urlscan.io logo urlscan.io
SecurityTrails logo

1.cqyj3ii7r.com Open in urlscan Pro
45.133.44.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.tiktotik.top/?sl=5740096-44786&data1=track1&data2=track2&tag=&eyeg=1
Effective URL: https://1.cqyj3ii7r.com/
Submission: On March 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 43 HTTP transactions. The main IP is 45.133.44.21, located in Philadelphia, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 1.cqyj3ii7r.com. The Cisco Umbrella rank of the primary domain is 257631.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 16th 2024. Valid for: 3 months.
This is the only time 1.cqyj3ii7r.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.68.85.158 16276 (OVH)
1 91.209.226.54 204601 (ON-LINE-D...)
6 162.252.21.39 15317 (SERVEREL-AS)
4 45.133.44.21 39572 (ADVANCEDH...)
1 142.250.65.202 15169 (GOOGLE)
4 104.17.24.14 13335 (CLOUDFLAR...)
24 104.22.24.116 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
2 142.250.65.163 15169 (GOOGLE)
43 8
1    51.68.85.158 (France)

ASN16276 (OVH, FR)
www.tiktotik.top
1    91.209.226.54 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm4923262.25ssd.had.wf
clickshere.xyz
6    162.252.21.39 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 162.252.21.39.serverel.net
klsdee.com
lby2kd27c.com
4    45.133.44.21 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
1.cqyj3ii7r.com
1    142.250.65.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f10.1e100.net
fonts.googleapis.com
4    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
24    104.22.24.116 (None, )

ASN13335 (CLOUDFLARENET, US)
news.littlecdn.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    142.250.65.163 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
24 littlecdn.com
news.littlecdn.com — Cisco Umbrella Rank: 479289
582 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
96 KB
4 cqyj3ii7r.com
1.cqyj3ii7r.com — Cisco Umbrella Rank: 257631
152 KB
4 klsdee.com
klsdee.com
26 KB
2 lby2kd27c.com
lby2kd27c.com — Cisco Umbrella Rank: 78025
43 KB
2 gstatic.com
fonts.gstatic.com
39 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 clickshere.xyz
clickshere.xyz
771 B
1 tiktotik.top
www.tiktotik.top
321 B
43 10
Domain Requested by
24 news.littlecdn.com 1.cqyj3ii7r.com
4 cdnjs.cloudflare.com 1.cqyj3ii7r.com
cdnjs.cloudflare.com
4 1.cqyj3ii7r.com klsdee.com
1.cqyj3ii7r.com
4 klsdee.com klsdee.com
2 lby2kd27c.com 1.cqyj3ii7r.com
lby2kd27c.com
2 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com 1.cqyj3ii7r.com
1 fonts.googleapis.com 1.cqyj3ii7r.com
1 clickshere.xyz
1 www.tiktotik.top 1 redirects
43 10

This site contains links to these domains. Also see Links.

Domain
bigsport.today
Subject Issuer Validity Valid
clickshere.xyz
R3		 2024-02-23 -
2024-05-23		 3 months crt.sh

Buypass Class 2 CA 5		 2024-01-09 -
2024-07-06		 6 months crt.sh
*.cqyj3ii7r.com
ZeroSSL RSA Domain Secure Site CA		 2024-02-16 -
2024-05-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
littlecdn.com
E1		 2024-03-11 -
2024-06-09		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://1.cqyj3ii7r.com/
Frame ID: 7E6F8D77091CC42A5DF5A88E7A2C017A
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sport News World

Page URL History Show full URLs

  1. http://www.tiktotik.top/?sl=5740096-44786&data1=track1&data2=track2&tag=&eyeg=1 HTTP 302
    https://clickshere.xyz/go/4995/1?subid2=901&subid1=11100504bf91d55c0ee9ee8e5ec7f48701cb40312-202403... Page URL
  2. https://klsdee.com/1541147/?var=4995&ymid=12ionro200082 Page URL
  3. https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12ionro200082&pb=2c7895ffa18fae2ee189d89... Page URL
  4. https://1.cqyj3ii7r.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Basket
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

