urlscan.io logo urlscan.io
SecurityTrails logo

clicksud.biz Open in urlscan Pro
104.21.82.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://clicksud.biz/
Effective URL: https://clicksud.biz/
Submission: On November 24 via manual from PT — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 36 HTTP transactions. The main IP is 104.21.82.191, located in and belongs to CLOUDFLARENET, US. The main domain is clicksud.biz.
TLS certificate: Issued by GTS CA 1P5 on November 20th 2023. Valid for: 3 months.
This is the only time clicksud.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.206.50 13335 (CLOUDFLAR...)
1 10 104.21.82.191 13335 (CLOUDFLAR...)
1 172.217.16.202 15169 (GOOGLE)
1 104.16.56.101 13335 (CLOUDFLAR...)
19 19 192.0.77.2 2635 (AUTOMATTIC)
19 146.75.120.193 54113 (FASTLY)
6 142.250.186.67 15169 (GOOGLE)
36 5
1    172.67.206.50 (United States)

ASN13335 (CLOUDFLARENET, US)
clicksud.biz
10    104.21.82.191 (None, )

ASN13335 (CLOUDFLARENET, US)
clicksud.biz
1    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
fonts.googleapis.com
1    104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
19    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
i3.wp.com
i1.wp.com
i2.wp.com
19    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
6    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
19 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7022
1 MB
19 wp.com
i0.wp.com — Cisco Umbrella Rank: 3823
i3.wp.com — Cisco Umbrella Rank: 52597
i1.wp.com — Cisco Umbrella Rank: 8598
i2.wp.com — Cisco Umbrella Rank: 8766
4 KB
11 clicksud.biz
clicksud.biz
204 KB
6 gstatic.com
fonts.gstatic.com
162 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
36 6
Domain Requested by
19 i.imgur.com clicksud.biz
11 clicksud.biz 2 redirects clicksud.biz
static.cloudflareinsights.com
8 i3.wp.com 8 redirects
6 fonts.gstatic.com fonts.googleapis.com
5 i0.wp.com 5 redirects
4 i1.wp.com 4 redirects
2 i2.wp.com 2 redirects
1 static.cloudflareinsights.com clicksud.biz
1 fonts.googleapis.com clicksud.biz
36 9

This site contains links to these domains. Also see Links.

Domain
bit.ly
www.facebook.com
www.twitch.tv
Subject Issuer Validity Valid
clicksud.biz
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://clicksud.biz/
Frame ID: 5FDC2DC8EABB3A104D8FEFCBFFABD692
Requests: 34 HTTP requests in this frame

Frame: https://clicksud.biz/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: B4728F66D897708B797B794A1B8280DC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Clicksud - Lumea ta digitală

Page URL History Show full URLs

  1. http://clicksud.biz/ HTTP 301
    https://clicksud.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

36
Requests

44 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

5
IPs

3
Countries

1533 kB
Transfer

2671 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://clicksud.biz/ HTTP 301
    https://clicksud.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://i0.wp.com/i.imgur.com/DHaAMto.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/DHaAMto.jpg
Request Chain 7
  • https://i3.wp.com/i.imgur.com/qxksnja.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/qxksnja.jpg
Request Chain 8
  • https://i1.wp.com/i.imgur.com/JZPIzrv.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/JZPIzrv.jpg
Request Chain 9
  • https://i3.wp.com/i.imgur.com/S0VS69f.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/S0VS69f.jpg
Request Chain 10
  • https://i1.wp.com/i.imgur.com/poNogXU.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/poNogXU.jpg
Request Chain 11
  • https://i2.wp.com/i.imgur.com/CLDwcSY.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/CLDwcSY.jpg
Request Chain 12
  • https://i3.wp.com/i.imgur.com/VjVR8Ps.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/VjVR8Ps.jpg
Request Chain 13
  • https://i1.wp.com/i.imgur.com/DWhwApS.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/DWhwApS.jpg
Request Chain 14
  • https://i0.wp.com/i.imgur.com/8YTyOcD.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/8YTyOcD.jpg
Request Chain 15
  • https://i0.wp.com/i.imgur.com/dEFbXR6.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/dEFbXR6.jpg
Request Chain 16
  • https://i3.wp.com/i.imgur.com/45ckVUP.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/45ckVUP.jpg
Request Chain 17
  • https://i1.wp.com/i.imgur.com/uCcXUQj.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/uCcXUQj.jpg
Request Chain 18
  • https://i3.wp.com/i.imgur.com/AL3nS8G.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/AL3nS8G.jpg
Request Chain 19
  • https://i3.wp.com/i.imgur.com/q3FvWIW.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/q3FvWIW.jpg
Request Chain 20
  • https://i3.wp.com/i.imgur.com/PjVZd9h.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/PjVZd9h.jpg
Request Chain 21
  • https://i0.wp.com/i.imgur.com/uQ6XZI6.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/uQ6XZI6.jpg
Request Chain 22
  • https://i3.wp.com/i.imgur.com/GLXGCyd.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/GLXGCyd.jpg
Request Chain 23
  • https://i2.wp.com/i.imgur.com/ttkX5MR.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/ttkX5MR.jpg
Request Chain 24
  • https://i0.wp.com/i.imgur.com/sFSn6tR.jpg?resize=696&w=696 HTTP 302
  • https://i.imgur.com/sFSn6tR.jpg
Request Chain 32
  • https://clicksud.biz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://clicksud.biz/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
clicksud.biz/
Redirect Chain
  • http://clicksud.biz/
  • https://clicksud.biz/
311 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clicksud.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Rocket/3.10.4
Resource Hash
552e87d86d9b6e5974d75cd45cfdef369540d310eab197c3010de610c4940a7c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, public
cf-cache-status
DYNAMIC
cf-ray
82b1d18b6bc7367c-MAD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 12:57:35 GMT
expires
Fri, 24 Nov 2023 12:57:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Hl6%2Fg8T3zBP8E3QdYkG%2B8M4J7EjrX%2FHRO9MKBqel6BKD%2FXJfQKDn1B2GOBcIw5Ulc2Py7qL5CWo%2FKo5KNPfXtXI1AHKd4d2IxrjN1K9ata7N7VV%2FvxaTk7uU%2BGczz4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding User-Agent,Accept-Encoding
x-powered-by
WP Rocket/3.10.4

