forouasd.xn--2-rga.com Open in urlscan Pro Puny
forouasd.2ñ.com IDN
2a00:1450:4001:812::2013  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response forouasd.xn--2-rga.com/	234 KB 37 KB	260ms 151ms	Document text/html	2a00:1450:4001:812::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash edfc5cba370cbc430ca3f852e7260b01e73d23d5183aa4ac470dee89f5084e0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0 content-encoding gzip content-length 37849 content-type text/html; charset=UTF-8 date Wed, 14 Sep 2022 12:54:35 GMT etag W/"5208770df4272f9612aa97be9269dc30ebc270c2cd183107a1354ee8d1358728" expires Wed, 14 Sep 2022 12:54:35 GMT last-modified Sat, 10 Sep 2022 04:13:48 GMT server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	fontawesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/	56 KB 11 KB	80ms 34ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/fontawesome.min.css Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed8325c2420b4c9126d1349e9e0343b3352e352799bb8293377cfb5eb85442f7 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3083978 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10184 timing-allow-origin * last-modified Wed, 15 Jul 2020 18:15:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f0f47d3-e09f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0L4y6zPJcmjOleC0GG55V71vV8yQioua%2F%2Bh%2B038RGExn2nUL2gfGzVWNFdi%2F1Ofb%2FZGsj%2FcAagz98ijhogAVWeG3Yk6jxH13sm%2F1TAVmeGl%2BtcrDMei59PqvGMlbq6gULJDM%2FIfsgEznybv6VUz7Jr%2B"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74a945aa4fe40215-ZRH expires Mon, 04 Sep 2023 12:54:35 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	166 KB 57 KB	132ms 81ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8bf77ee533cef7e9fa3c365ff813a9041c813f814f89b6c4506525fd6c7994a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57875 x-xss-protection 0 server cafe etag 10251091442261287640 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 14 Sep 2022 12:54:36 GMT
GET H2	200	AVvXsEiSJo9G1ubsxnGG5dRd2H0xk3mTwj_KLiZ59p33vRom0LgqK34z_FGSOmY-HjhGtcqdzQ191Nt0vRYf6m_4yunSbfemPinkhj9sItlz2egHdgDqWyXHV999SjeTnHWa_XmoLiG9FCFwfshT9fSCcyLou36PF2Hkhwj3QW4baqBtwyuKJz3OFQU0mHp8MQ=s350 blogger.googleusercontent.com/img/a/	16 KB 16 KB	459ms 407ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/a/AVvXsEiSJo9G1ubsxnGG5dRd2H0xk3mTwj_KLiZ59p33vRom0LgqK34z_FGSOmY-HjhGtcqdzQ191Nt0vRYf6m_4yunSbfemPinkhj9sItlz2egHdgDqWyXHV999SjeTnHWa_XmoLiG9FCFwfshT9fSCcyLou36PF2Hkhwj3QW4baqBtwyuKJz3OFQU0mHp8MQ=s350 Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 0017f1cda0e9eff90dad90977cfd5719ce36f9c8871f72fc071268685159fec2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT x-content-type-options nosniff server fife etag "v2b50" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="foro-uasd-wht.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16207 x-xss-protection 0 expires Thu, 15 Sep 2022 12:54:36 GMT
GET H3	200	fa-solid-900.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/	78 KB 79 KB	82ms 53ms	Font application/octet-stream	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2 Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://forouasd.xn--2-rga.com/ Origin https://forouasd.xn--2-rga.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 719746 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 80148 timing-allow-origin * last-modified Wed, 15 Jul 2020 18:15:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f0f47d3-13914" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2eR3%2FgsVogvmceore56Y3DDvrwK%2B4egKYKAauni%2FGJyGSdkLf0heu4Ght3O5KxuHYI38Tu2Z4X91I3JtrF%2FhMi2w2EYDh218Jmj6ZtNAsz0D8zKBb%2FeAixqUZeVYir3fYw%2Fu9mCGb5EKHyUZ1QcBJX%2B"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74a945aaf94f0215-ZRH expires Mon, 04 Sep 2023 12:54:36 GMT
GET H2	200	QGYsz_wNahGAdqQ43Rh_fKDp.woff2 fonts.gstatic.com/s/worksans/v8/	51 KB 51 KB	72ms 33ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d44818149772885a471e8bedfac070b642f433961c01829b50fa4dcaadba5e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://forouasd.xn--2-rga.com/ Origin https://forouasd.xn--2-rga.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:59:31 GMT x-content-type-options nosniff age 586505 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52404 x-xss-protection 0 last-modified Fri, 26 Jun 2020 02:46:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 07 Sep 2023 17:59:31 GMT