8
IPs

4
Countries

970 kB
Transfer

1231 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.tiktotik.top/?sl=5740096-44786&data1=track1&data2=track2&tag=&eyeg=1 HTTP 302
    https://clickshere.xyz/go/4995/1?subid2=901&subid1=11100504bf91d55c0ee9ee8e5ec7f48701cb40312-202403-flb*5740096-44786**sl_5740096-44786*579ed20f9c774a97378f9b7a296c3dbb88cad655** Page URL
  2. https://klsdee.com/1541147/?var=4995&ymid=12ionro200082 Page URL
  3. https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12ionro200082&pb=2c7895ffa18fae2ee189d897ba5a755d1710211582&psp=8YIbvYfvY9HYpPfcchb3nyUkKUgdLOIr2gyKB-SQHkZPenh3bnn0HvklsXHqzShQg29trcSP7xxNf6SY0nNs-_EyluOKZlhSFUQEz7TVdiOQi5xDOlAgSth2CMM-NrIEoY1lWsOwxqIo0gXUGzMU3MGCwObwS8bcRAmuMuhB17gSOvICsHCHacRar-dPtkmWzQQ6oa64EINZM86-N4ri_Dktahjmd8bFnYaxtObRVW3SMeBxHqev1yx_2oEuUq_Qd7pf&fdl=1&nojs=0&abvar=0&febuild=1.0.212&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2926829721508864&eclog=0&im=1&pload=416&rlp=%5B0%2C0%2C148.20000457763672%2C73.80000305175781%2C4.899993896484375%2C348.6999969482422%2C187.79999542236328%2C108.0999984741211%5D Page URL
  4. https://1.cqyj3ii7r.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.tiktotik.top/?sl=5740096-44786&data1=track1&data2=track2&tag=&eyeg=1 HTTP 302
  • https://clickshere.xyz/go/4995/1?subid2=901&subid1=11100504bf91d55c0ee9ee8e5ec7f48701cb40312-202403-flb*5740096-44786**sl_5740096-44786*579ed20f9c774a97378f9b7a296c3dbb88cad655**

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1
clickshere.xyz/go/4995/
Redirect Chain
  • http://www.tiktotik.top/?sl=5740096-44786&data1=track1&data2=track2&tag=&eyeg=1
  • https://clickshere.xyz/go/4995/1?subid2=901&subid1=11100504bf91d55c0ee9ee8e5ec7f48701cb40312-202403-flb*5740096-44786**sl_5740096-44786*579ed20f9c774a97378f9b7a296c3dbb88cad655**
272 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clickshere.xyz/go/4995/1?subid2=901&subid1=11100504bf91d55c0ee9ee8e5ec7f48701cb40312-202403-flb*5740096-44786**sl_5740096-44786*579ed20f9c774a97378f9b7a296c3dbb88cad655**
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm4923262.25ssd.had.wf
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d4136be2c453fa67fb1643c91e513545d4297c7832dc4c94fb21d3416bd8362e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Mar 2024 00:46:22 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Tue, 12 Mar 2024 00:46:22 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Mar 2024 00:46:21 GMT
Location
https://clickshere.xyz/go/4995/1?subid2=901&subid1=11100504bf91d55c0ee9ee8e5ec7f48701cb40312-202403-flb*5740096-44786**sl_5740096-44786*579ed20f9c774a97378f9b7a296c3dbb88cad655**
/
klsdee.com/1541147/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/1541147/?var=4995&ymid=12ionro200082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.39 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.39.serverel.net
Software
nginx /
Resource Hash
b2fab2714449d8bc09abaca3e9991e7c756d4883b9a1057ab0b93e187d3b8a5f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 00:46:22 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
check.sumbit.dl
submit.min.js
klsdee.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/submit.min.js?abvar=
Requested by
Host: klsdee.com
URL: https://klsdee.com/1541147/?var=4995&ymid=12ionro200082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.39 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.39.serverel.net
Software
nginx /
Resource Hash
ee57585400d467bdd0cabcdad117569c2522436f6d7335ceb937bbff14016773

Request headers

accept-language
en-US,en;q=0.9
sec-ch-viewport-height
1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-prefers-reduced-transparency
no-preference
Referer
sec-ch-prefers-reduced-motion
no-preference
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light

Response headers

date
Tue, 12 Mar 2024 00:46:22 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 14:41:58 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab
current
etag
W/"65ef1836-b8f0"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
klsdee.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12ionro200082&pb=2c7895ffa18fae2ee189d897ba5a755d1710211582&psp=8YIbvYfvY9HYpPfcchb3nyUkKUgdLOIr2gyKB-SQHkZPenh3bnn0HvklsXHqzShQg29trcSP7xxNf6SY0nNs-_EyluOKZlhSFUQEz7TVdiOQi5xDOlAgSth2CMM-NrIEoY1lWsOwxqIo0gXUGzMU3MGCwObwS8bcRAmuMuhB17gSOvICsHCHacRar-dPtkmWzQQ6oa64EINZM86-N4ri_Dktahjmd8bFnYaxtObRVW3SMeBxHqev1yx_2oEuUq_Qd7pf&fdl=1&nojs=0&abvar=0&febuild=1.0.212&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2926829721508864&eclog=0&im=1&pload=416&rlp=%5B0%2C0%2C148.20000457763672%2C73.80000305175781%2C4.899993896484375%2C348.6999969482422%2C187.79999542236328%2C108.0999984741211%5D
Requested by
Host: klsdee.com
URL: https://klsdee.com/submit.min.js?abvar=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.39 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.39.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-device-memory
8
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light
sec-ch-prefers-reduced-motion
no-preference
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-viewport-height
1200
sec-ch-viewport-width
1600

