urlscan.io logo urlscan.io
SecurityTrails logo

chdk.setepontos.com Open in urlscan Pro
172.67.134.77  Public Scan

Go To Rescan Add Verdict Report
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RA...
Submission Tags: falconsandbox
Submission: On June 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 28 HTTP transactions. The main IP is 172.67.134.77, located in United States and belongs to CLOUDFLARENET, US. The main domain is chdk.setepontos.com.
TLS certificate: Issued by E1 on April 14th 2024. Valid for: 3 months.
This is the only time chdk.setepontos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    172.67.134.77 (United States)

ASN13335 (CLOUDFLARENET, US)
chdk.setepontos.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
pagead2.googlesyndication.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
9 setepontos.com
chdk.setepontos.com
156 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3163
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 716
www.google.com — Cisco Umbrella Rank: 5
127 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8139
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
398 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
164 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
195 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
6 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1009
7 KB
28 10
Domain Requested by
9 chdk.setepontos.com 1 redirects chdk.setepontos.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com chdk.setepontos.com
2 www.google.de chdk.setepontos.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com chdk.setepontos.com
www.googletagmanager.com
2 pagead2.googlesyndication.com chdk.setepontos.com
pagead2.googlesyndication.com
1 fonts.googleapis.com
1 www.google.com chdk.setepontos.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.cloudflareinsights.com chdk.setepontos.com
28 12

This site contains links to these domains. Also see Links.

Domain
www.gtva.org
www.simpleportal.net
Subject Issuer Validity Valid
setepontos.com
E1		 2024-04-14 -
2024-07-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.de
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Frame ID: 760E18D49052854A750FDC5424871568
Requests: 31 HTTP requests in this frame

Frame: https://chdk.setepontos.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
Frame ID: 5F5E186AC568C5FF52E5FEE012AF9949
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CHDK Forum - Home - Index

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

96 %
HTTPS

62 %
IPv6

10
Domains

12
Subdomains

14
IPs

3
Countries

850 kB
Transfer

2625 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://chdk.setepontos.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://chdk.setepontos.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
chdk.setepontos.com/ 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2552228d61dfc5e523b5a91e041ee1e9e039af89512baf8fac01e2eef32c5400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88f0463b29141d92-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 05 Jun 2024 12:48:00 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 05 Jun 2024 12:48:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O3ZOi7TB%2FlbKW2bDASBs4Eta4WpNQ%2FcI1s7DTG3kuOt5WK0c0UHx4ygZn%2B91mb3b7jH2KigObQUoVdmHsH8Fqi4%2BKN4GeJFuZBsCJx7oNpEsAfVbJnm22zVWSITQ%2BZxdWyYRdCtd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,Accept-Encoding,User-Agent,User-Agent Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1
sbssmDvxWlWXZijgmSjqZOm4C7o.js
chdk.setepontos.com/cdn-cgi/apps/head/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chdk.setepontos.com/cdn-cgi/apps/head/sbssmDvxWlWXZijgmSjqZOm4C7o.js
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3138c069174ccc21a50ec59725f76f3faf454254367d906db04ece644db001b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:00 GMT
content-encoding
gzip
x-amz-version-id
wMc2eL6_L_13_be4h0l26ekyJqT1tkz5
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
x-amz-request-id
ASYYFJD6RH3VX8R0
age
203126
alt-svc
h3=":443"; ma=86400
content-length
2139
x-amz-id-2
HaZ7K19PYldRs/FThUWOkVNRjLBDPUnDeAJo8mfo7CTddKK8ws/qGl+m9LuAEMNNBJhVkoHTQDs=
last-modified
Wed, 14 Mar 2018 17:50:01 GMT
server
cloudflare
etag
"b5a6f7bac16bd0d00694820edaeda97c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cklj82p9XouUFSS%2FsBjeqg6sOcr1c%2FYJpb7QiqwM2uNi3gQdK2DHNegkNC19INXcGVGvK5eWcCm3oFHBRdVEJ1QQ5Fk1aZze6tTLi1QoVsJIqQryIPbaydj7kqtq37awzcwcFFKd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88f046415b071d92-FRA
compiled.js
chdk.setepontos.com/Themes/smf4mobile-1/scripts/ 		400 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chdk.setepontos.com/Themes/smf4mobile-1/scripts/compiled.js?version=1.2_1456485040
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00191d89141f4cae39443eaf9eebcef2cb59dae750d22b72d8ec25aba362b1b7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23355
cf-polished
origSize=409534
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Feb 2016 11:10:40 GMT
server
cloudflare
etag
W/"63fbe-56d032b0-22421964bb3b88ef;br"
vary
Accept-Encoding,User-Agent,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nsOTZLf6qIKP0TNk09LU0eZTojcAs%2Bzjx34R%2FU3Dtea%2BxMWH0Yd0RT3fXXEs1Xjb2jmBWx71mwIiztCq%2F9gJxAdPtjB7cZpEeF8MFT45G1bMhf%2FvLcaVSxdna3mM23h8S7UuxGki"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
88f046415b0c1d92-FRA
expires
Wed, 12 Jun 2024 06:18:45 GMT
compiled_3f9fe0.css
chdk.setepontos.com/Themes/smf4mobile-1/css/ 		190 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chdk.setepontos.com/Themes/smf4mobile-1/css/compiled_3f9fe0.css?version=1.2_1456485040
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0568ac3ae2f69d6918d950e8aaf7a693f4cab04827732caeac923efa7a1e0f92