Redirect headers

CF-RAY
82b1d189e8ed18a2-MRS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 24 Nov 2023 12:57:35 GMT
Expires
Fri, 24 Nov 2023 13:57:35 GMT
Location
https://clicksud.biz/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tawaknedJrPzfUUywN3MwUek%2FimB8Jqt5PDF9rUVrRASgVNFVKlWwNg9rby6qII119vigl%2FBsHTJrJ3TonkkdmkzEtEhWyFf2z7VRSZMQ0cT5QDHeex%2BUMTGJ3HgEWE%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
02714dc9f89f69ca28212c834b8be72d.css
clicksud.biz/wp-content/cache/min/1/ 		948 KB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clicksud.biz/wp-content/cache/min/1/02714dc9f89f69ca28212c834b8be72d.css
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d13f28fa66b7c6a27998c4b1f2670e74efe40218489b6626da725ae741a5dd

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:35 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67089
cf-polished
origSize=973734
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 23 Nov 2023 18:18:58 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCJdWbCAHJs626xoXtMAea79vl%2FBnSjRNa1vXJKGAiAK6j8QPiu8aU1OBZYWN1nywZZ%2FxCwe%2FRSABMzWQM%2F7ufZbqiwAASgJC8CHMEGSTrmcuHGMoaxfRr8L8jxrTYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82b1d18f7b30367c-MAD
expires
Fri, 22 Nov 2024 18:19:26 GMT
css
fonts.googleapis.com/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CQuicksand%3A600%2C400%2C700%7CMuli%3A400&display=swap&ver=12.5.1
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
d04f7b8346c3af41156a7e51c0dfe9bd2f18833f9ead61a45d440da4b3b12d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 12:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 12:57:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 12:57:36 GMT
clicksud-1-min.png
clicksud.biz/wp-content/uploads/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clicksud.biz/wp-content/uploads/clicksud-1-min.png
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f747bee2364ba2e1f150ca17a9b4483674903684f2b20a9060d8890beacf540