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 00:46:22 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
redirect.dl
Primary Request /
1.cqyj3ii7r.com/ 		60 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/
Requested by
Host: klsdee.com
URL: https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12ionro200082&pb=2c7895ffa18fae2ee189d897ba5a755d1710211582&psp=8YIbvYfvY9HYpPfcchb3nyUkKUgdLOIr2gyKB-SQHkZPenh3bnn0HvklsXHqzShQg29trcSP7xxNf6SY0nNs-_EyluOKZlhSFUQEz7TVdiOQi5xDOlAgSth2CMM-NrIEoY1lWsOwxqIo0gXUGzMU3MGCwObwS8bcRAmuMuhB17gSOvICsHCHacRar-dPtkmWzQQ6oa64EINZM86-N4ri_Dktahjmd8bFnYaxtObRVW3SMeBxHqev1yx_2oEuUq_Qd7pf&fdl=1&nojs=0&abvar=0&febuild=1.0.212&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2926829721508864&eclog=0&im=1&pload=416&rlp=%5B0%2C0%2C148.20000457763672%2C73.80000305175781%2C4.899993896484375%2C348.6999969482422%2C187.79999542236328%2C108.0999984741211%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
0cb8be0165df068ac35a9e44e6d296f5d014bc2eac6fc42918197e2f908bfde5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
61762
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 00:46:22 GMT
etag
35e4972d77960a8294e01574fa7ccaf8
expires
Thu, 14 Mar 2024 00:46:22 GMT
last-modified
Fri, 29 Sep 2023 10:54:40 GMT
server
nginx/1.24.0
vary
Accept-Encoding
x-openstack-request-id
tx8f0573e4923a488da1817-0065ef0760
x-proxy-cache
HIT
x-timestamp
1695984879.40959
x-trans-id
tx8f0573e4923a488da1817-0065ef0760
dupa.gif
klsdee.com/ 		43 B
482 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/dupa.gif?z=1541147&r=dir&zoneid=1541147&var=4995&ymid=12ionro200082&pb=2c7895ffa18fae2ee189d897ba5a755d1710211582&psp=8YIbvYfvY9HYpPfcchb3nyUkKUgdLOIr2gyKB-SQHkZPenh3bnn0HvklsXHqzShQg29trcSP7xxNf6SY0nNs-_EyluOKZlhSFUQEz7TVdiOQi5xDOlAgSth2CMM-NrIEoY1lWsOwxqIo0gXUGzMU3MGCwObwS8bcRAmuMuhB17gSOvICsHCHacRar-dPtkmWzQQ6oa64EINZM86-N4ri_Dktahjmd8bFnYaxtObRVW3SMeBxHqev1yx_2oEuUq_Qd7pf&fdl=1&nojs=0&abvar=0&febuild=1.0.212&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2926829721508864&eclog=0&im=1&pload=416&rlp=%5B0%2C0%2C148.20000457763672%2C73.80000305175781%2C4.899993896484375%2C348.6999969482422%2C187.79999542236328%2C108.0999984741211%5D&pload=116&rlp=%5B0%2C0%2C0%2C0%2C-95.60000610351562%2C-0.5%2C-3.600006103515625%2C0%5D
Requested by
Host: klsdee.com
URL: https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=12ionro200082&pb=2c7895ffa18fae2ee189d897ba5a755d1710211582&psp=8YIbvYfvY9HYpPfcchb3nyUkKUgdLOIr2gyKB-SQHkZPenh3bnn0HvklsXHqzShQg29trcSP7xxNf6SY0nNs-_EyluOKZlhSFUQEz7TVdiOQi5xDOlAgSth2CMM-NrIEoY1lWsOwxqIo0gXUGzMU3MGCwObwS8bcRAmuMuhB17gSOvICsHCHacRar-dPtkmWzQQ6oa64EINZM86-N4ri_Dktahjmd8bFnYaxtObRVW3SMeBxHqev1yx_2oEuUq_Qd7pf&fdl=1&nojs=0&abvar=0&febuild=1.0.212&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=2926829721508864&eclog=0&im=1&pload=416&rlp=%5B0%2C0%2C148.20000457763672%2C73.80000305175781%2C4.899993896484375%2C348.6999969482422%2C187.79999542236328%2C108.0999984741211%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.39 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.39.serverel.net
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
sec-ch-viewport-height
1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-prefers-reduced-transparency
no-preference
Referer
sec-ch-prefers-reduced-motion
no-preference
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light

