urlscan.io logo urlscan.io
SecurityTrails logo

kudaku.xyz Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cuanmaximal.store/#ne
Effective URL: https://kudaku.xyz/
Submission Tags: 0xscam
Submission: On September 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 25 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kudaku.xyz.
TLS certificate: Issued by WE1 on August 27th 2024. Valid for: 3 months.
This is the only time kudaku.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 172.67.164.171 13335 (CLOUDFLAR...)
1 18.66.196.33 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 188.114.97.3 13335 (CLOUDFLAR...)
5 23.36.162.223 20940 (AKAMAI-ASN1)
3 18.66.196.57 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.225 15169 (GOOGLE)
2 172.67.129.68 13335 (CLOUDFLAR...)
25 12
4    172.67.164.171 (United States)

ASN13335 (CLOUDFLARENET, US)
cuanmaximal.store
1    18.66.196.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-196-33.mxp63.r.cloudfront.net
img.hotimg.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
kudaku.xyz
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
imgsaya.io
5    23.36.162.223 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-223.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    18.66.196.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-196-57.mxp63.r.cloudfront.net
img.hotimg.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
cdn.ampproject.org
2    172.67.129.68 (United States)

ASN13335 (CLOUDFLARENET, US)
gokil.vip
Apex Domain
Subdomains		 Transfer
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
139 KB
4 imgsaya.io
imgsaya.io — Cisco Umbrella Rank: 203448
49 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
84 KB
4 hotimg.com
img.hotimg.com — Cisco Umbrella Rank: 838858
341 KB
4 cuanmaximal.store
cuanmaximal.store
7 KB
2 gokil.vip
gokil.vip — Cisco Umbrella Rank: 594695
1 gstatic.com
fonts.gstatic.com
39 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 kudaku.xyz
kudaku.xyz
5 KB
25 9
Domain Requested by
5 analytics.tiktok.com kudaku.xyz
analytics.tiktok.com
4 imgsaya.io kudaku.xyz
4 cdn.ampproject.org kudaku.xyz
cdn.ampproject.org
4 img.hotimg.com cuanmaximal.store
kudaku.xyz
4 cuanmaximal.store 1 redirects cuanmaximal.store
2 gokil.vip kudaku.xyz
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com kudaku.xyz
1 kudaku.xyz
25 9

This site contains links to these domains. Also see Links.

Domain
rumahlx7.xyz
Subject Issuer Validity Valid
cuanmaximal.store
WE1		 2024-09-08 -
2024-12-07		 3 months crt.sh
img.hotimg.com
Amazon RSA 2048 M03		 2024-02-15 -
2025-03-16		 a year crt.sh
kudaku.xyz
WE1		 2024-08-27 -
2024-11-25		 3 months crt.sh
misc-sni.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
imgsaya.io
WE1		 2024-09-07 -
2024-12-06		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
gokil.vip
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://kudaku.xyz/
Frame ID: E0525E0EF673FFD7576B83C0C203023D
Requests: 28 HTTP requests in this frame

Frame: https://cuanmaximal.store/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js
Frame ID: 2052CA0747CFC8F153F3900631806047
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LXTOTO > Situs Slot Gacor Gampang Menang Setiap hari

Page URL History Show full URLs

  1. https://cuanmaximal.store/ Page URL
  2. https://kudaku.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

25
Requests

96 %
HTTPS

36 %
IPv6

9
Domains

9
Subdomains

12
IPs

3
Countries

665 kB
Transfer

16279 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cuanmaximal.store/ Page URL
  2. https://kudaku.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://cuanmaximal.store/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://cuanmaximal.store/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cuanmaximal.store/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cuanmaximal.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.164.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ffc95b608766dfbd7477a6330929939906aab99e1d8ec69a9cd3dbb96c71509

