newyearsday2024.com Open in urlscan Pro
2606:4700:3037::6815:3931  Public Scan

20 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response newyearsday2024.com/	133 KB 22 KB	607ms 493ms	Document text/html	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5ba8f74efd1e60bddc4377a46fcdf871d1cf39668739cf719d6f883b30556a8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 alt-svc h3=":443"; ma=86400 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 869970d9dc028fca-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 24 Mar 2024 20:34:15 GMT expires Sun, 24 Mar 2024 20:34:14 GMT last-modified Sun, 24 Mar 2024 15:58:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5khhKJXmVJJoGCe22n83yW5vHbYmZMgrBhG8DlaXQHGrVEZ26UAmENGZlS1fFOyJ3KqmRww8WrCoyu003cC9FxPBx0Hy%2F8YXtGetxJz9zcqXNdN7FypckRwFh5lqVCjJoZio1GzNYAlAYpxPKwo%2BoBwj"}],"group":"cf-nel","max_age":604800} server cloudflare vary X-Forwarded-Proto,Accept-Encoding x-cache HIT
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	177ms 88ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3Aregular%2C600%2C700&display=swap Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 24 Mar 2024 20:34:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Mar 2024 20:34:15 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 Mar 2024 20:34:15 GMT
GET H2	200	style.min.css newyearsday2024.com/wp-includes/css/dist/block-library/	108 KB 15 KB	190ms 187ms	Stylesheet text/css	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Wed, 31 Jan 2024 02:47:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65b9b4a7-1ae43" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulcojvUAD38Mi5MHmxfdka9KEbb2bJQ2Tkxw43MkrLawJLsX4%2BXn4B8ac8Am9Kpn8M1DgC0biqjmnRKV%2BZGzRes9BUyK2gFtQ5C4aiBEChqmETeWC%2F9JTCN1TuH7tBvFQLGrYsSjwpIwtCX5iG1LdVRv"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 869970dcef6a8fca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	main.min.css newyearsday2024.com/wp-content/themes/generatepress/assets/css/	19 KB 5 KB	160ms 158ms	Stylesheet text/css	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Feb 2024 04:50:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65c30c00-4c6c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYHYCyA1mjB34GUvvHjjJwH6MtSa9hM9HZ53zpwFQpkCVIWBhatSiOl6NO1pcksW%2FT2wzBKsv82X4DUdz80d%2F%2BDvFCYjWks9NqNc1APLGonz89S3sLXpqrSvjI8MtIFwzUq4QlDnenYD0%2FTN23DQa6s2"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 869970dcff6f8fca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	featured-images.min.css newyearsday2024.com/wp-content/plugins/gp-premium/blog/functions/css/	3 KB 821 B	438ms 436ms	Stylesheet text/css	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.3.1 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Tue, 28 Nov 2023 07:30:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65659705-cdd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUFax8IwXzGNqay8%2FLISxFS%2BGf9nqr3%2BOfv479e%2B7xa33AfzzwXa5X%2FyfQzvMrnblicdqNgF1OBKo4o4VzJsNu6m6tJg2ekgihdIA59Mbhvzr%2B%2F%2FMUGFUI9BFFRkujEIbyryaW1XH0%2BGTj4WrAyrsfNR"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 869970dcff708fca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	offside.min.css newyearsday2024.com/wp-content/plugins/gp-premium/menu-plus/functions/css/	6 KB 2 KB	166ms 164ms	Stylesheet text/css	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.3.1 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ce4e5dcbce124e6ce72565e362af9421b429350bbace797b314f15306ea7435 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Tue, 28 Nov 2023 07:30:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65659705-18d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=heioz9hc8JaH9b8NSCsYFu04tHLTPS%2FLY378V0KYqXu5vxsneJ0sOWROIHoEux%2BKPK4vGIYJrOKoUuk4oAIu0sd6g6UohyIzG7caCzyZiWreakTz8CgT5I0pUfsNw0IToNGFOAL1XxdYvAn%2FHaojmXAr"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 869970dcff728fca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response newyearsday2024.com/wp-includes/js/jquery/	86 KB 31 KB	177ms 175ms	Script application/javascript	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Nov 2023 14:18:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6564a549-15601" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FoX%2BUoTWqMsZael9Ouoo1Y42rKdWPgprSzzDTQpyLViy1gGtAyL1jNvT9qekZipNlb2FD6V%2FC6seHTEs2%2BchnJ0MX%2BFUC3DfiIF%2BmvsjEHRVmmoudcd%2BhJiOiVe7RoRAm93Y1jS86JbEHB7KBjbbpKIh"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 869970dcff738fca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery-migrate.min.js Show response newyearsday2024.com/wp-includes/js/jquery/	13 KB 5 KB	150ms 148ms	Script