Response headers

date
Tue, 12 Mar 2024 00:46:22 GMT
x-route-id
stats.redirect-pixel
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
common.css
1.cqyj3ii7r.com/bigsportAssets/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/bigsportAssets/common.css
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
56fc3286e6274c8a4bd8d761bc2753f89ad7afd1a12649ea53899887920bbe93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Thu, 14 Mar 2024 00:46:22 GMT
date
Tue, 12 Mar 2024 00:46:22 GMT
x-openstack-request-id
tx7481cedbe3bf4663ba091-0065ef0760
content-length
1850
x-trans-id
tx7481cedbe3bf4663ba091-0065ef0760
last-modified
Tue, 19 Sep 2023 10:49:46 GMT
server
nginx/1.24.0
etag
ec770e593f1ba17e1e55a2444cfd2073
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-timestamp
1695120585.23681
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
htmagazine.css
1.cqyj3ii7r.com/bigsportAssets/ 		88 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/bigsportAssets/htmagazine.css
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
ce1c45ea6240bab11d0e6b8e1ce81bee4641aa7573b7953fb3f389ee6a01f0d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Thu, 14 Mar 2024 00:46:22 GMT
date
Tue, 12 Mar 2024 00:46:22 GMT
x-openstack-request-id
txb83a766c8227479cbed9d-0065ef0760
content-length
89683
x-trans-id
txb83a766c8227479cbed9d-0065ef0760
last-modified
Wed, 20 Sep 2023 12:05:43 GMT
server
nginx/1.24.0
etag
372ca7b9f1fbc4772da18e159c9385e5
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-timestamp
1695211542.74342
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900&ver=4.9.3
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f10.1e100.net
Software
ESF /
Resource Hash
5e42eb7d6e30c53e8677a92bc674678427a513595a4ce179b92b8bd15acc0ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Mar 2024 00:46:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 00:46:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Mar 2024 00:46:23 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
461211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtjy%2F%2BIiB94e94L01J40f1iqIkvR1Qq%2FvR9oNmEs3M1IvwJ4ywurCWl65wOGQliqBtRbt1zRmvmZnsFKrhq49g8k9mxgj4GlLl4mbPIfZwWfw10i6cA3Q8SkGfD0QXh3YWJmf7DY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4539b0b6a58-EWR
expires
Sun, 02 Mar 2025 00:46:23 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
22859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FijOGiqPlnecLfHrF6UHbYgWGzfIRXPsdQ2DzNS9DYfOL4YmBrW4peLzbceYgiLmPXbTVRAzq8t6%2B7sb4sdUXyFrq9ZmhZr3mnOTeZuaBvOdMND3QpC3JpMK8hSbMGPUFKhuVTw"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4539b0d6a58-EWR
expires
Sun, 02 Mar 2025 00:46:23 GMT
1528894357_5b21139545473.png
news.littlecdn.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/1528894357_5b21139545473.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b742c1206d0e64dfc9cda3d4aa9d4e5ab47de1edb5fac3dc2c0a080a45ad59c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Jun 2018 12:52:38 GMT
server
cloudflare
age
13384
etag
"6870453faac6b23a439de6af22d88b45"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4539afc0f42-EWR
content-length
10466
expires
Tue, 12 Mar 2024 21:03:17 GMT
1669906862_6388c1aeb06718.35218134.png
news.littlecdn.com/770x410/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/770x410/1669906862_6388c1aeb06718.35218134.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65fb7e3f2ff58bd65a4d3c030e8d694ab8f54732475f85b79191fb7a9d84a3d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 15:01:03 GMT
server
cloudflare
age
13384
etag
W/"52e041827f5cb1ade0fb91b127a459c7"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4539afd0f42-EWR
content-length
117615
expires
Tue, 12 Mar 2024 21:03:17 GMT
1669900443_6388a89b521264.43902177.jpeg
news.littlecdn.com/770x410/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/770x410/1669900443_6388a89b521264.43902177.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a3e4a534c57527c328ddc4b50a59e4d7f9e568cb76b27d21c1f1a8848565a3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 13:14:04 GMT
server
cloudflare
age
73781
etag
"cee134988150d39ef59b8cc9ff3e0f09"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4539aff0f42-EWR
content-length
20764
expires
Tue, 12 Mar 2024 04:16:42 GMT
1669898043_63889f3b5c6ad9.22239635.jpeg
news.littlecdn.com/770x410/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/770x410/1669898043_63889f3b5c6ad9.22239635.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7078eeaa1123130fda216250cd9e5a212d33ae12c1022c0e8df3fca1720f92fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 12:34:04 GMT
server
cloudflare
age
8688
etag
"06a10fe1978626cf9b0f8db76a0e592f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4539afe0f42-EWR
content-length
23784
expires
Tue, 12 Mar 2024 22:21:35 GMT
1669865644_638820ac11fd05.70415777.jpeg
news.littlecdn.com/770x410/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/770x410/1669865644_638820ac11fd05.70415777.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7080348c00bc2bba7e7c1677b417b5b1d44c615dda6aa0472859390181798488