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Mar 2023 20:46:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2022833
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9vMwbWfw2KWS4lkuuTL7zrHGW4GVX1E6jqTtzc1RD2NGXdO9Ed6A8AT7ZhN%2BKbLQUWswXGXczcB%2F0uc88jb%2BMXTuPBjdMx9yntU9%2FojgUyzEtZuCheM6cHX9LhEwqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
82b1d18fcbe0367c-MAD
alt-svc
h3=":443"; ma=86400
content-length
3744
expires
Thu, 29 Feb 2024 03:03:41 GMT
lazyload.min.js
clicksud.biz/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clicksud.biz/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 20 Jan 2022 01:38:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2005660
vary
Accept-Encoding, Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulMdwgYpq7Ma8o7UUg8JsTay1IY1zJO3DS6TznxtWX5nwN3Jhg2BLBOs%2Fg7Sn%2BQSEf%2FNhnlcrUl2i4lUxHuDaj%2BXqrFV1yPzNzec2gTwkXxeAXKxdxwpF%2BVMYZ2a9YY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82b1d190c957216c-MAD
alt-svc
h3=":443"; ma=86400
priority
u=3,i=?0
expires
Thu, 31 Oct 2024 07:49:56 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://clicksud.biz/
Origin
https://clicksud.biz
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
82b1d1915da17111-LIS
mgoZZFP.jpg
clicksud.biz/wp-content/uploads/ 		272 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clicksud.biz/wp-content/uploads/mgoZZFP.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8242bea524220a4d6b10461cff17e594c1bb6ded57c17bd55dbae1c4a08da42b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2018960
alt-svc
h3=":443"; ma=86400
content-length
272
last-modified
Tue, 19 Jul 2022 14:44:13 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsGeDNXKODCm%2BvmTh7Ri1MxAsQdO9J8t6%2F1RJuGPzEJXNU4yvIZYwnTQKcJiPhDe6Fr2gDJlUOyC7lqbVF%2FRN26qoXVrrwFSZVoAm5ZteCC8k2OB%2FhB9WK2Q0c4QrdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
82b1d192dd19216c-MAD
priority
u=3,i
expires
Thu, 29 Feb 2024 04:08:16 GMT
DHaAMto.jpg
i.imgur.com/
Redirect Chain
  • https://i0.wp.com/i.imgur.com/DHaAMto.jpg?resize=696&w=696
  • https://i.imgur.com/DHaAMto.jpg
46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/DHaAMto.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
43bbbc5bd1451625527af607a4a698ac466e21d9ab2b45f4559f5869e1602819
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD55-P2
age
3896103
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
46955
x-served-by
cache-iad-kiad7000043-IAD, cache-fra-etou8220100-FRA
last-modified
Thu, 31 Aug 2023 06:17:54 GMT
server
cat factory 1.0
x-timer
S1700830657.849153,VS0,VE0
etag
"17f6f4fa3eda40f10bf58ad07e754eed"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
trvakDD523o7j-kICVzwEVizX6rSO16ehPrfbhiFiNxCl-QN54deng==
x-cache-hits
955, 3

Redirect headers

x-nc
HIT mad 4
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/DHaAMto.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
qxksnja.jpg
i.imgur.com/
Redirect Chain
  • https://i3.wp.com/i.imgur.com/qxksnja.jpg?resize=696&w=696
  • https://i.imgur.com/qxksnja.jpg
90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/qxksnja.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
803bd4bf8d7643b7c7cb1a3cb7e3ba194b241a5bcb51ea33a3a293c0e2fad72d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
age
920845
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, MISS, HIT
content-length
92048
x-served-by
cache-iad-kiad7000141-IAD, cache-fra-etou8220100-FRA
last-modified
Mon, 13 Nov 2023 21:10:12 GMT
server
cat factory 1.0
x-timer
S1700830657.849678,VS0,VE0
etag
"205003db9db8261e4a30a63175768c79"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Y-chjHrMUn17Q63oaXMjUZceSIUGCgBDBsFdSmSQ_h93qfv7iR2yVw==
x-cache-hits
0, 21790

Redirect headers

x-nc
HIT mad 2
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/qxksnja.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
JZPIzrv.jpg
i.imgur.com/
Redirect Chain
  • https://i1.wp.com/i.imgur.com/JZPIzrv.jpg?resize=696&w=696
  • https://i.imgur.com/JZPIzrv.jpg
42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/JZPIzrv.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
54d5792e37008bd3ce28d4831554e3c30eec13427bb2a1b4e0638c6913f77a98
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
3723890
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
43136
x-served-by
cache-iad-kcgs7200143-IAD, cache-fra-etou8220100-FRA
last-modified
Wed, 18 Jan 2023 22:33:31 GMT
server
cat factory 1.0
x-timer
S1700830657.849594,VS0,VE1
etag
"21ffcc0cf4deae63ba33f777d5d97970"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
su1n3SZfdHls5lLTqJcN86SF4Vro7AVkn-du-aFxkaAKyzh7wv22YQ==
x-cache-hits
144, 1

Redirect headers

x-nc
HIT mad 3
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/JZPIzrv.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
S0VS69f.jpg
i.imgur.com/
Redirect Chain
  • https://i3.wp.com/i.imgur.com/S0VS69f.jpg?resize=696&w=696
  • https://i.imgur.com/S0VS69f.jpg
46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/S0VS69f.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f27a3460eb99487506ff4f183ded9dfe68f543cf2140f49b34956a9c8fe391e8
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
182050
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, MISS, HIT
content-length
46684
x-served-by
cache-iad-kiad7000093-IAD, cache-fra-etou8220100-FRA
last-modified
Wed, 22 Nov 2023 10:23:27 GMT
server
cat factory 1.0
x-timer
S1700830657.897015,VS0,VE4
etag
"03678cc95f3363cab5c0285d2d0d0fb2"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lLSdCIsY18l1jGEsuZ66Jpiu4CWL_DksrTwRA0QtoBBO5LTydWVj0w==
x-cache-hits
0, 1

