roblox.tousekinursemanblog.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-includes/css/dashicons.min.css?ver=6.5.2
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Mon, 22 May 2023 01:59:52 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
thickbox.css
roblox.tousekinursemanblog.com/wp-includes/js/thickbox/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-includes/js/thickbox/thickbox.css?ver=6.5.2
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Mon, 22 May 2023 01:59:52 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
style.min.css
roblox.tousekinursemanblog.com/wp-includes/css/dist/block-library/ 		111 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 22:52:27 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
jquery.min.js
roblox.tousekinursemanblog.com/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 01:16:03 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
jquery-migrate.min.js
roblox.tousekinursemanblog.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Wed, 09 Aug 2023 03:23:33 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
swiper.min.css
roblox.tousekinursemanblog.com/wp-content/themes/the-thor/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/css/swiper.min.css
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
12a453fd069f01ab806fc3fa26e8c9f74bb5041cb4979e2bebeaddf6db611389

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Sat, 08 Jul 2023 13:47:31 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
css
fonts.googleapis.com/ 		990 KB
270 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+JP:100,200,300,400,500,600,700,800,900
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b83ccf1e1b226f6808701d8bcf65a0086dc273a5f0f43009376c1afd5b8c29e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 May 2024 01:52:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 May 2024 02:15:27 GMT
style.min.css
roblox.tousekinursemanblog.com/wp-content/themes/the-thor/ 		164 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/style.min.css
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
6eae8d01ad8d47be6ce5679f03dfb2b681fedd9bb56a52e635e0bd0d2b2c1190

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Sat, 08 Jul 2023 13:47:31 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 23:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 May 2025 23:33:19 GMT
%E3%83%AD%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%82%B9%E3%81%AE%E9%83%A8%E5%B1%8B%E3%81%B8%E3%82%88%E3%81%86%E3%81%93%E3%81%9D-1-1280x960.png
roblox.tousekinursemanblog.com/wp-content/uploads/2023/07/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roblox.tousekinursemanblog.com/wp-content/uploads/2023/07/%E3%83%AD%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%82%B9%E3%81%AE%E9%83%A8%E5%B1%8B%E3%81%B8%E3%82%88%E3%81%86%E3%81%93%E3%81%9D-1-1280x960.png
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
9bfb6568df025ccfd3f9568eb94b7a8776e98493e153ce2e9d05abf986c049c8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
last-modified
Sat, 08 Jul 2023 21:41:22 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1785928
expires
Sun, 04 May 2025 02:15:27 GMT
%E3%81%82%E3%81%AA%E3%81%9F%E3%82%92%E3%83%AD%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%82%B9%E3%81%AE-%E4%B8%96%E7%95%8C%E3%81%B8%E3%81%A8%E9%AD%85%E4%BA%86%E3%81%99%E3%82%8B-1280x721.png
roblox.tousekinursemanblog.com/wp-content/uploads/2023/07/ 		649 KB
650 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roblox.tousekinursemanblog.com/wp-content/uploads/2023/07/%E3%81%82%E3%81%AA%E3%81%9F%E3%82%92%E3%83%AD%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%82%B9%E3%81%AE-%E4%B8%96%E7%95%8C%E3%81%B8%E3%81%A8%E9%AD%85%E4%BA%86%E3%81%99%E3%82%8B-1280x721.png
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
e3bad4a3438d9b4ca528b2669d1867ed9a0e674c22b63b2e90cb3f28d20c202a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
last-modified
Sat, 08 Jul 2023 21:42:21 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
664686
expires
Sun, 04 May 2025 02:15:27 GMT
shutterstock_1997636522-1280x853.jpg
roblox.tousekinursemanblog.com/wp-content/uploads/2023/07/ 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roblox.tousekinursemanblog.com/wp-content/uploads/2023/07/shutterstock_1997636522-1280x853.jpg
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
63e23bf50c328a1cc9f6776a0e1b1d0eb3bdddb466947b30e68ff7a6c0493a83