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 03:34:05 GMT
server
cloudflare
age
29784
etag
"162ebfb13150a10bffe2f825189ddfd1"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4539b000f42-EWR
content-length
19210
expires
Tue, 12 Mar 2024 16:29:59 GMT
1669856463_6387fccf707194.10665205.png
news.littlecdn.com/770x410/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/770x410/1669856463_6387fccf707194.10665205.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65fb7e3f2ff58bd65a4d3c030e8d694ab8f54732475f85b79191fb7a9d84a3d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 01:01:04 GMT
server
cloudflare
age
8688
etag
W/"52e041827f5cb1ade0fb91b127a459c7"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4539b010f42-EWR
content-length
117615
expires
Tue, 12 Mar 2024 22:21:35 GMT
1669853403_6387f0db551216.74325112.jpeg
news.littlecdn.com/770x410/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/770x410/1669853403_6387f0db551216.74325112.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8521e4924d96ce06736bc71495ae0c82aebfa689b722a207f8de71d2fab3616

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 00:10:04 GMT
server
cloudflare
age
8688
etag
"ae1340625d06ea196a47e5836b2f98e0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453bb160f42-EWR
content-length
29474
expires
Tue, 12 Mar 2024 22:21:35 GMT
1669852743_6387ee472ae284.71094730.jpeg
news.littlecdn.com/340x180/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/340x180/1669852743_6387ee472ae284.71094730.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
955e72016c9037648ea7d652135133eb9bd4204c6004d6bebef0b2a3c21aff77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 23:59:04 GMT
server
cloudflare
age
8364
etag
W/"ae1340625d06ea196a47e5836b2f98e0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb170f42-EWR
content-length
10784
expires
Tue, 12 Mar 2024 22:26:54 GMT
1669852508_6387ed5c93be66.17804710.jpeg
news.littlecdn.com/340x180/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/340x180/1669852508_6387ed5c93be66.17804710.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01106a41854fb5f5a60b5a79c2bce53934f90f828a8a040e4614ee2ad479fa2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 23:55:09 GMT
server
cloudflare
age
8438
etag
W/"23778ca7b9ae683b5204e886b5c57e68"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb180f42-EWR
content-length
11534
expires
Tue, 12 Mar 2024 22:25:45 GMT
1669865644_638820ac11fd05.70415777.jpeg
news.littlecdn.com/360x240/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669865644_638820ac11fd05.70415777.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2993daa62354bdc61aec0fc71e23def481e1fc615de59cffc8712288100c846

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 03:34:05 GMT
server
cloudflare
age
8364
etag
W/"162ebfb13150a10bffe2f825189ddfd1"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb190f42-EWR
content-length
11196
expires
Tue, 12 Mar 2024 22:26:54 GMT
1669852743_6387ee472ae284.71094730.jpeg
news.littlecdn.com/360x240/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669852743_6387ee472ae284.71094730.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62ba1b4e3c330374e5b83c12801794f75ddfdfaa749b7326222bb7d375a16ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 23:59:04 GMT
server
cloudflare
age
8364
etag
W/"ae1340625d06ea196a47e5836b2f98e0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb1a0f42-EWR
content-length
13047
expires
Tue, 12 Mar 2024 22:26:54 GMT
1669906862_6388c1aeb06718.35218134.png
news.littlecdn.com/360x240/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669906862_6388c1aeb06718.35218134.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f89e3d87f297d6926aacfe44f883eb287bab895afb8ddfcf1724c6db52ff4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 15:01:03 GMT
server
cloudflare
age
8337
etag
W/"52e041827f5cb1ade0fb91b127a459c7"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb1c0f42-EWR
content-length
16287
expires
Tue, 12 Mar 2024 22:27:26 GMT
1669900443_6388a89b521264.43902177.jpeg
news.littlecdn.com/360x240/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669900443_6388a89b521264.43902177.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3b3749d896c3702f275443201e4eff07b907d9f4dda2b9867a67d0b94235f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 13:14:04 GMT
server
cloudflare
age
8337
etag
W/"cee134988150d39ef59b8cc9ff3e0f09"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb1d0f42-EWR
content-length
11941
expires
Tue, 12 Mar 2024 22:27:26 GMT
1669898043_63889f3b5c6ad9.22239635.jpeg
news.littlecdn.com/360x240/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669898043_63889f3b5c6ad9.22239635.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebf7d422e8dfdd67d46fa632cee7e8f79cb6d333349a8193364974b69703226