GET H2	200	profesores-recomendables-uasd.jpg 1.bp.blogspot.com/-iLfqiQZw_jg/X9Q2qZoJY-I/AAAAAAAAA8g/EEF8TcIchJ8AC_F5TPJ28AqXp0fAazn9QCLcBGAsYHQ/w100/	4 KB 5 KB	78ms 26ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-iLfqiQZw_jg/X9Q2qZoJY-I/AAAAAAAAA8g/EEF8TcIchJ8AC_F5TPJ28AqXp0fAazn9QCLcBGAsYHQ/w100/profesores-recomendables-uasd.jpg Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 6ff91779a57ab1d1e6815f68366f3712863ec95e4bccb8d7551a25c3c4897e3f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT x-content-type-options nosniff server fife etag "v3c9" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="profesores-recomendables-uasd.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4335 x-xss-protection 0 expires Thu, 15 Sep 2022 12:54:36 GMT
GET H2	200	AVvXsEjuNti2VVG6uYod25-3abZamKK5aq92svKBqUjxWwTr1hfYVs0u-hCyHM2bZkD46auzxZ34nOObwZjFd35RHuvvYPghV1POrsK9x366bN3ygiqlEQEVNdYcm_O5I9fcONh_eKtpy9LD7AfBdhe4PPPRgxsJD5QvuEihbSzBArHezEUcDx3hcACzB-lK_w=s350 blogger.googleusercontent.com/img/a/	16 KB 16 KB	436ms 420ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/a/AVvXsEjuNti2VVG6uYod25-3abZamKK5aq92svKBqUjxWwTr1hfYVs0u-hCyHM2bZkD46auzxZ34nOObwZjFd35RHuvvYPghV1POrsK9x366bN3ygiqlEQEVNdYcm_O5I9fcONh_eKtpy9LD7AfBdhe4PPPRgxsJD5QvuEihbSzBArHezEUcDx3hcACzB-lK_w=s350 Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 0017f1cda0e9eff90dad90977cfd5719ce36f9c8871f72fc071268685159fec2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT x-content-type-options nosniff server fife etag "v2b52" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="foro-uasd-wht.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16207 x-xss-protection 0 expires Thu, 15 Sep 2022 12:54:36 GMT
GET H3	200	fa-brands-400.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/	76 KB 76 KB	110ms 109ms	Font application/octet-stream	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2 Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://forouasd.xn--2-rga.com/ Origin https://forouasd.xn--2-rga.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2999911 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77400 timing-allow-origin * last-modified Wed, 15 Jul 2020 18:15:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f0f47d3-12e58" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYZH9wBu7RTapkKDIFj7qpQtMUqkHfX2FRG0G5pNvXvCiuOxe%2FkqkWRojrXtmpu6dcgBmLGcbQ9fWcNWpQcErs5UREhEaoEM4qaZCEJMu2lDTewXi54NMdPxBdH5jmXtwAqKhHRjXK13YglkGL2ss5dC"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74a945aaf9740215-ZRH expires Mon, 04 Sep 2023 12:54:36 GMT
GET H2	200	QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2 fonts.gstatic.com/s/worksans/v8/	49 KB 49 KB	23ms 17ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/worksans/v8/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2 Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a63f818229b780be68dcf74c831821318e9decb517286efcdddf1c81b7c0202d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://forouasd.xn--2-rga.com/ Origin https://forouasd.xn--2-rga.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 13 Sep 2022 08:15:49 GMT x-content-type-options nosniff age 103127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49692 x-xss-protection 0 last-modified Fri, 26 Jun 2020 02:11:48 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 13 Sep 2023 08:15:49 GMT
GET H3	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/	87 KB 28 KB	76ms 49ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5511446 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27958 timing-allow-origin * last-modified Mon, 04 May 2020 23:01:39 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb09ed3-15d84" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHy%2Bdev35Nef%2Fq8nBZ6cOZLL%2BUJlgvpeofmJKG04Y26%2Fjl4r7UwbM2K5GhQ6QGT0xEQvwbmyWglpNibzDbNscJN97OtnRJMm9LiK9rMjf14wT%2B7LcqplXORWpeBCW6W789Q1qNp9X2zaC6K99xriIFHs"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74a945ab4cf101eb-ZRH expires Mon, 04 Sep 2023 12:54:36 GMT