Redirect headers

x-nc
HIT mad 4
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/S0VS69f.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
poNogXU.jpg
i.imgur.com/
Redirect Chain
  • https://i1.wp.com/i.imgur.com/poNogXU.jpg?resize=696&w=696
  • https://i.imgur.com/poNogXU.jpg
112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/poNogXU.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
612210d47e562ebf11311ec9501fb0437a37af14a5552f4d4217a63b9b6e9a9c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
3274996
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
114479
x-served-by
cache-iad-kcgs7200150-IAD, cache-fra-etou8220100-FRA
last-modified
Thu, 14 Sep 2023 19:18:01 GMT
server
cat factory 1.0
x-timer
S1700830657.849594,VS0,VE1
etag
"3bdae6a1adf4a4a800c664c42853db63"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UEZ6JessZ1J7douc_iFtmqn4-C2hXht_5AeZxI_gntGWOm_vOgP6Kw==
x-cache-hits
327, 1

Redirect headers

x-nc
HIT mad 5
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/poNogXU.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
CLDwcSY.jpg
i.imgur.com/
Redirect Chain
  • https://i2.wp.com/i.imgur.com/CLDwcSY.jpg?resize=696&w=696
  • https://i.imgur.com/CLDwcSY.jpg
63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/CLDwcSY.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f796fc0d7f1665dddc67f5f52a47246de71c68c94e8508885f729494c3397f9a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
690341
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, MISS, HIT
content-length
64679
x-served-by
cache-iad-kjyo7100070-IAD, cache-fra-etou8220100-FRA
last-modified
Thu, 16 Nov 2023 13:11:56 GMT
server
cat factory 1.0
x-timer
S1700830657.896546,VS0,VE1
etag
"2a60fac7c8f45ca7263b9232c3275333"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7Wu2piZ4bRoRM1sPXiIT5585xaYudDBwY8lsMTdhEMcqBX_CE_PrFQ==
x-cache-hits
0, 1

Redirect headers

x-nc
HIT mad 4
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/CLDwcSY.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
VjVR8Ps.jpg
i.imgur.com/
Redirect Chain
  • https://i3.wp.com/i.imgur.com/VjVR8Ps.jpg?resize=696&w=696
  • https://i.imgur.com/VjVR8Ps.jpg
56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/VjVR8Ps.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a57dbd88e0b1c1e5056532358fadac159a8ec97e7a571061790a80a14785b871
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P6
age
4400322
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
56950
x-served-by
cache-iad-kjyo7100121-IAD, cache-fra-etou8220100-FRA
last-modified
Thu, 24 Aug 2023 17:25:50 GMT
server
cat factory 1.0
x-timer
S1700830657.897472,VS0,VE1
etag
"14fb869c8bbf843133dcbf9b1e715d79"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8Hkk2JjNAjHPE2D_6JHIg6a2KstJAw5G7erFzK3ZcMt2wniYJzhRzw==
x-cache-hits
1378, 1

Redirect headers

x-nc
HIT mad 3
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/VjVR8Ps.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
DWhwApS.jpg
i.imgur.com/
Redirect Chain
  • https://i1.wp.com/i.imgur.com/DWhwApS.jpg?resize=696&w=696
  • https://i.imgur.com/DWhwApS.jpg
63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/DWhwApS.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
461a8f40fe6308ce4f17c5e1514e5aa28af91f443ec757cb14425e0a408d046a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
1550650
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
64739
x-served-by
cache-iad-kiad7000067-IAD, cache-fra-etou8220100-FRA
last-modified
Mon, 28 Aug 2023 14:58:02 GMT
server
cat factory 1.0
x-timer
S1700830657.849811,VS0,VE1
etag
"8afa4dbf2f5e4b00435f30f2785f5839"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dVXEgT7HcBDvUWTpiMviL0CSarKQ6ib569nKa9HsLPdBblCXK_K9rw==
x-cache-hits
1559, 1

Redirect headers

x-nc
HIT mad 3
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/DWhwApS.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
8YTyOcD.jpg
i.imgur.com/
Redirect Chain
  • https://i0.wp.com/i.imgur.com/8YTyOcD.jpg?resize=696&w=696
  • https://i.imgur.com/8YTyOcD.jpg
65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/8YTyOcD.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
36b43a500039f1d4727ae24e9caec01492d4f765601e54f10927d0ae0c718370
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
3211297
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
66125
x-served-by
cache-iad-kiad7000062-IAD, cache-fra-etou8220100-FRA
last-modified
Tue, 12 Sep 2023 17:34:05 GMT
server
cat factory 1.0
x-timer
S1700830657.849151,VS0,VE1
etag
"05d8e9b7d1049cbd1fd59671a5e18c10"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3rlXyu2lbR8Dj7lp_NcuDaoDvgA2BOwVKYzR22kR9ueKEcLUPRc70A==
x-cache-hits
1430, 1