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 12:34:04 GMT
server
cloudflare
age
8337
etag
W/"06a10fe1978626cf9b0f8db76a0e592f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb1e0f42-EWR
content-length
12473
expires
Tue, 12 Mar 2024 22:27:26 GMT
1669856463_6387fccf707194.10665205.png
news.littlecdn.com/360x240/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669856463_6387fccf707194.10665205.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f89e3d87f297d6926aacfe44f883eb287bab895afb8ddfcf1724c6db52ff4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 01:01:04 GMT
server
cloudflare
age
8337
etag
W/"52e041827f5cb1ade0fb91b127a459c7"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb1f0f42-EWR
content-length
16287
expires
Tue, 12 Mar 2024 22:27:26 GMT
1669853403_6387f0db551216.74325112.jpeg
news.littlecdn.com/360x240/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669853403_6387f0db551216.74325112.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62ba1b4e3c330374e5b83c12801794f75ddfdfaa749b7326222bb7d375a16ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Dec 2022 00:10:04 GMT
server
cloudflare
age
8337
etag
W/"ae1340625d06ea196a47e5836b2f98e0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb200f42-EWR
content-length
13047
expires
Tue, 12 Mar 2024 22:27:26 GMT
1669852508_6387ed5c93be66.17804710.jpeg
news.littlecdn.com/360x240/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669852508_6387ed5c93be66.17804710.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae50bd8e872f574b40b47bcc6045d97ab9f324bf9ba31cdeea2e0cf5c22e097