GET H2	200	cookienotice.js Show response forouasd.xn--2-rga.com/js/	6 KB 2 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:812::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://forouasd.xn--2-rga.com/js/cookienotice.js Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 14 Sep 2022 10:52:00 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 2026 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Wed, 21 Sep 2022 12:54:36 GMT
GET H2	200	3753684042-widgets.js Show response www.blogger.com/static/v1/widgets/	154 KB 56 KB	59ms 17ms	Script text/javascript	2a00:1450:4001:831::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/3753684042-widgets.js Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:22:12 GMT content-encoding gzip x-content-type-options nosniff age 1944 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57039 x-xss-protection 0 last-modified Thu, 08 Sep 2022 20:54:17 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Thu, 14 Sep 2023 12:22:12 GMT
GET H3	200	universidadsantodomingo.png 1.bp.blogspot.com/-QpeobOBwjCs/YELKvX02nuI/AAAAAAAAFYI/aKwfJ9xH2BAOlwujT9UNkVw5YfD42cK4gCLcBGAsYHQ/w145-h100-p-k-no-nu/	9 KB 9 KB	63ms 32ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-QpeobOBwjCs/YELKvX02nuI/AAAAAAAAFYI/aKwfJ9xH2BAOlwujT9UNkVw5YfD42cK4gCLcBGAsYHQ/w145-h100-p-k-no-nu/universidadsantodomingo.png Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e855a919e9e297f8c01d8f8b582c28e5e03974768feac77ca71e34b099a7e384 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT x-content-type-options nosniff server fife etag "v1583" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="universidadsantodomingo.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8993 x-xss-protection 0 expires Thu, 15 Sep 2022 12:54:36 GMT
GET H3	200	profesores-recomendables-uasd.jpg 1.bp.blogspot.com/-iLfqiQZw_jg/X9Q2qZoJY-I/AAAAAAAAA8g/EEF8TcIchJ8AC_F5TPJ28AqXp0fAazn9QCLcBGAsYHQ/w145-h100-p-k-no-nu/	6 KB 6 KB	61ms 30ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-iLfqiQZw_jg/X9Q2qZoJY-I/AAAAAAAAA8g/EEF8TcIchJ8AC_F5TPJ28AqXp0fAazn9QCLcBGAsYHQ/w145-h100-p-k-no-nu/profesores-recomendables-uasd.jpg Requested by Host: forouasd.xn--2-rga.com URL: https://forouasd.xn--2-rga.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 3bb784e6349d54c4636cc6b5dd4b2e29efc59494710e43e6b571fea2d1e9c2f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT x-content-type-options nosniff server fife etag "v3c9" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="profesores-recomendables-uasd.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6242 x-xss-protection 0 expires Thu, 15 Sep 2022 12:54:36 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/	346 KB 122 KB	137ms 105ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926677069109551&plah=forouasd.xn--2-rga.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8451696b71978a9d2b9fbd9fb4fecfa1f76f02fe4a129031161a3202a4b59fca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 124742 x-xss-protection 0 server cafe etag 10148498151709338688 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 14 Sep 2022 12:54:36 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/ Frame A9A1	10 KB 5 KB	63ms 16ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://forouasd.xn--2-rga.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 24430 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding gzip content-length 4412 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 14 Sep 2022 06:07:26 GMT etag 8616628553774171045 expires Wed, 28 Sep 2022 06:07:26 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	217 B 645 B	91ms 25ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=forouasd.xn--2-rga.com&callback=_gfp_s_&client=ca-pub-3926677069109551 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926677069109551&plah=forouasd.xn--2-rga.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 54f52777fe320e639a99e5c1626c51d8c437d19761d96e91e55e40809030b21f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 201 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	74ms 31ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=forouasd.xn--2-rga.