application/javascript	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Nov 2023 14:18:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6564a549-3509" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtSap4gpA6E70Fwlhwi343bqkdGnDu2dpraU%2BeuWKKsVZlLeLoXOEltCbZh1R0J%2ByChC27cV2FltmntVoz2k9O9iUKSgkKyiZy%2BZl9HdBDMoLd%2BoFy5MOJgsfoHd8HoHjjsC51zCrKJUcSg%2BIkZKVIY0"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 869970dcff748fca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	172ms 82ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4081270401705596 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b535dd0a6db0df9f1d4bf9413d1d6d2c423769057b1d120ce774240f6bf7e8ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://newyearsday2024.com/ Origin https://newyearsday2024.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50910 x-xss-protection 0 server cafe etag 14967693861247565233 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sun, 24 Mar 2024 20:34:15 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	290 KB 97 KB	150ms 59ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H5Q66B866E Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4dc6d9d3b5a9cb395caa9347b42549154a34ecf14877f58c9f57b143a5d927f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 99195 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 24 Mar 2024 20:34:15 GMT
GET H2	200	cropped-Happy-New-Years-Day-2024.png newyearsday2024.com/wp-content/uploads/	2 MB 2 MB	230ms 229ms	Image image/png	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newyearsday2024.com/wp-content/uploads/cropped-Happy-New-Years-Day-2024.png Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb9361c0a8de6ae26f72ff9901bfc546428e58f5f2659d47ecc643a87b28e89a Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT cf-cache-status HIT last-modified Mon, 18 Dec 2023 14:40:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "658059c8-1b6253" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kderMsn%2BkEW0trBIgCfqAQmcUn9BH%2F2sk4l6nqPhhzoRicoROvRp8y2bM4Ezy%2F4UIlTub99kLQLmAqbI3rdc4mQ4hFXPSrLlc3u6rUoBvZY6rKHq0gvkTu4e3yyyiq6GCNxubxhyBBeXc%2Fo4eWtCsugg"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 869970dcff768fca-FRA alt-svc h3=":443"; ma=86400 content-length 1794643
GET H2	200	high-angle-of-table-served-for-christmas-dinner-with-plates-with-napkins-and-traditional-roasted-tur-2.jpg newyearsday2024.com/wp-content/uploads/	94 KB 95 KB	591ms 591ms	Image image/jpeg	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newyearsday2024.com/wp-content/uploads/high-angle-of-table-served-for-christmas-dinner-with-plates-with-napkins-and-traditional-roasted-tur-2.jpg Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccafa3c473d1ebd280a1691e4f7851e2abb652214bc99bf92b54dc624b5f8fcf Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 14:38:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65674cf7-1790c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2n6pMcHFxffnfGPNAcPrLZnUNTXfw6eSSaoQQsLi88mFHwHcHWfWcAWgXb6th8nDVv%2FRGTsgp57Cy0CQxMcRDs5qpvC1fk6hqR25k7sYQJ9Gy8XLsrcYpIEh0H4BDF216ZNpLfpAXMjVAewRvL2L0rNh"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 869970dcff758fca-FRA alt-svc h3=":443"; ma=86400 content-length 96524
GET H2	200	christmas-composition-with-shiny-hanging-baubles.jpg newyearsday2024.com/wp-content/uploads/	89 KB 90 KB	526ms 526ms	Image image/jpeg	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newyearsday2024.com/wp-content/uploads/christmas-composition-with-shiny-hanging-baubles.jpg Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c7cd89fdbd7848d0e4a556d0cb5355132bf4221cb9bcd02c686559266f9da06 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 14:37:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65674c8d-164c6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcyhLSdb%2BcSN4ik5%2BH%2Bac8f9%2FjtWiBkAajmg7qI%2BH94O5dP6ParpUEfLQWYIIj2KjFtmCg7L4XxYEcZPmEZFxmz1jc%2BTncRqhwiHvQGMvYhCnWzgZFvuO%2BX5bTHSxzn6ONOEZPS2U%2Fsmm2iVWLGh8xq7"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 869970dcff778fca-FRA alt-svc h3=":443"; ma=86400 content-length 91334
GET H3	200	woods-covered-with-snow-17.jpg newyearsday2024.com/wp-content/uploads/	185 KB 186 KB	231ms 229ms	Image image/jpeg	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newyearsday2024.com/wp-content/uploads/woods-covered-with-snow-17.jpg Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1d8f0a50adb9eaca5ed8fc72ef627544deb1f0b9e982e2d6db1bb63ed7b5bbe Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 14:37:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65674ca3-2e49c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7LLaXID7VLgJiEEokgtURMg6iCTGW0hvlEV%2F%2BKoxxUVea%2F6YtBtZCnSXTMphi%2FwWISNgqLVVAhcOzZxiV88p4Y9zGfdsoEpVxKOG0DmuQI3FfFffPDtStLiRGAYJY9KmnSn3EloSEbERWbqPZNeBXwS"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 869970dfba2565d7-FRA alt-svc h3=":443"; ma=86400 content-length 189596