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c10831c0fa89f57-FRA
content-encoding
br
content-type
text/html
date
Tue, 10 Sep 2024 15:39:41 GMT
last-modified
Mon, 09 Sep 2024 01:27:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2Z9PeCChT04jwRkiYZ%2Bxc0m3wLt0vK2Erox6Pvt1TBVGYD2lsVZ%2F9GIf2gwxO0%2BW1APr06xQyzo4qxJns4tK3%2BWKdCuGIX9%2FU1SlzJiTY5rd2bPV3hn0ELHCchQ3hXp8gSRJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
ff9b427b7ce44b00d1667a99e74b822f-removebg-preview.png
img.hotimg.com/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hotimg.com/ff9b427b7ce44b00d1667a99e74b822f-removebg-preview.png
Requested by
Host: cuanmaximal.store
URL: https://cuanmaximal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-33.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d464bd68c20ef7c3620496eb25250c1d3461f8781486710b015f2df94d869e8

Request headers

Referer
https://cuanmaximal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 00:35:52 GMT
via
1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
last-modified
Mon, 09 Sep 2024 00:29:03 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P1
age
140630
etag
"019d641d23d1264245cf3f9e505ca541"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
170182
x-amz-cf-id
lt4POlTdrTzCR8BkhcPJrnltHYVh_Y9KLHVxgUMEJOyG62dG2HObaA==
main.js
cuanmaximal.store/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/ Frame 2052
Redirect Chain
  • https://cuanmaximal.store/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://cuanmaximal.store/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuanmaximal.store/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js?
Requested by
Host: cuanmaximal.store
URL: https://cuanmaximal.store/
Protocol
H3
Server
172.67.164.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31def16a974ef20a54ca2943fd9685bdce4ba3bb0f095e26f87c441aa45f956b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 15:39:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEovHJYyKE0nRd4Tbn9BBdBN1TYYQWQKNH04JnLTYnWNjpD8%2FNPWLJTJTB0vsrvNxzdaI8yPuxEzKSItQCEhD%2Ba73cVTWqJufnIBqouUBT4Zx5lYM2sJYcADznmHBA43E41WMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c1083211ea39f57-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 10 Sep 2024 15:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OyOHaV7D2KUZ21FOrFP7jFRAkmhaHTF3V7d2p%2Bz1zRtYV05cn6JmJYOSlJzw69Ud9CJjxi2IvtJtLjMdBFE1Mem4%2FyIqF4kF6eAt3aeb5b1RPrTrcglk75ja4QYx8wCmbY2dg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7cf142fb2c1f/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c108320ee6b9f57-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
cuanmaximal.store/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cuanmaximal.store/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.164.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

Referer
https://cuanmaximal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 15:39:42 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTvwOPdi4Q5gFl6KjfTtap3qpgVHx806sUpat7StuzPkBGnGcaLfZOaU8W5BR8YibENiHOuS2ZzSa%2FDWWkkTrgldMRpdiysx7PS%2FKOQM9c2XLJ8DEznNa5QcqmOg30yFlHldyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
8c108321dfc39f57-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
kudaku.xyz/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kudaku.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d15033da4d113dfc14b89e5094dd495a27867577af5a093737e739e30cd6eed7