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926677069109551&plah=forouasd.xn--2-rga.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers timing-allow-origin * date Wed, 14 Sep 2022 12:54:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	75ms 25ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=forouasd.xn--2-rga.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926677069109551&plah=forouasd.xn--2-rga.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers timing-allow-origin * date Wed, 14 Sep 2022 12:54:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame F85B	603 B 67 B	88ms 55ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3926677069109551&output=html&adk=1812271804&adf=3025194257&lmt=1662783228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fforouasd.xn--2-rga.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663160076182&bpp=2&bdt=359&idt=243&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2134144216291&frm=20&pv=2&ga_vid=972194714.1663160076&ga_sid=1663160076&ga_hid=601405446&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069177&oid=2&pvsid=359621463756554&tmod=1530511797&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926677069109551&plah=forouasd.xn--2-rga.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://forouasd.xn--2-rga.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 14 Sep 2022 12:54:36 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	96ms 63ms	XHR application/json	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926677069109551&plah=forouasd.xn--2-rga.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 04d65a07e5b79c3e799408a5f1ef44129be489968ea20e104eedbcc6ad4549e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers timing-allow-origin * date Wed, 14 Sep 2022 12:54:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11280 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	64ms 24ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3926677069109551&plah=forouasd.xn--2-rga.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 14 Sep 2022 12:54:36 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF68	13 KB 5 KB	57ms 16ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://forouasd.xn--2-rga.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1454 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 14 Sep 2022 12:30:22 GMT expires Thu, 14 Sep 2023 12:30:22 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 7BD2	783 B 1 KB	70ms 28ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 869526e790e3114298ce8d62e2a726153f881c6852e68ff5e1cbdb4016d1ef8f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-EKlWLac5-PeFCsjddv_Fdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forouasd.xn--2-rga.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-EKlWLac5-PeFCsjddv_Fdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 14 Sep 2022 12:54:36 GMT expires Wed, 14 Sep 2022 12:54:36 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js Show response pagead2.googlesyndication.com/bg/ Frame EF68	36 KB 16 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/OdDKsMxR2L_jTiLQalWX8qaF4EOl3zhymuRIoesSTkk.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 11:29:04 GMT content-encoding gzip x-content-type-options nosniff age 5132 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16231 x-xss-protection 0 last-modified Thu, 08 Sep 2022 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Sep 2023 11:29:04 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 7BD2	0 0	48ms 48ms	Image text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220912&jk=359621463756554&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame EF68	0 10 B	16ms 16ms	Image text/plain	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?R8d6bQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 12:54:36 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	54ms 54ms	Image