Redirect headers

x-nc
HIT mad 6
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/8YTyOcD.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
dEFbXR6.jpg
i.imgur.com/
Redirect Chain
  • https://i0.wp.com/i.imgur.com/dEFbXR6.jpg?resize=696&w=696
  • https://i.imgur.com/dEFbXR6.jpg
86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/dEFbXR6.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9aca454381988a1a93e1e3add51cde190221d55e921e7d4c9b1fdf8db456ca88
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
82907
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, MISS, HIT
content-length
87870
x-served-by
cache-iad-kiad7000144-IAD, cache-fra-etou8220100-FRA
last-modified
Thu, 23 Nov 2023 13:55:50 GMT
server
cat factory 1.0
x-timer
S1700830657.897433,VS0,VE2
etag
"b527b1037134b3d9577929ee0e0da91b"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bb-aRUEqJlMwAG-4du3j42-kYP1u_ou83M0-QO03iRjZARyfShf5wg==
x-cache-hits
0, 1

Redirect headers

x-nc
HIT mad 4
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/dEFbXR6.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
45ckVUP.jpg
i.imgur.com/
Redirect Chain
  • https://i3.wp.com/i.imgur.com/45ckVUP.jpg?resize=696&w=696
  • https://i.imgur.com/45ckVUP.jpg
64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/45ckVUP.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d0daa2246454516b929946dd48f194c6aa7b6477f3d689aa2d11116e22a9f581
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
2577408
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
65154
x-served-by
cache-iad-kiad7000046-IAD, cache-fra-etou8220100-FRA
last-modified
Sun, 08 Jan 2023 16:10:12 GMT
server
cat factory 1.0
x-timer
S1700830657.896592,VS0,VE1
etag
"3eedd97c6ab5006aa0bf28341c45d7f5"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8sGBAdHwl8e-J3xVHRemEkSwnCcMKoB5nj0n2iQ-u_F53lyB3M9hag==
x-cache-hits
590, 1

Redirect headers

x-nc
HIT mad 2
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/45ckVUP.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
uCcXUQj.jpg
i.imgur.com/
Redirect Chain
  • https://i1.wp.com/i.imgur.com/uCcXUQj.jpg?resize=696&w=696
  • https://i.imgur.com/uCcXUQj.jpg
78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/uCcXUQj.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
2df77db4090b8bb6fdb03104a23b884eddfbf3ccd50fcc7f2ed4855f4af8622b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
age
570375
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, MISS, HIT
content-length
80138
x-served-by
cache-iad-kcgs7200057-IAD, cache-fra-etou8220100-FRA
last-modified
Fri, 17 Nov 2023 22:31:14 GMT
server
cat factory 1.0
x-timer
S1700830657.896579,VS0,VE3
etag
"8a7676edba6b706f6ff299140f4ba157"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3lYAi3HfONONVBsvvwbHT2VGXPWS6KQN95Zs1ZpQfEeHm6-YpHHQEQ==
x-cache-hits
0, 1

Redirect headers

x-nc
HIT mad 4
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/uCcXUQj.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
AL3nS8G.jpg
i.imgur.com/
Redirect Chain
  • https://i3.wp.com/i.imgur.com/AL3nS8G.jpg?resize=696&w=696
  • https://i.imgur.com/AL3nS8G.jpg
70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/AL3nS8G.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
15f2e0d2e2125a8dc71a097c1ac0d0ed378e0eeb5228639f59acd192380e39fa
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
2081762
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, MISS, HIT
content-length
71170
x-served-by
cache-iad-kcgs7200073-IAD, cache-fra-etou8220100-FRA
last-modified
Sat, 21 Oct 2023 16:23:47 GMT
server
cat factory 1.0
x-timer
S1700830657.849820,VS0,VE1
etag
"1869bb8b84878a2ac50d55ebef537d8a"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
VDwk1-gLSFqfE399uJ3mz47Wq9Z4OrY18e6-IEvd6QoEFxU7e-tEqA==
x-cache-hits
0, 1