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 23:55:09 GMT
server
cloudflare
age
8337
etag
W/"23778ca7b9ae683b5204e886b5c57e68"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb210f42-EWR
content-length
13571
expires
Tue, 12 Mar 2024 22:27:26 GMT
1669847523_6387d9e3d549e7.92833435.jpeg
news.littlecdn.com/360x240/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669847523_6387d9e3d549e7.92833435.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1425c55f9e4babc2e22ce897dbbe9917d6e23b124e49fe831acade50c9c8eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 22:32:04 GMT
server
cloudflare
age
8652
etag
W/"683da2d4eb08db58e69a5db66ce3dc7e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb220f42-EWR
content-length
18751
expires
Tue, 12 Mar 2024 22:22:11 GMT
1669847523_6387d9e34db4f2.45293789.png
news.littlecdn.com/360x240/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669847523_6387d9e34db4f2.45293789.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f89e3d87f297d6926aacfe44f883eb287bab895afb8ddfcf1724c6db52ff4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 22:32:04 GMT
server
cloudflare
age
8337
etag
W/"52e041827f5cb1ade0fb91b127a459c7"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb230f42-EWR
content-length
16287
expires
Tue, 12 Mar 2024 22:27:26 GMT
1669846264_6387d4f8d60620.35549271.jpeg
news.littlecdn.com/360x240/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669846264_6387d4f8d60620.35549271.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1425c55f9e4babc2e22ce897dbbe9917d6e23b124e49fe831acade50c9c8eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 22:11:05 GMT
server
cloudflare
age
8652
etag
W/"683da2d4eb08db58e69a5db66ce3dc7e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb240f42-EWR
content-length
18751
expires
Tue, 12 Mar 2024 22:22:10 GMT
1669844282_6387cd3aeb4924.05147452.png
news.littlecdn.com/360x240/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669844282_6387cd3aeb4924.05147452.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f89e3d87f297d6926aacfe44f883eb287bab895afb8ddfcf1724c6db52ff4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 21:38:04 GMT
server
cloudflare
age
8652
etag
W/"52e041827f5cb1ade0fb91b127a459c7"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb250f42-EWR
content-length
16287
expires
Tue, 12 Mar 2024 22:22:11 GMT
1669839426_6387ba425c82f3.58551607.jpeg
news.littlecdn.com/360x240/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669839426_6387ba425c82f3.58551607.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e81f28e7217e549fd7192ad85ec2e300db9a2a8675696ccdd5c5d71b4e23c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 20:17:07 GMT
server
cloudflare
age
8652
etag
W/"d0662d1703b6751211095608b05e8f20"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb260f42-EWR
content-length
20246
expires
Tue, 12 Mar 2024 22:22:10 GMT
1669836122_6387ad5abfb256.85451165.png
news.littlecdn.com/360x240/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669836122_6387ad5abfb256.85451165.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f89e3d87f297d6926aacfe44f883eb287bab895afb8ddfcf1724c6db52ff4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 19:22:03 GMT
server
cloudflare
age
8337
etag
W/"52e041827f5cb1ade0fb91b127a459c7"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb270f42-EWR
content-length
16287
expires
Tue, 12 Mar 2024 22:27:26 GMT
1669835765_6387abf5f17c55.32127811.jpeg
news.littlecdn.com/360x240/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.littlecdn.com/360x240/1669835765_6387abf5f17c55.32127811.jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d9b854ba770259dc1e11855787bc7884917d9609014ea43d7dd694725ecc7b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 30 Nov 2022 19:16:07 GMT
server
cloudflare
age
8364
etag
W/"d3164c4402663d2c98685741b9b595e6"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc453cb280f42-EWR
content-length
16851
expires
Tue, 12 Mar 2024 22:26:54 GMT
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer
https://1.cqyj3ii7r.com/
Origin
https://1.cqyj3ii7r.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
content-encoding
gzip
via
1.1 varnish
age
15005709
x-cache
HIT
content-length
30336
x-served-by
cache-lga21974-LGA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1710204383.415461,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
134275
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://1.cqyj3ii7r.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8865305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10158
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-ad36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCo%2FhSx13Tq9wEygFc1kwUAa2WZ3T%2BQZ3AMxpfc5ZZ%2BattF7yv%2BmNgne6c1cNeQ2iZOkaM0s33adW0eIlRSFmQ%2BtSgRPW3Sl1iqKoQlXFLzl3OCmt1oFGgqBhzEjAg%2Bj8diTgKCf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4544cb343aa-EWR
expires
Sun, 02 Mar 2025 00:46:23 GMT
loader-icon.png
1.cqyj3ii7r.com/bigsportAssets/img/ 		238 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.cqyj3ii7r.com/bigsportAssets/img/loader-icon.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/bigsportAssets/htmagazine.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/bigsportAssets/htmagazine.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Thu, 14 Mar 2024 00:46:23 GMT
date
Tue, 12 Mar 2024 00:46:23 GMT
x-openstack-request-id
txe8916a7c994e4e85afc28-0065ef0760
content-length
238
x-trans-id
txe8916a7c994e4e85afc28-0065ef0760
last-modified
Wed, 20 Sep 2023 12:07:01 GMT
server
nginx/1.24.0
etag
629230521cf796d0274681dd0b545dbd
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
x-timestamp
1695211620.33331
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900&ver=4.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1.cqyj3ii7r.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 09:00:30 GMT
x-content-type-options
nosniff
age
488753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Mar 2025 09:00:30 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://1.cqyj3ii7r.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P15zpA2vaopBOj3sO8Ss%2FDKnBoHML6503wepp3IBIbPOUiEG3ctXoqHuWtNu9VWnUZF6tCwMfuajcdIsExdqoUZVGGzz2C3IwUuWZW7G6gWCIxfBE1LysY7hQ54gFRaeKPgtJ4Jo"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862fc4544cb243aa-EWR
expires
Sun, 02 Mar 2025 00:46:23 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900&ver=4.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1.cqyj3ii7r.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 06:52:24 GMT
x-content-type-options
nosniff
age
410039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Mar 2025 06:52:24 GMT
code.js
lby2kd27c.com/lv/esnk/1997023/ 		112 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lby2kd27c.com/lv/esnk/1997023/code.js?ymid=null&var=null_null
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.39 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.39.serverel.net
Software
nginx /
Resource Hash
455210f9c17777cbab1bef0188ce3bbb1ea89c8db8d58e544d445579358b0241