Request headers

Referer
https://cuanmaximal.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c108327da5365d4-FRA
content-encoding
br
content-type
text/html
date
Tue, 10 Sep 2024 15:39:43 GMT
last-modified
Mon, 09 Sep 2024 01:33:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSjpTLEXxBdib%2FHaBmRfxn6zBojalX%2Fk2s5hXBaAziQEq%2BMlqhxSP66bkfkY390j%2Ful3ZyRPAyQKd6CWPD2Dq%2F%2FzM6o8ceDvboFLKcmnSE4PX9Xb80UN61a2SuGEJPxpX6lg4JmhlZvQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc62c28bbcaa4c3fd88d9448415ac2ee1de8bb47ffa346798b76183f99b84203
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 10 Sep 2024 15:39:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73069
x-xss-protection
0
server
sffe
etag
"aa99a87e81a93834"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Sep 2024 15:39:43 GMT
amp-audio-0.1.js
cdn.ampproject.org/v0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-audio-0.1.js
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcec980e2d9e250cb1d2d60145da21a00c2518e2aaf4da9e9ffec91cff8b25c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 10 Sep 2024 15:39:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4312
x-xss-protection
0
server
sffe
etag
"33fea18461fb8ecb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Sep 2024 15:39:43 GMT
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Sep 2024 15:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 15:08:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Sep 2024 15:39:43 GMT
wA8hGJQT.png
imgsaya.io/download/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya.io/download/wA8hGJQT.png
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728a6f51caf67cbf0652c3074ef56768ca4b6e8b838ba0a369cf460e847d60e7
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 15:39:43 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx00000f15a6a5d08941f95-0066dcd06b-a5038-default
x-ratelimit-remaining-second
245
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
11622
x-xss-protection
1; mode=block
last-modified
Mon, 13 May 2024 13:44:11 GMT
server
cloudflare
etag
"d282dd2afa2b4cb4b868eb6c7b03b7a9"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZplZlreJTTaycWltFfdEO0yUUgrpwU2O8MFDXYcWfPEKiWJB%2BM0C%2FJeZMOwpUIq0zsUNNUN5oZJtLHABORA8ZuvVi8LzhS4Ym5kGsXAx5YpoJ7fz6C9MV35Ucb3s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8c10832a78efbbef-FRA
ratelimit-remaining
245
x-proxy-cache
HIT
NGbmYyJR.png
imgsaya.io/download/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya.io/download/NGbmYyJR.png
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b898433358e4f4fb71a36a5370dd41380ee15568f6bc9af0df2ca012b40d74e
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 15:39:43 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx000004e45a1c1c1e81d50-0066dcf373-a50e7-default
x-ratelimit-remaining-second
245
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
11623
x-xss-protection
1; mode=block
last-modified
Mon, 13 May 2024 13:44:14 GMT
server
cloudflare
etag
"23ded5ea424d2133eca574c42b48328d"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ENthp%2B%2BlIoqKBM092%2BpYGKU08rgyVB02jnoDLZCoPDPHOyydOhWJTccbb2K3gqztMgLBEraVxdTnX3tSicvdxbUtHpSoozad0fMxs2ZNrlUX%2Fs8HQtEtiFQYlyk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8c10832a78f9bbef-FRA
ratelimit-remaining
245
x-proxy-cache
HIT
QIAb46mR.png
imgsaya.io/download/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya.io/download/QIAb46mR.png
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae73a7b55f88cd92ac63544aa533ebe1b48fe904564c2c3b18ba123b087f1a7
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 15:39:43 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx00000ad95536616da0cb9-0066dcd06a-a2be6-default
x-ratelimit-remaining-second
246
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
10456
x-xss-protection
1; mode=block
last-modified
Mon, 13 May 2024 13:44:13 GMT
server
cloudflare
etag
"7d949188a8a1b086b5911dc045eba40f"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ByvbJrK49Df84s%2BRSQM1bZCTwHF9oKehdMpAnOvNK4mKjRTLy7YgKIedSmQ9uqBUIoPzaHvkeyqlB%2BweXQMGUaQDakywOrkNcloBHR9LqfP8FZaEbMX9qQg6R9ys"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8c10832a78f6bbef-FRA
ratelimit-remaining
246
x-proxy-cache
HIT
57zqXkyP.png
imgsaya.io/download/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsaya.io/download/57zqXkyP.png
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac63fa61e61c45bb2f5035a145f9d3dd1b5a9575d29f7040951f936642a435f2
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 15:39:43 GMT
ratelimit-reset
1
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
REVALIDATED
x-ratelimit-limit-second
250
x-amz-request-id
tx000007959bf2d00c70eb9-0066dcd06c-a05b6-default
x-ratelimit-remaining-second
247
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
250
alt-svc
h3=":443"; ma=86400
content-length
14149
x-xss-protection
1; mode=block
last-modified
Mon, 13 May 2024 13:44:09 GMT
server
cloudflare
etag
"ecb4f0f0606807811e97f48b8be13903"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BkPh4CxgWh95UUdllKInO15lAMuFgkWyEV%2FTlFujmS3Vq5vVaSlfAbhME84%2FeE5CNsy%2B6IuM%2F50VPBEqicP4y6Cg0KQBeiGSm6PHukhjvxBBBF5RP5vnCAfWzXCK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8c10832a78f4bbef-FRA
ratelimit-remaining
247
x-proxy-cache
HIT
events.js
analytics.tiktok.com/i18n/pixel/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRF50BRC77U326FJBFO0&lib=ttq
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0213fe21d6299d32526f881f4950f38c659d56d92ef4913fc196804c9c0388d8