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
last-modified
Sat, 08 Jul 2023 21:44:50 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
200692
expires
Sun, 04 May 2025 02:15:27 GMT
fbdd3d31ace4f8c873bdf22c069c52ad
secure.gravatar.com/avatar/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/fbdd3d31ace4f8c873bdf22c069c52ad?s=120&d=mm&r=g
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
751359312a158b29c2101fe1f9bf02e1935aef1acb1b7c27e1397a4e752fe1b8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT nrt 4
date
Sat, 04 May 2024 02:15:27 GMT
last-modified
Sat, 05 Aug 2023 23:46:49 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="fbdd3d31ace4f8c873bdf22c069c52ad.png"
accept-ranges
bytes
link
<https://gravatar.com/avatar/fbdd3d31ace4f8c873bdf22c069c52ad?s=120&d=mm&r=g>; rel="canonical"
content-length
4065
alt-svc
h3=":443"; ma=86400
expires
Sat, 04 May 2024 02:20:27 GMT
thickbox.js
roblox.tousekinursemanblog.com/wp-includes/js/thickbox/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
e29a83a0046e9ab1ae6d562fc1e4ef77b20430f80d5996cfcd777cdb7428289c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 22:52:31 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
smoothlinkFixed.min.js
roblox.tousekinursemanblog.com/wp-content/themes/the-thor/js/ 		1022 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/js/smoothlinkFixed.min.js?ver=6.5.2
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
b134765ef3323a8fa2bb06a2d71f12f77db2a81ce9fe6d120085b3c50917a2b9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Sat, 08 Jul 2023 13:47:31 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
swiper.min.js
roblox.tousekinursemanblog.com/wp-content/themes/the-thor/js/ 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/js/swiper.min.js?ver=6.5.2
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
3d8e8ab81993e27d2886889248e0ff50a90329b04e022c65d30bd6ac61465ebb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Sat, 08 Jul 2023 13:47:31 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
unregister-worker.min.js
roblox.tousekinursemanblog.com/wp-content/themes/the-thor/js/ 		247 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/js/unregister-worker.min.js?ver=6.5.2
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
bc5c55ee670e3f5f9cf027b4199adcab5a12edf9ff98c342d7c455eaa22e72ce

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
last-modified
Sat, 08 Jul 2023 13:47:31 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
247
expires
Sun, 04 May 2025 02:15:27 GMT
offline.min.js
roblox.tousekinursemanblog.com/wp-content/themes/the-thor/js/ 		88 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/js/offline.min.js?ver=6.5.2
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
c271a615ac35fe45ae21ae6089de9c2b44390eef017b63295e194676fb8a1732

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
last-modified
Sat, 08 Jul 2023 13:47:31 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
88
expires
Sun, 04 May 2025 02:15:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 04 May 2024 00:42:45 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5562
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 04 May 2024 02:42:45 GMT
icon.min.css
roblox.tousekinursemanblog.com/wp-content/themes/the-thor/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/css/icon.min.css
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
573bb474a60bf91053ae6e6dbee83b4dfd2d4489bb7e130ce0460de37624f6f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Sat, 08 Jul 2023 13:47:31 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
css
fonts.googleapis.com/ 		4 KB
544 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aeb52bfd69b48dd91ab5ab457e493b11754faf5bc880e4f2b1803cd50389481
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 May 2024 01:46:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 May 2024 02:15:27 GMT
css
fonts.googleapis.com/ 		1 KB
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a96715c711864031d765c36298446b205f7c40d39b63c94021fab2bc60962a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 May 2024 00:54:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 May 2024 02:15:27 GMT
haikei.jpg
thor-demo.fit-theme.com/wp-content/uploads/2018/12/ 		0
0
collect
www.google-analytics.com/g/ 		0
181 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2RP685Q1XB&gtm=45je4510v9137778870za200&_p=1714788927167&gcd=13l3l3l3l1&npa=0&dma=0&cid=1546972808.1714788927&ul=jp-jp&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714788927&sct=1&seg=0&dl=https%3A%2F%2Froblox.tousekinursemanblog.com%2F&dt=%E3%83%AD%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%82%B9%E3%81%AE%E9%83%A8%E5%B1%8B%20-%20%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%A7%E3%82%A4%E3%83%A9%E3%82%A4%E3%83%95&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=420
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2RP685Q1XB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 04 May 2024 02:15:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://roblox.tousekinursemanblog.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loadingAnimation.gif
roblox.tousekinursemanblog.com/wp-includes/js/thickbox/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roblox.tousekinursemanblog.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
last-modified
Mon, 22 May 2023 01:59:52 GMT
server
nginx
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
15238
expires
Sun, 04 May 2025 02:15:27 GMT
icomoon.ttf
roblox.tousekinursemanblog.com/wp-content/themes/the-thor/fonts/ 		103 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/fonts/icomoon.ttf?cyzug3
Requested by
Host: roblox.tousekinursemanblog.com
URL: https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/css/icon.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
77c0b6ba36b62072af6e27681d431fbd6a6f5fcfe4e8fd79371964bc13f96d68

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://roblox.tousekinursemanblog.com/wp-content/themes/the-thor/css/icon.min.css
Origin
https://roblox.tousekinursemanblog.com
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
content-encoding
br
last-modified
Sat, 08 Jul 2023 13:47:31 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-font-ttf
cache-control
max-age=31536000, public
expires
Sun, 04 May 2025 02:15:27 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://roblox.tousekinursemanblog.com
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 01:50:07 GMT
x-content-type-options
nosniff
age
174320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 May 2025 01:50:07 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://roblox.tousekinursemanblog.com
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 02:00:05 GMT
x-content-type-options
nosniff
age
173722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 May 2025 02:00:05 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://roblox.tousekinursemanblog.com
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 00:30:29 GMT
x-content-type-options
nosniff
age
92698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44584
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 May 2025 00:30:29 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1313877440&t=pageview&_s=1&dl=https%3A%2F%2Froblox.tousekinursemanblog.com%2F&ul=jp-jp&de=UTF-8&dt=%E3%83%AD%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%82%B9%E3%81%AE%E9%83%A8%E5%B1%8B%20-%20%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%A7%E3%82%A4%E3%83%A9%E3%82%A4%E3%83%95&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1287157729&gjid=917771368&cid=1546972808.1714788927&tid=G-GT85M3GJV4&_gid=2082735230.1714788927&_r=1&_slc=1&z=270425325
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.14 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://roblox.tousekinursemanblog.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 May 2024 02:15:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://roblox.tousekinursemanblog.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
w-logo-blue-white-bg.png
roblox.tousekinursemanblog.com/wp-includes/images/
Redirect Chain
  • https://roblox.tousekinursemanblog.com/favicon.ico
  • https://roblox.tousekinursemanblog.com/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H2
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
https://roblox.tousekinursemanblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 04 May 2024 02:15:27 GMT
last-modified
Mon, 22 May 2023 01:59:52 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4119
expires
Sun, 04 May 2025 02:15:27 GMT