Redirect headers

x-nc
HIT mad 5
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/AL3nS8G.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
q3FvWIW.jpg
i.imgur.com/
Redirect Chain
  • https://i3.wp.com/i.imgur.com/q3FvWIW.jpg?resize=696&w=696
  • https://i.imgur.com/q3FvWIW.jpg
33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/q3FvWIW.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
39624f4f57d3e2b76b22ebc70bfd0b413fa9ceb1c4806274f887ebe1234bb390
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
3265381
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
34117
x-served-by
cache-iad-kcgs7200022-IAD, cache-fra-etou8220100-FRA
last-modified
Wed, 13 Sep 2023 20:30:05 GMT
server
cat factory 1.0
x-timer
S1700830657.849549,VS0,VE1
etag
"9a05ae1e058c69cfe8923e84434f7214"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fhQA6L0wp1E2H_ZoXPCwD2VkKzscrxDfo_mPBUSH3qP9NAXgCZHK2g==
x-cache-hits
796, 1

Redirect headers

x-nc
HIT mad 7
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/q3FvWIW.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
PjVZd9h.jpg
i.imgur.com/
Redirect Chain
  • https://i3.wp.com/i.imgur.com/PjVZd9h.jpg?resize=696&w=696
  • https://i.imgur.com/PjVZd9h.jpg
36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/PjVZd9h.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d478d8a4c24cc557d5a141de9e8e0761eea06e3336271f5696cfda068c14e597
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
3346877
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
36359
x-served-by
cache-iad-kiad7000050-IAD, cache-fra-etou8220100-FRA
last-modified
Tue, 09 May 2023 18:09:14 GMT
server
cat factory 1.0
x-timer
S1700830657.896989,VS0,VE4
etag
"ae67fac6d428ac62a7fadb542fd3664a"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kXMjUYA6b9ttyDV7FkZ01e3njCkhjf7EXuFQYHodE5oA8Dx0qo24Jg==
x-cache-hits
194, 1

Redirect headers

x-nc
HIT mad 2
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/PjVZd9h.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
uQ6XZI6.jpg
i.imgur.com/
Redirect Chain
  • https://i0.wp.com/i.imgur.com/uQ6XZI6.jpg?resize=696&w=696
  • https://i.imgur.com/uQ6XZI6.jpg
54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/uQ6XZI6.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
14b6720c3be7fa5fe7521a7569f2aee87e83e34135bd80d03d7a1eb0566a7b5d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
4039967
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
55648
x-served-by
cache-iad-kjyo7100161-IAD, cache-fra-etou8220100-FRA
last-modified
Wed, 13 Sep 2023 19:45:20 GMT
server
cat factory 1.0
x-timer
S1700830657.896467,VS0,VE2
etag
"642be751e25593d80f987752d9158f63"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PpvPzAPkO8gvJHOD5OYjs8onfUoTFdLbaVm16SJFifpDjV4Pbo4G3g==
x-cache-hits
344, 1

Redirect headers

x-nc
HIT mad 7
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/uQ6XZI6.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
GLXGCyd.jpg
i.imgur.com/
Redirect Chain
  • https://i3.wp.com/i.imgur.com/GLXGCyd.jpg?resize=696&w=696
  • https://i.imgur.com/GLXGCyd.jpg
49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/GLXGCyd.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8ed007b041aba5d4f9c8b5fe4f81147d98f30d83ba4ea61567c44d2672fc1930
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P5
age
2529512
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
49696
x-served-by
cache-iad-kiad7000136-IAD, cache-fra-etou8220100-FRA
last-modified
Tue, 19 Sep 2023 17:42:51 GMT
server
cat factory 1.0
x-timer
S1700830657.896439,VS0,VE22
etag
"8825031db4ae58f59408ae0455e01453"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
EzLgd80RO2-Ma9N-NaZLnSiNXKrcbSlxVIZltk_Qofa7mA8kJF6-gg==
x-cache-hits
501, 1

Redirect headers

x-nc
HIT mad 5
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/GLXGCyd.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
ttkX5MR.jpg
i.imgur.com/
Redirect Chain
  • https://i2.wp.com/i.imgur.com/ttkX5MR.jpg?resize=696&w=696
  • https://i.imgur.com/ttkX5MR.jpg
63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/ttkX5MR.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9a0f19d23eac534e8366aae0ce63618244813898ff9446b12bcf5ec8b76aca2d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
263668
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, MISS, HIT
content-length
64296
x-served-by
cache-iad-kjyo7100175-IAD, cache-fra-etou8220100-FRA
last-modified
Tue, 21 Nov 2023 11:43:09 GMT
server
cat factory 1.0
x-timer
S1700830657.896472,VS0,VE1
etag
"c1fffd6b41226d52f5e88c0b07f34145"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3sv93uR5YrvJ4-7Fmbxko6RD8JNrM0atnV5hbg5qD13JYyV1jhBtkA==
x-cache-hits
0, 1