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
cd9f3c6
date
Tue, 10 Sep 2024 15:39:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24091015394306EC8B03336431DE8E90-39ED17A36ED079A6-00
x-cache
TCP_MISS from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=109
content-length
2252
pragma
no-cache
server
nginx
x-tt-logid
2024091015394306EC8B03336431DE8E90
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
109,23.206.213.223
x-tt-trace-host
019ea06ef8d8af6d4390312b4ad17a6019583638d09145523b6f40838869ab2f47e9079a9328e17745c5a416fbff624cb8581da88876d6223976145b57a273f577dfff24b9999414243c5edc60fea7362f5c7fd6d12266e625f89979b641bcc61e
expires
Tue, 10 Sep 2024 15:39:43 GMT
video-to-gif-converter.gif
img.hotimg.com/ 		11 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hotimg.com/video-to-gif-converter.gif
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-57.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 01:20:24 GMT
via
1.1 d0e1f57f270c2e4a3b8f618170971cd8.cloudfront.net (CloudFront)
last-modified
Mon, 09 Sep 2024 01:19:06 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P1
age
137960
etag
"fe2e5b2380b2d9aa685301af69a6e776"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
28662914
x-amz-cf-id
MmDJICbtQJW3SdnIy42SvfzdaOH9Ll5CVpuIjhgE3OP64DFV95PMEQ==
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kudaku.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 21:55:47 GMT
x-content-type-options
nosniff
age
236636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39412
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 22:43:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Sep 2025 21:55:47 GMT
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
BOLA.jpeg
img.hotimg.com/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.hotimg.com/BOLA.jpeg
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-57.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5068086269a890c85ecaba4775b8d3934eed30be9f7e0a3698c56355a620c293

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 03:25:23 GMT
via
1.1 d0e1f57f270c2e4a3b8f618170971cd8.cloudfront.net (CloudFront)
last-modified
Sun, 11 Aug 2024 14:13:54 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P1
age
303260
etag
"ea1aa30b8e9d0005f6514c65a671b41e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
177872
x-amz-cf-id
WdcNFk5gXUn8OVcrVzprS321AfIeVC0z2-RRayfD3eVsNrhNTq8DSw==
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012406252034000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406252034000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
f2d32e990f8c2cdea703482d182b72015b64ef9d7de4cf1ef01043236062c7fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kudaku.xyz/
Origin
https://kudaku.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Sep 2024 11:41:50 GMT
age
14273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"b3a7da082c4f77e9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Sep 2025 11:41:50 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012406252034000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012406252034000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
d7ce36593c3ca293f7d3a4c8faae86175961860eb64a0acaf597b6b03e35d04c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kudaku.xyz/
Origin
https://kudaku.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Sep 2024 12:31:24 GMT
age
11299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3940
x-xss-protection
0
server
sffe
etag
"24d297f33544dfa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Sep 2025 12:31:24 GMT
gempa-lokal-4.mp3
gokil.vip/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://gokil.vip/gempa-lokal-4.mp3
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://kudaku.xyz/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 10 Sep 2024 15:39:43 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Mar 2024 11:37:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AE8pVFgAAF6O2Tbjt1tqHhwF%2FqYAjqJLMiwSEc5MgO2U4LbImu9bQ5Sa17IFGE0cF028%2FML3VUzxAlLte4htRXn1x8%2FqVSxRo5MG19dPJbcRbeLkQE7aqSphvy0%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-195500244/195500245
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
8c10832bfaadd27a-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
195500245
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
main.MTZlYmMyNjliMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRF50BRC77U326FJBFO0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95e25130fdfe5aa05ae385ef9f12ed6b8105a4f0aab709c5f06fc6ca796006b1