text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220912&jk=359621463756554&bg=!1tWl1ZHNAAbG3AOo5tw7ACkAdvg8Wt3UwZcHoYiiWU59EwG50VdKZcBXGsOD75W-xNcepnaJ7EIqswIAAABAUgAAAAFoAQeZAt0xnn5iQcY5F3qNmyYUGcoepUkpthpsiiMulniZpcaXHK4loayx3RnQC5wG2UnfDOMFYefnEdVFhhRttuZZ9Dy6KQQLRQTtwMXlXxYqsBvsLFq0_x276yeyMy_TPpeqFnMX1VIywgpFsyUyq-AHVXIUrHYlSwEeJB7DmemNyFDYf1WikPvpGlHLVbhgyG1LM9XnAikF2YFsQbcVJ7f5mK53zFqNVQd5sDr2Ih_V1cl83XexJH8p_xYxMbdK3hLAvqS_4cffXVNk0Y3tK0TEx6QmxUJXpImSQLYtijgx0jTYyeQKlxbgbwHZkHLzwmtO-AjFT7nH9kimyyQPhfLACPW7pyECNLomeGFFvcW6Y4vJUXgYwApQLFqLH_Tw6sCOmRTaO5wIlw8NsrIfkJ79NvbjLHOywZ6tVY65481e4_MhNaCTNwxAkbGj3w4Fe10_AFsHen_KJCYsdAkCLCv4oAyxJK4PDtRVDIZUyYCS4RWFSjqCWbHfv_4STIz1U6tXRAGvYXtwM_4BE4GWvOM0K8rRsj1IlZnTGsKLxDGN9kedi7Eo6gaHheABsLw2jyjCeEpu53JXlyWjh_slM8HLt0ZIHW27XlJF5zHpGTy_76-VJctfD4-khm5F8skjVANPX8EzYmr3pQXeQ2dpWp3adMluFDRxhzZTKJQFtvwqvwPZAAoWFRenEnWkKdxcuLWuRwGhLal50z6E4eUGpX44BU7gIws1ygrP0BKO31GoEZZzEnAYEHfL4DV8rzRtamb8WEfmpey87f7XyY7gzAUkV-qZ25NBoNr_fLufeSgpjK2UkIMLR6U7F3QvtY2yhpYwrbISNu_K_0We59oQyCYSCDCqSWUdA32Rlv7MxCEjhIQ24DCpgNwOH1jq_TeqXwKlmPEFPTyid_EV-NTJbBRsch_KjP2zSro3r6qhitHXSLZe1_FBYzX0FqOJA54j6pvgTBzZerMM4rg-u9r-shsU Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forouasd.xn--2-rga.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| noThumbnail boolean| fixedMenu boolean| fixedSidebar string| fbCommentsTheme object| adsbygoogle object| exportify string| disqusShortname string| commentsSystem number| postPerPage function| $ function| jQuery object| _$_obify3 object| _$_obify2 object| _$_obify1 function| shortCodeIfy function| msgError function| beforeLoader function| getFeedUrl function| getPostLink function| getPostTitle function| getFirstImage function| getPostImage function| getPostImageType function| getPostComments function| getAjax function| ajaxRelated function| fixedSidebarIfy function| beautiAvatar function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xn--2-rga.com/	1970-01-20 15:20:56	Name: __gads Value: ID=fe8a6009270779d5-2244445d1dce0008:T=1663160076:RT=1663160076:S=ALNI_Ma1IZ6ReR59fKUwhCyVanjk9yI6lQ
			.doubleclick.net/	1970-01-20 05:59:20	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3926677069109551&output=html&adk=1812271804&adf=3025194257&lmt=1662783228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fforouasd.xn--2-rga.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663160076182&bpp=2&bdt=359&idt=243&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2134144216291&frm=20&pv=2&ga_vid=972194714.1663160076&ga_sid=1663160076&ga_hid=601405446&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069177&oid=2&pvsid=359621463756554&tmod=1530511797&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.com
adservice.google.de
blogger.googleusercontent.com
cdnjs.cloudflare.com
fonts.gstatic.com
forouasd.xn--2-rga.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
142.250.181.226
2606:4700::6811:190e
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::2013
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2009
0017f1cda0e9eff90dad90977cfd5719ce36f9c8871f72fc071268685159fec2
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04d65a07e5b79c3e799408a5f1ef44129be489968ea20e104eedbcc6ad4549e5
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
39d0cab0cc51d8bfe34e22d06a5597f2a685e043a5df38729ae448a1eb124e49
3bb784e6349d54c4636cc6b5dd4b2e29efc59494710e43e6b571fea2d1e9c2f3
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
4d44818149772885a471e8bedfac070b642f433961c01829b50fa4dcaadba5e6
54f52777fe320e639a99e5c1626c51d8c437d19761d96e91e55e40809030b21f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ff91779a57ab1d1e6815f68366f3712863ec95e4bccb8d7551a25c3c4897e3f
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
8451696b71978a9d2b9fbd9fb4fecfa1f76f02fe4a129031161a3202a4b59fca
869526e790e3114298ce8d62e2a726153f881c6852e68ff5e1cbdb4016d1ef8f
8bf77ee533cef7e9fa3c365ff813a9041c813f814f89b6c4506525fd6c7994a4
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63f818229b780be68dcf74c831821318e9decb517286efcdddf1c81b7c0202d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e855a919e9e297f8c01d8f8b582c28e5e03974768feac77ca71e34b099a7e384
ed8325c2420b4c9126d1349e9e0343b3352e352799bb8293377cfb5eb85442f7
edfc5cba370cbc430ca3f852e7260b01e73d23d5183aa4ac470dee89f5084e0f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d