Redirect headers

x-nc
HIT mad 4
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/ttkX5MR.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
sFSn6tR.jpg
i.imgur.com/
Redirect Chain
  • https://i0.wp.com/i.imgur.com/sFSn6tR.jpg?resize=696&w=696
  • https://i.imgur.com/sFSn6tR.jpg
40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/sFSn6tR.jpg
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b4a8b353ac616159638214584e570b7fb6dd8199d5ace41864f4f74fc37c602a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://clicksud.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P4
age
2666310
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
40611
x-served-by
cache-iad-kjyo7100148-IAD, cache-fra-etou8220100-FRA
last-modified
Mon, 11 Sep 2023 17:09:43 GMT
server
cat factory 1.0
x-timer
S1700830657.896488,VS0,VE2
etag
"a8d794b7100d69cdb3415d5164cbe6b7"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zptVk5G6JQs_Or4TyHrRWjNHshnmkNydDqYPWPrCz10Aryin0E58qg==
x-cache-hits
67, 1

Redirect headers

x-nc
HIT mad 3
date
Fri, 24 Nov 2023 12:57:36 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://i.imgur.com/sFSn6tR.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
newspaper.woff
clicksud.biz/wp-content/themes/Newspaper/images/icons/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://clicksud.biz/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/wp-content/cache/min/1/02714dc9f89f69ca28212c834b8be72d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer
https://clicksud.biz/wp-content/cache/min/1/02714dc9f89f69ca28212c834b8be72d.css
Origin
https://clicksud.biz
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2013199
alt-svc
h3=":443"; ma=86400
content-length
33488
last-modified
Mon, 02 Oct 2023 22:30:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch8pgfnxFH5ag%2F3REat3hOXVJbdQRf6%2Fwl5B4ginZAsUTpJnVqZmW34zZBo3TDSgQe2jCM5iTfJ9FAGAN7E%2BLnlBwMPDSCFpYU8Pak6P54P5TppenJGIpjgBSjZe2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=10368000
accept-ranges
bytes
cf-ray
82b1d192ed4e216c-MAD
priority
u=0,i=?0
expires
Thu, 29 Feb 2024 05:44:17 GMT
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CQuicksand%3A600%2C400%2C700%7CMuli%3A400&display=swap&ver=12.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clicksud.biz
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 02:26:09 GMT
x-content-type-options
nosniff
age
297087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 02:26:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CQuicksand%3A600%2C400%2C700%7CMuli%3A400&display=swap&ver=12.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clicksud.biz
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options
nosniff
age
565165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 23:58:11 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CQuicksand%3A600%2C400%2C700%7CMuli%3A400&display=swap&ver=12.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clicksud.biz
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 18:16:19 GMT
x-content-type-options
nosniff
age
67277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 18:16:19 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CQuicksand%3A600%2C400%2C700%7CMuli%3A400&display=swap&ver=12.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clicksud.biz
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 18:35:47 GMT
x-content-type-options
nosniff
age
152509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 18:35:47 GMT
6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2
fonts.gstatic.com/s/quicksand/v31/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CQuicksand%3A600%2C400%2C700%7CMuli%3A400&display=swap&ver=12.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
472aa6bfc4a46a6e125ab18fef5cd85a8a065d3fb0c70a9f06e28a8ea4a659f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clicksud.biz
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 18:56:02 GMT
x-content-type-options
nosniff
age
64894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25500
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:53:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 18:56:02 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A400%2C300%2C700%7COpen+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CQuicksand%3A600%2C400%2C700%7CMuli%3A400&display=swap&ver=12.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clicksud.biz
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:50:20 GMT
x-content-type-options
nosniff
age
576436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35120
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:03:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 20:50:20 GMT
main.js
clicksud.biz/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame B472
Redirect Chain
  • https://clicksud.biz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://clicksud.biz/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clicksud.biz/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/
Protocol
H3
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
665b9656b206a6a89c7cbdac267bf9d5ca78897873489b1a1e86e4a6363fd284
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4B7Fuz2PkOCqZfBLlDk4m2qBlfXkJVEkUQbwN8kuIv%2BA2Mz47V7Rgd0O%2BdR6AX%2BP9yaGcZ6IBc7bP%2FzCUWPG2s%2BnPNAbV8cCRdE%2F4JeB48%2F56JbNnzaCdd%2FCraeSns%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82b1d1940f64216c-MAD
alt-svc
h3=":443"; ma=86400
priority
u=3,i=?0