GET H3	200	offside.min.js Show response newyearsday2024.com/wp-content/plugins/gp-premium/menu-plus/functions/js/	7 KB 3 KB	175ms 173ms	Script application/javascript	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.3.1 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Tue, 28 Nov 2023 07:30:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65659705-1a8b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKgZIpttjt1WkPdZpYxTVTKxNpJJGsMUEEhj0jkxn6rS1y7UmPFLAZHXdr12RigpigxNuk0T35Zf1X%2BOmQdkjn3ajM%2Fa8oiNVWpuushWisxgtkNMbbwCSeubTJxtFUkiU6nkWlu%2FENAc6GqhKXAt0DqP"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 869970dfba2865d7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	menu.min.js Show response newyearsday2024.com/wp-content/themes/generatepress/assets/js/	7 KB 2 KB	143ms 142ms	Script application/javascript	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Feb 2024 04:50:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65c30c00-1b2d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofADY91df2vxl0pFPA1e2D8AR%2B0tJcEKFX%2F0jshZA9y4uYo4%2BAaI3sKsw%2FTPiPZLiO%2BjWavB%2Fj04mKCX2ird7PYdJlFlBZ8wVI15kb5ZfEnq6GxUWkjU5RiBDnibR6lztYcKs9t38YNp%2FEAJnNbDxlJ0"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 869970dfba2b65d7-FRA alt-svc h3=":443"; ma=86400
GET H3	200	modal.js Show response newyearsday2024.com/wp-content/themes/generatepress/assets/dist/	3 KB 2 KB	155ms 154ms	Script application/javascript	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newyearsday2024.com/wp-content/themes/generatepress/assets/dist/modal.js?ver=3.4.0 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91b2dc9cd7ac64ecf6e58b3a6929024bb30b9af8de18de40d63e10ec4fbb35ea Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT content-encoding br cf-cache-status HIT last-modified Wed, 07 Feb 2024 04:50:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65c30c00-d65" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrY2gGBmuOF1NC%2BUlKahlhbFiQ1%2F2opQahW6%2BWGI3vy4gm9BCeu7Q4LMiV2b5cjUn9z8kJ48hy1y6HpUExTkfhbSIvmfE438RyUUzszO%2FKSfKE5zpY4D9PlnmLDDco2geWKslXK6iJtxmD5lnro2E5sa"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 869970dfba2c65d7-FRA alt-svc h3=":443"; ma=86400
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	15 KB 15 KB	138ms 41ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3Aregular%2C600%2C700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://newyearsday2024.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 19 Mar 2024 07:44:56 GMT x-content-type-options nosniff age 478159 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Mar 2025 07:44:56 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	14 KB 14 KB	149ms 51ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3Aregular%2C600%2C700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://newyearsday2024.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 19 Mar 2024 07:45:16 GMT x-content-type-options nosniff age 478139 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14712 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Mar 2025 07:45:16 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	14 KB 15 KB	182ms 84ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3Aregular%2C600%2C700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://newyearsday2024.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 23:09:09 GMT x-content-type-options nosniff age 509106 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14824 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 18 Mar 2025 23:09:09 GMT
GET H3	200	young-girlfriends-running-at-stadium.jpg newyearsday2024.com/wp-content/uploads/	81 KB 82 KB	359ms 358ms	Image image/jpeg	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newyearsday2024.com/wp-content/uploads/young-girlfriends-running-at-stadium.jpg Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c304a63a6ce218f54f1d66ea9a9947cd06e2be828c0d027195bad838d5fdfc14 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:15 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 14:38:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65674cde-14458" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KeLExoZ%2BhzpEfjitl4hhlz8M1J3dZeiPATD8IDmnMh2CNG2C6Pdha5mRoQ6e87qwJh7At2A6LZYRuVxZf1AiXlIBoN8NmP%2BK%2F%2F9EXS9WyESO1cNGdzCHHHXHX1q7zsQmg33GkNYQAaxwREQFJT4o%2FVvT"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 869970dffa5c65d7-FRA alt-svc h3=":443"; ma=86400 content-length 83032