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23355
cf-polished
origSize=216391
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Feb 2016 11:10:40 GMT
server
cloudflare
etag
W/"34d47-56d032b0-2e86978a8ba72b9;br"
vary
Accept-Encoding,User-Agent,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkvBMxhCgb7xkTFcyNLIlhdhFqqVA3%2B8m3FBsVQhSInfNVJlKcsQKhr%2BcaZd6bq0uc%2Bd0JC52COPG%2FwPd0a8xld8TCBpGPnyi9y51V0q63LEnXHpcJVv19Ye0e0qbr4%2BL5LsvNfG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
88f046415b0d1d92-FRA
expires
Wed, 12 Jun 2024 06:18:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
4ef9a262317771bbcfa93ef44d3f2ee5b8e1cea0ef2f2fe34837547319ccce90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52462
x-xss-protection
0
server
cafe
etag
18093630743413353713
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 05 Jun 2024 12:48:00 GMT
beacon.min.js
static.cloudflareinsights.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642aff235fab8d0f59d68d579d67cb9657fcae53e7cf555fb025a20ed78a6e3b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:00 GMT
content-encoding
gzip
last-modified
Mon, 03 Jun 2024 22:09:07 GMT
server
cloudflare
etag
W/"2024.6.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88f04643d988972b-FRA
js
www.googletagmanager.com/gtag/ 		206 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-25368391-1
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/cdn-cgi/apps/head/sbssmDvxWlWXZijgmSjqZOm4C7o.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7130cfe48edc87770df04c7d95d42d24dd8860994ff479ffccb8136b3f459202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75944
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jun 2024 12:48:00 GMT
ajax-loader.gif
chdk.setepontos.com/Themes/smf4mobile-1/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chdk.setepontos.com/Themes/smf4mobile-1/images/ajax-loader.gif
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/Themes/smf4mobile-1/css/compiled_3f9fe0.css?version=1.2_1456485040
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/Themes/smf4mobile-1/css/compiled_3f9fe0.css?version=1.2_1456485040
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23354
alt-svc
h3=":443"; ma=86400
content-length
6242
last-modified
Fri, 26 Feb 2016 11:10:40 GMT
server
cloudflare
etag
"1862-56d032b0-714c1a6b656dde34;;;"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ebowv8G0XJoWRmibAF5%2Bz9HDvYPLGbrHzz%2F6RkH4t2fKgfTikKAJwZIPO%2FfgFeJ52zGv6Vez4RzDBETmz%2FC8urJ%2FbUUyzqLI0sClYSujMV6vqA3LTbXsAgXJ8JXnpaZwfO8HZwHx"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
88f04645fa121d92-FRA
expires
Wed, 12 Jun 2024 06:18:46 GMT
truncated
/ 		649 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d410b7db02d09c9e9989062aa144764bcd3e0c6df3b042066ea44e224678504d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		560 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ba4ae58f40f7474ed34314043588b316e9e60a32a2ad85fc6db56bbef626621