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 14:41:58 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag
W/"65ef1836-1c198"
vary
Accept-Encoding
content-type
application/javascript
x-js-ab2
current
timing-allow-origin
*
1997023
lby2kd27c.com/get/ 		7 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lby2kd27c.com/get/1997023?zoneid=1997023&ymid=null&var=null_null&jp=_clgwnnpuf65qa5c4aji7zs&nojs=0&abvar=0&febuild=1.0.212&t=0&wcks=1&wgl=1&cnvs=1&os=600&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=1237979861349376&eclog=0&im=1&freq=0
Requested by
Host: lby2kd27c.com
URL: https://lby2kd27c.com/lv/esnk/1997023/code.js?ymid=null&var=null_null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.252.21.39 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
162.252.21.39.serverel.net
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1.cqyj3ii7r.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 00:46:23 GMT
x-route-id
config
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
7
content-type
text/javascript

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| global_site_props function| $ function| jQuery function| addTag function| handleException function| j833 function| _clgwnnpuf65qa5c4aji7zs

8 Cookies

Domain/Path Name / Value
clickshere.xyz/ Name: mobitck
Value: 1
klsdee.com/ Name: CHCK
Value: 1
klsdee.com/ Name: UID
Value: 2403111946c00d068232074800a288e146a1
klsdee.com/ Name: OXCCLK
Value: ACj70wAAAAAAAAAB
klsdee.com/ Name: OXPCLK
Value: AAJl9AAAAAAAAAAB
klsdee.com/ Name: ppucnt
Value: 1
lby2kd27c.com/ Name: CHCK
Value: 1
lby2kd27c.com/ Name: UID
Value: 24031119466e799f3ece554522a04977ec5c

2 Console Messages

Source Level URL
Text
other warning URL: https://1.cqyj3ii7r.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://1.cqyj3ii7r.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.cqyj3ii7r.com
cdnjs.cloudflare.com
clickshere.xyz
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
klsdee.com
lby2kd27c.com
news.littlecdn.com
www.tiktotik.top
104.17.24.14
104.22.24.116
142.250.65.163
142.250.65.202
151.101.2.137
162.252.21.39
45.133.44.21
51.68.85.158
91.209.226.54
01106a41854fb5f5a60b5a79c2bce53934f90f828a8a040e4614ee2ad479fa2b
0cb8be0165df068ac35a9e44e6d296f5d014bc2eac6fc42918197e2f908bfde5
1a1425c55f9e4babc2e22ce897dbbe9917d6e23b124e49fe831acade50c9c8eb
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3ebf7d422e8dfdd67d46fa632cee7e8f79cb6d333349a8193364974b69703226
455210f9c17777cbab1bef0188ce3bbb1ea89c8db8d58e544d445579358b0241
56fc3286e6274c8a4bd8d761bc2753f89ad7afd1a12649ea53899887920bbe93
57e81f28e7217e549fd7192ad85ec2e300db9a2a8675696ccdd5c5d71b4e23c9
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5e42eb7d6e30c53e8677a92bc674678427a513595a4ce179b92b8bd15acc0ce5
65fb7e3f2ff58bd65a4d3c030e8d694ab8f54732475f85b79191fb7a9d84a3d5
7078eeaa1123130fda216250cd9e5a212d33ae12c1022c0e8df3fca1720f92fe
7080348c00bc2bba7e7c1677b417b5b1d44c615dda6aa0472859390181798488
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a3e4a534c57527c328ddc4b50a59e4d7f9e568cb76b27d21c1f1a8848565a3f
7e3b3749d896c3702f275443201e4eff07b907d9f4dda2b9867a67d0b94235f2
85f89e3d87f297d6926aacfe44f883eb287bab895afb8ddfcf1724c6db52ff4b
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
955e72016c9037648ea7d652135133eb9bd4204c6004d6bebef0b2a3c21aff77
9ae50bd8e872f574b40b47bcc6045d97ab9f324bf9ba31cdeea2e0cf5c22e097
9b742c1206d0e64dfc9cda3d4aa9d4e5ab47de1edb5fac3dc2c0a080a45ad59c
9d9b854ba770259dc1e11855787bc7884917d9609014ea43d7dd694725ecc7b0
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a62ba1b4e3c330374e5b83c12801794f75ddfdfaa749b7326222bb7d375a16ad
b2fab2714449d8bc09abaca3e9991e7c756d4883b9a1057ab0b93e187d3b8a5f
c2993daa62354bdc61aec0fc71e23def481e1fc615de59cffc8712288100c846
ce1c45ea6240bab11d0e6b8e1ce81bee4641aa7573b7953fb3f389ee6a01f0d1
d4136be2c453fa67fb1643c91e513545d4297c7832dc4c94fb21d3416bd8362e
d8521e4924d96ce06736bc71495ae0c82aebfa689b722a207f8de71d2fab3616
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee57585400d467bdd0cabcdad117569c2522436f6d7335ceb937bbff14016773
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a