GET H3	200	woods-covered-with-snow-35.jpg newyearsday2024.com/wp-content/uploads/	185 KB 186 KB	562ms 561ms	Image image/jpeg	2606:4700:3037::6815:3931 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newyearsday2024.com/wp-content/uploads/woods-covered-with-snow-35.jpg Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3931 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1d8f0a50adb9eaca5ed8fc72ef627544deb1f0b9e982e2d6db1bb63ed7b5bbe Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:16 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 14:38:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65674cce-2e49c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfGmPm2dMHJO0OYf0fnDFfOSpq6UalRP%2F83C7hNcXDGqKGdizX6pHf16EQHxM1rLqAzkFICpmpnu5Q3YFqHUd77CzCMkhskwi3xEj%2FVNuUBpkQKPx%2BaCAPK11NCVciQtpNR0JT6w21hLeWlV2uitHJ7Q"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 869970dffa5d65d7-FRA alt-svc h3=":443"; ma=86400 content-length 189596
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403210101/	407 KB 138 KB	177ms 97ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4081270401705596&plah=newyearsday2024.com&aplac=true&bust=31082131 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4081270401705596 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cc24e5a2aa1fb6b0beeef2e4627236460e6d0943e579184df87b1486d15e0875 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:16 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 141431 x-xss-protection 0 server cafe etag 9723878100333781356 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 24 Mar 2024 20:34:16 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 257 B	136ms 47ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-H5Q66B866E&gtm=45je43k0v9173622881za200&_p=1711312455620&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=470371175.1711312456&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711312455&sct=1&seg=0&dl=https%3A%2F%2Fnewyearsday2024.com%2F&dt=Happy%20New%20Year%27s%20Day%202024%20-%20Turn%20the%20Page%20to%20a%20Year%20of%20Wonders!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1396 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-H5Q66B866E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sun, 24 Mar 2024 20:34:16 GMT server Golfe2 content-type text/plain access-control-allow-origin https://newyearsday2024.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	403	ads Show response pagead2.googlesyndication.com/pagead/ Frame 008B	603 B 66 B	322ms 321ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4081270401705596&output=html&adk=1812271804&adf=3025194257&lmt=1711295932&plat=1%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fnewyearsday2024.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711312455913&bpp=4&bdt=744&idt=282&shv=r20240320&mjsv=m202403210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4279704272078&frm=20&pv=2&ga_vid=470371175.1711312456&ga_sid=1711312456&ga_hid=184368876&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082031%2C44798934%2C95325976%2C31082131%2C95320376%2C95322399&oid=2&pvsid=3996287431835622&tmod=2021806959&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=308 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4081270401705596&plah=newyearsday2024.com&aplac=true&bust=31082131 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://newyearsday2024.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 24 Mar 2024 20:34:16 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	71ms 70ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=custom-fixed-bottom-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175 Requested by Host: newyearsday2024.com URL: https://newyearsday2024.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Sun, 24 Mar 2024 20:34:16 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	84ms 83ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4081270401705596&plah=newyearsday2024.com&aplac=true&bust=31082131 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a90a6b0320dea6036d8252366c31fa751737a176811bbd76290834c206390cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:16 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12318 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	277ms 113ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4081270401705596&plah=newyearsday2024.com&aplac=true&bust=31082131 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 24 Mar 2024 20:34:16 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame C409	13 KB 5 KB	58ms 58ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://newyearsday2024.