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
cd9f55f
date
Tue, 10 Sep 2024 15:39:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240830022527C1C0C89A31163C845DC2
x-tt-trace-id
00-240830022527C1C0C89A31163C845DC2-32366B7447193C32-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
017c32674b05ee762ed0c2ba09c0b477898765fa45ccb6d54e2788d64957a600ddb47fbe846788861098933064282fb60387f181bd406d24b8ee7f3370421c9d194f232048be9dffef3753c6462f42835dd860cb52c072a983509ee27827f486c5
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=16
content-length
96762
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
cd9f85c
date
Tue, 10 Sep 2024 15:39:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240830022530C1C0C89A31163C845E4C
x-tt-trace-id
00-240830022530C1C0C89A31163C845E4C-25F48E1399FF78E6-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
017c32674b05ee762ed0c2ba09c0b477898765fa45ccb6d54e2788d64957a600ddb47fbe846788861098933064282fb603a17ff296a261562875eb883d578e781b99436cd7610bd27b627e826f9665ec30bbf525ad3fe91c9e6789b045d4e5b837
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
39366
pixel
analytics.tiktok.com/api/v2/ 		0
879 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3f0a9e39.cd9f870
date
Tue, 10 Sep 2024 15:39:43 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240910153943EE8252FECEE078D1FBE7-4529EB338181BA71-00
x-cache
TCP_MISS from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time
119,23.206.213.223
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=33, inner; dur=29
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240910153943EE8252FECEE078D1FBE7
x-cache-remote
TCP_MISS from a23-48-100-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
33,23.48.100.133
x-tt-trace-host
019ea06ef8d8af6d4390312b4ad17a601983e26b2ba4e7fd92b65bd633acc8285154c60c5a00d2691a93b8faa06b19b6ee5c2c8e3619fc70e90c407520da6ddc68adf7db9dfc63269fad2afff875acce3408b5ec216581b5b453775705b04ceb7ea4001a5a811b8f6cb269bd29b4434042
access-control-allow-headers
Authorization,*
expires
Tue, 10 Sep 2024 15:39:43 GMT
truncated
/ 		198 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30e16711e97574b02dd52c8882c55536dd1e565e3888bb04883f6936e30dbc64

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
BOLA.jpeg
img.hotimg.com/ 		174 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://img.hotimg.com/BOLA.jpeg
Requested by
Host: kudaku.xyz
URL: https://kudaku.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-57.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5068086269a890c85ecaba4775b8d3934eed30be9f7e0a3698c56355a620c293

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 03:25:23 GMT
via
1.1 d0e1f57f270c2e4a3b8f618170971cd8.cloudfront.net (CloudFront)
last-modified
Sun, 11 Aug 2024 14:13:54 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P1
age
303260
etag
"ea1aa30b8e9d0005f6514c65a671b41e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
177872
x-amz-cf-id
WdcNFk5gXUn8OVcrVzprS321AfIeVC0z2-RRayfD3eVsNrhNTq8DSw==
act
analytics.tiktok.com/api/v2/pixel/ 		0
879 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kudaku.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
9a0f2744.cd9faa9
date
Tue, 10 Sep 2024 15:39:44 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2409101539440FFACAD7700FE79A03B1-0EC12AAC6668B866-00
x-cache
TCP_MISS from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time
206,23.206.213.223
server-timing
cdn-cache; desc=MISS, edge; dur=121, origin; dur=100, inner; dur=97
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202409101539440FFACAD7700FE79A03B1
x-cache-remote
TCP_MISS from a23-220-104-202.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
101,23.220.104.202
x-tt-trace-host
019ea06ef8d8af6d4390312b4ad17a6019b9552cf6e63973ca7c05b8ad8c166429b272cddaefd945f9aa33ee1d21b3f00ebabb5adb5975ba9ebd23c479a47e07eee07fc83ddbe18c01627bc9bf23af801e3a140559b010d0ab9caa6d4e9ea7a2fd0d0363b34dab3f57aef3e157d87eab08
access-control-allow-headers
Authorization,*
expires
Tue, 10 Sep 2024 15:39:44 GMT
gempa-lokal-4.mp3
gokil.vip/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://gokil.vip/gempa-lokal-4.mp3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://kudaku.xyz/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=3288152-