Redirect headers

date
Sat, 04 May 2024 02:15:27 GMT
server
nginx
x-redirect-by
WordPress
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://roblox.tousekinursemanblog.com/wp-includes/images/w-logo-blue-white-bg.png
cache-control
max-age=0
link
<https://roblox.tousekinursemanblog.com/wp-json/>; rel="https://api.w.org/"
content-length
0
expires
Sat, 04 May 2024 02:15:27 GMT
admin-ajax.php
roblox.tousekinursemanblog.com/wp-admin/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://roblox.tousekinursemanblog.com/wp-admin/admin-ajax.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.118.32 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv13351.xserver.jp
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://roblox.tousekinursemanblog.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:15:28 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://roblox.tousekinursemanblog.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
x-robots-tag
noindex
content-length
0
expires
Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
thor-demo.fit-theme.com
URL
https://thor-demo.fit-theme.com/wp-content/uploads/2018/12/haikei.jpg

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| thickboxL10n string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF function| Swiper function| onYouTubeIframeAPIReady object| gaGlobal object| imgLoader object| jQuery112407963462786141573 object| gaplugins object| gaData

4 Cookies

Domain/Path Name / Value
.tousekinursemanblog.com/ Name: _ga_2RP685Q1XB
Value: GS1.1.1714788927.1.0.1714788927.0.0.0
.tousekinursemanblog.com/ Name: _ga
Value: GA1.2.1546972808.1714788927
.tousekinursemanblog.com/ Name: _gid
Value: GA1.2.2082735230.1714788927
.tousekinursemanblog.com/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://thor-demo.fit-theme.com/wp-content/uploads/2018/12/haikei.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
roblox.tousekinursemanblog.com
secure.gravatar.com
thor-demo.fit-theme.com
www.google-analytics.com
www.googletagmanager.com
thor-demo.fit-theme.com
142.251.222.14
162.43.118.32
2404:6800:4004:812::2008
2404:6800:4004:813::200a
2404:6800:4004:821::2003
2404:6800:4004:821::200a
2404:6800:4004:824::200e
2a04:fa87:fffe::c000:4902
12a453fd069f01ab806fc3fa26e8c9f74bb5041cb4979e2bebeaddf6db611389
1b83ccf1e1b226f6808701d8bcf65a0086dc273a5f0f43009376c1afd5b8c29e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
3d8e8ab81993e27d2886889248e0ff50a90329b04e022c65d30bd6ac61465ebb
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
573bb474a60bf91053ae6e6dbee83b4dfd2d4489bb7e130ce0460de37624f6f5
63e23bf50c328a1cc9f6776a0e1b1d0eb3bdddb466947b30e68ff7a6c0493a83
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
6eae8d01ad8d47be6ce5679f03dfb2b681fedd9bb56a52e635e0bd0d2b2c1190
751359312a158b29c2101fe1f9bf02e1935aef1acb1b7c27e1397a4e752fe1b8
77c0b6ba36b62072af6e27681d431fbd6a6f5fcfe4e8fd79371964bc13f96d68
7cb11fd1bf03b9b7eb36894ba2bb9bfd7c05c832d390d1798f333dec98f0d637
8aeb52bfd69b48dd91ab5ab457e493b11754faf5bc880e4f2b1803cd50389481
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9a96715c711864031d765c36298446b205f7c40d39b63c94021fab2bc60962a3
9bfb6568df025ccfd3f9568eb94b7a8776e98493e153ce2e9d05abf986c049c8
b134765ef3323a8fa2bb06a2d71f12f77db2a81ce9fe6d120085b3c50917a2b9
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b8cbe0777a736150045b4489a25d13a439b7eadb1515ebe1c447c4ea6b971e9a
bc5c55ee670e3f5f9cf027b4199adcab5a12edf9ff98c342d7c455eaa22e72ce
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c271a615ac35fe45ae21ae6089de9c2b44390eef017b63295e194676fb8a1732
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e29a83a0046e9ab1ae6d562fc1e4ef77b20430f80d5996cfcd777cdb7428289c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bad4a3438d9b4ca528b2669d1867ed9a0e674c22b63b2e90cb3f28d20c202a