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 39066 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 24 Mar 2024 09:43:10 GMT expires Mon, 24 Mar 2025 09:43:10 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response pagead2.googlesyndication.com/bg/ Frame C409	40 KB 16 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 12:47:33 GMT content-encoding br x-content-type-options nosniff age 28004 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15865 x-xss-protection 0 last-modified Thu, 14 Mar 2024 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 24 Mar 2025 12:47:33 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame C409	0 10 B	40ms 39ms	Image text/plain	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?INZsuw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 24 Mar 2024 20:34:17 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	72ms 71ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=3996287431835622&bg=!xMelx4jNAAZaswqNerM7ADQBe5WfOHidO1M7VbVPr86mwXqegKkF6STY7RxtaYRka_8_4-agS4rsvUFu-vNRQGiwNjYwAgAAAEFSAAAAAmgBB34ANV9rINZKkdzoU2MJyMNfcC0JTvr-iubMJPBy3EVJlmk0QWJjE35t8a_O4xLUqmz99L5xNAlWmQJv3BVxVYJ9Q13MAABegQJKFmcuCdr9n-DW9R1v061-SfYBGfL4IrKXjXFYR9o35p5R6X77bVupNghrjc5GF83t7HILTZhFKvxoCjncBTbrkZLrzPNWjulVa4jWGivWNipQ4EDSraxD5okMN-JWrAtyQ_WAv9Q3kOUq54h5fYD39E9kCl8HJjH8A09P6dZZy8clcGKvlxSp-VHIAkDdnABoDyFzGohwc-WB9ahmkTAXJ9k_VMkP0FUcpTo1BhH-KxjA0KMHtA6G5Z4SS5rvNswvYX6I7w_dK5kIF8Gqa5IrTQX2x7LMMg_zloaFE820skeztrXKFI8nXFSbSuEVi5nSxk1ptSXq3L-yWG13_TtO3umrq6Kgeh-mJk86mXC4LhlnPZPQu9FWXR-GO9G0i1hjoU9xF20GnK1A88ojpKDfnTrczVlwzXGkckGBK_oJa6D3oe-PgYL7zdsZqLNzQQyM5MdCrbJCG6Rp035NlSK_kayhoZ9cLmDaEVCsn1v-BEyW51STXaifEaJ6xClfT9UsisycJvopqGQPWsNfl7pnrTuyNVsy0kKoMGkUKxK4_Evp2udZwlviN989ZNBxSqXScLGWy1PpvnJFzWznt40Slsi_4NHue_0GSnR2xizNZEsDcYSuG9TNcpceFw-mHL1Fp0Ttv0YrebQnr62qCeU3U_wM0bPxAsf4jxiOEMKUeZI8CB2DVCo1zv2Eac5RN8M6yuJxgO9PxgZYywyQvTFHzsbtXpjmoYFXm1bJQ09Rwd2SogHznYpU0OLZlDOuG3jNMhdE-R0oX_LqTy6sKGjccgNws_ubZllY00-3nJgRjoI Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://newyearsday2024.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| $ function| jQuery function| gtag object| dataLayer object| offSide object| generateOffside object| closeElements object| slideoutLinks function| closeOffsideOnAction object| toggles function| offside function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| generatepressMenu object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.newyearsday2024.com/	1970-01-21 04:57:52	Name: _ga_H5Q66B866E Value: GS1.1.1711312455.1.0.1711312455.0.0.0
			.newyearsday2024.com/	1970-01-21 04:57:52	Name: _ga Value: GA1.1.470371175.1711312456

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4081270401705596&output=html&adk=1812271804&adf=3025194257&lmt=1711295932&plat=1%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fnewyearsday2024.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711312455913&bpp=4&bdt=744&idt=282&shv=r20240320&mjsv=m202403210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4279704272078&frm=20&pv=2&ga_vid=470371175.1711312456&ga_sid=1711312456&ga_hid=184368876&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082031%2C44798934%2C95325976%2C31082131%2C95320376%2C95322399&oid=2&pvsid=3996287431835622&tmod=2021806959&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=308 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
newyearsday2024.com
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:3037::6815:3931
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82f::2003
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
2c7cd89fdbd7848d0e4a556d0cb5355132bf4221cb9bcd02c686559266f9da06
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
4dc6d9d3b5a9cb395caa9347b42549154a34ecf14877f58c9f57b143a5d927f0
50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8ce4e5dcbce124e6ce72565e362af9421b429350bbace797b314f15306ea7435
91b2dc9cd7ac64ecf6e58b3a6929024bb30b9af8de18de40d63e10ec4fbb35ea
a90a6b0320dea6036d8252366c31fa751737a176811bbd76290834c206390cd1
b1d8f0a50adb9eaca5ed8fc72ef627544deb1f0b9e982e2d6db1bb63ed7b5bbe
b535dd0a6db0df9f1d4bf9413d1d6d2c423769057b1d120ce774240f6bf7e8ad
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
c304a63a6ce218f54f1d66ea9a9947cd06e2be828c0d027195bad838d5fdfc14
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc24e5a2aa1fb6b0beeef2e4627236460e6d0943e579184df87b1486d15e0875
ccafa3c473d1ebd280a1691e4f7851e2abb652214bc99bf92b54dc624b5f8fcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ba8f74efd1e60bddc4377a46fcdf871d1cf39668739cf719d6f883b30556a8
eb9361c0a8de6ae26f72ff9901bfc546428e58f5f2659d47ecc643a87b28e89a