Redirect headers

date
Fri, 24 Nov 2023 12:57:36 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tNp7Bp3nujYZYnDrZXnIxSYccUYm2TKz9XpSKTQjaqkhDkZ01e2Sbsn9xu1tumYydVLWiYVo%2BBtlTrmgJVvwQKNW7xM1aX6yCAHVazbh2aOKtRzDbZj085wOjel7qI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
cf-ray
82b1d1933dd4216c-MAD
alt-svc
h3=":443"; ma=86400
priority
u=3,i=?0
82b1d18b6bc7367c
clicksud.biz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B472 		0
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clicksud.biz/cdn-cgi/challenge-platform/h/g/jsd/r/82b1d18b6bc7367c
Requested by
Host: clicksud.biz
URL: https://clicksud.biz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 12:57:36 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=750VG0Uw%2F9pTuQTcwrB3kmuPGsbBt1bepEdsbHwA%2BGFA2i1AjfVOLdgMV6UTxUtEDPUMeLLWbxC%2FQlNR%2Bs%2FfdB1l8ufJp0i7J0mbgtZa9sYBYfMVVhb3bE227gYl2KM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
82b1d195192e216c-MAD
alt-svc
h3=":443"; ma=86400
priority
u=1,i
rum
clicksud.biz/cdn-cgi/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clicksud.biz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.82.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://clicksud.biz/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Fri, 24 Nov 2023 12:57:37 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://clicksud.biz
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
82b1d197bd9d216c-MAD

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture undefined| href object| wpra object| fifuImageVars object| lazyLoadOptions function| LazyLoad object| __cfBeacon

1 Cookies

Domain/Path Name / Value
.clicksud.biz/ Name: cf_clearance
Value: ydmb.r.LGQnVjndwP_dssmCu9tCTtmQY7E.HbfOZ7bM-1700830656-0-1-6612ff99.92bbf614.bbbb2617-0.2.1700830656

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicksud.biz
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
i0.wp.com
i1.wp.com
i2.wp.com
i3.wp.com
static.cloudflareinsights.com
104.16.56.101
104.21.82.191
142.250.186.67
146.75.120.193
172.217.16.202
172.67.206.50
192.0.77.2
14b6720c3be7fa5fe7521a7569f2aee87e83e34135bd80d03d7a1eb0566a7b5d
15f2e0d2e2125a8dc71a097c1ac0d0ed378e0eeb5228639f59acd192380e39fa
2df77db4090b8bb6fdb03104a23b884eddfbf3ccd50fcc7f2ed4855f4af8622b
36b43a500039f1d4727ae24e9caec01492d4f765601e54f10927d0ae0c718370
39624f4f57d3e2b76b22ebc70bfd0b413fa9ceb1c4806274f887ebe1234bb390
43bbbc5bd1451625527af607a4a698ac466e21d9ab2b45f4559f5869e1602819
461a8f40fe6308ce4f17c5e1514e5aa28af91f443ec757cb14425e0a408d046a
472aa6bfc4a46a6e125ab18fef5cd85a8a065d3fb0c70a9f06e28a8ea4a659f5
54d5792e37008bd3ce28d4831554e3c30eec13427bb2a1b4e0638c6913f77a98
552e87d86d9b6e5974d75cd45cfdef369540d310eab197c3010de610c4940a7c
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
612210d47e562ebf11311ec9501fb0437a37af14a5552f4d4217a63b9b6e9a9c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
665b9656b206a6a89c7cbdac267bf9d5ca78897873489b1a1e86e4a6363fd284
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
7f747bee2364ba2e1f150ca17a9b4483674903684f2b20a9060d8890beacf540
803bd4bf8d7643b7c7cb1a3cb7e3ba194b241a5bcb51ea33a3a293c0e2fad72d
8242bea524220a4d6b10461cff17e594c1bb6ded57c17bd55dbae1c4a08da42b
84d13f28fa66b7c6a27998c4b1f2670e74efe40218489b6626da725ae741a5dd
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8ed007b041aba5d4f9c8b5fe4f81147d98f30d83ba4ea61567c44d2672fc1930
9a0f19d23eac534e8366aae0ce63618244813898ff9446b12bcf5ec8b76aca2d
9aca454381988a1a93e1e3add51cde190221d55e921e7d4c9b1fdf8db456ca88
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a57dbd88e0b1c1e5056532358fadac159a8ec97e7a571061790a80a14785b871
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4a8b353ac616159638214584e570b7fb6dd8199d5ace41864f4f74fc37c602a
d04f7b8346c3af41156a7e51c0dfe9bd2f18833f9ead61a45d440da4b3b12d4e
d0daa2246454516b929946dd48f194c6aa7b6477f3d689aa2d11116e22a9f581
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d478d8a4c24cc557d5a141de9e8e0761eea06e3336271f5696cfda068c14e597
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f27a3460eb99487506ff4f183ded9dfe68f543cf2140f49b34956a9c8fe391e8
f796fc0d7f1665dddc67f5f52a47246de71c68c94e8508885f729494c3397f9a