Response headers

date
Tue, 10 Sep 2024 15:39:43 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 22 Mar 2024 11:37:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AE8pVFgAAF6O2Tbjt1tqHhwF%2FqYAjqJLMiwSEc5MgO2U4LbImu9bQ5Sa17IFGE0cF028%2FML3VUzxAlLte4htRXn1x8%2FqVSxRo5MG19dPJbcRbeLkQE7aqSphvy0%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 3288152-195500244/195500245
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
8c10832bfaadd27a-FRA
alt-svc
h3=":443"; ma=86400
Content-Length
192212093

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| TiktokAnalyticsObject object| ttq object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

3 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2lsxrTF4496wPexZKhnlm64Qno8
.kudaku.xyz/ Name: _tt_enable_cookie
Value: 1
.kudaku.xyz/ Name: _ttp
Value: CRJQD6vQ9FVgM94ucjSRKemoqyp

1 Console Messages

Source Level URL
Text
network error URL: https://cuanmaximal.store/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdn.ampproject.org
cuanmaximal.store
fonts.googleapis.com
fonts.gstatic.com
gokil.vip
img.hotimg.com
imgsaya.io
kudaku.xyz
142.250.184.225
172.67.129.68
172.67.164.171
18.66.196.33
18.66.196.57
188.114.97.3
23.36.162.223
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:831::200a
2a06:98c1:3120::3
0213fe21d6299d32526f881f4950f38c659d56d92ef4913fc196804c9c0388d8
0ae73a7b55f88cd92ac63544aa533ebe1b48fe904564c2c3b18ba123b087f1a7
0ffc95b608766dfbd7477a6330929939906aab99e1d8ec69a9cd3dbb96c71509
30e16711e97574b02dd52c8882c55536dd1e565e3888bb04883f6936e30dbc64
31def16a974ef20a54ca2943fd9685bdce4ba3bb0f095e26f87c441aa45f956b
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
5068086269a890c85ecaba4775b8d3934eed30be9f7e0a3698c56355a620c293
5d464bd68c20ef7c3620496eb25250c1d3461f8781486710b015f2df94d869e8
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
728a6f51caf67cbf0652c3074ef56768ca4b6e8b838ba0a369cf460e847d60e7
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
95e25130fdfe5aa05ae385ef9f12ed6b8105a4f0aab709c5f06fc6ca796006b1
9b898433358e4f4fb71a36a5370dd41380ee15568f6bc9af0df2ca012b40d74e
ac63fa61e61c45bb2f5035a145f9d3dd1b5a9575d29f7040951f936642a435f2
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
bc62c28bbcaa4c3fd88d9448415ac2ee1de8bb47ffa346798b76183f99b84203
cdcec980e2d9e250cb1d2d60145da21a00c2518e2aaf4da9e9ffec91cff8b25c
d15033da4d113dfc14b89e5094dd495a27867577af5a093737e739e30cd6eed7
d7ce36593c3ca293f7d3a4c8faae86175961860eb64a0acaf597b6b03e35d04c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2d32e990f8c2cdea703482d182b72015b64ef9d7de4cf1ef01043236062c7fe
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b