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		469 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0467516fad3da4583d87c44e6383e8764a5d5f8c24edeefcaaa4de5983fc492e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		461 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
819e7c536dda1c67939a96c4d1d46af21250bffafa019bdc5585737ae6af012a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
main.js
chdk.setepontos.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/ Frame 5F5E
Redirect Chain
  • https://chdk.setepontos.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://chdk.setepontos.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chdk.setepontos.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Server
172.67.134.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e75905124060d02a2f1830befcfe39d528873da36d7720830c1ef87b013da39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 05 Jun 2024 12:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=548b%2Blef43HHJPTKTsLoe254eSdonZuBKUJP0TYkgaO6XDmar0JOsqfgSwHU3AP35LphrUxUFIdpwAk71G%2BNoHawWfOqcYOwAwcYl4PkPDAQjWSPC1d3M96d3QSoNRF0ra1Hk257"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
88f046466ae51d92-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 05 Jun 2024 12:48:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3ehAsd57qhdNX%2B6yYud7JyqV0%2FxPxQYe1cCAPyNPyIAIlZEgPT1doXJ8kXbhW7%2FTwiMt8%2BU8i4YkzZhmD%2B82dhzchuSmKChRprM2WhBkdt2ffQL%2BY1QiHRO4JcpKONMR5psieHe"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
cache-control
max-age=300, public
cf-ray
88f046461a431d92-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406040101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2016628404301022&plah=chdk.setepontos.com&aplac=true&bust=31084283
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
c03307c558f21d32f363203a2f9c55a8833b6231bf211c6da09444793765c7ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147176
x-xss-protection
0
server
cafe
etag
9909614682176475786
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Jun 2024 12:48:01 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DMQR0P81LB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-25368391-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e83f88fae7b3411ca6bb283929420804681a59b2cbc22709e1284920d2e80d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91713
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jun 2024 12:48:01 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-25368391-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Jun 2024 12:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1133
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 05 Jun 2024 14:29:08 GMT
88f0463b29141d92
chdk.setepontos.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5F5E 		0
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chdk.setepontos.com/cdn-cgi/challenge-platform/h/b/jsd/r/88f0463b29141d92
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jun 2024 12:48:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8eXEWsPFhj9AZgPKdme4XAXt3goH4uZo3M85BxkppqSA4sGfOpHsb4Wi3PX2A2WB1DJo2erlLGDk0Y5CFgMe8gnJfgvGYO2o3ogpdEwM6sVGPtuu%2Fw%2BFPwZa8rCRhNx3J%2BdEniK"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
88f046472c221d92-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DMQR0P81LB&_ng=1&gtm=45je4630v9109961003za200&_p=1717591680250&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1821041443.1717591681&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1717591681&sct=1&seg=0&dl=https%3A%2F%2Fchdk.setepontos.com%2Findex.php%3Fthememode%3Dfull%253Bredirect%253Dhttp%253A%252F%252Flandsurveyor.co.nz%252Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA&dt=CHDK%20Forum%20-%20Home%20-%20Index&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DMQR0P81LB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 12:48:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chdk.setepontos.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-DMQR0P81LB&cid=1821041443.1717591681&gtm=45je4630v9109961003za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DMQR0P81LB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 12:48:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chdk.setepontos.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-DMQR0P81LB&cid=1821041443.1717591681&gtm=45je4630v9109961003za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=671273866
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 12:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1332979563&t=pageview&_s=1&dl=https%3A%2F%2Fchdk.setepontos.com%2Findex.php%3Fthememode%3Dfull%253Bredirect%253Dhttp%253A%252F%252Flandsurveyor.co.nz%252Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA&ul=de-de&de=UTF-8&dt=CHDK%20Forum%20-%20Home%20-%20Index&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1693151477&gjid=1941925807&cid=1821041443.1717591681&tid=UA-25368391-1&_gid=1567676038.1717591681&_r=1&gtm=457e4630za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=866280943
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 12:48:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chdk.setepontos.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-2016628404301022
fundingchoicesmessages.google.com/i/ 		192 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2016628404301022?href=https%3A%2F%2Fchdk.setepontos.com%2Findex.php&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2016628404301022&plah=chdk.setepontos.com&aplac=true&bust=31084283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8622e1f17df8a7a194267367f4dea76e8cb649eca75c5d470d201d8cc7680f71
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hm8cAmjIE9OslV6TdTNP3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hm8cAmjIE9OslV6TdTNP3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj8tDikmJw1ZBiOO90h-k6EBtoPGeyAGKJry-ZNIDYKX0GaxAQ-9TPYI0B4tab51inAnHSv_OsRUDc_vkC63QgFuLhaNzbuJlNYMXLn5sYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzAyM9QyM4wsMAPVnMug"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-25368391-1&cid=1821041443.1717591681&jid=1693151477&gjid=1941925807&_gid=1567676038.1717591681&npa=1&_u=YADAAUAAAAAAACAAI~&z=1425175175
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Jun 2024 12:48:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chdk.setepontos.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25368391-1&cid=1821041443.1717591681&jid=1693151477&npa=1&_u=YADAAUAAAAAAACAAI~&z=504892018
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 12:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25368391-1&cid=1821041443.1717591681&jid=1693151477&npa=1&_u=YADAAUAAAAAAACAAI~&z=504892018
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 12:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxXx6ZWNPTUTUazp2HuYhATV-DtU2zBs1ddCjElbLOspS8uzuKqsRruMiFV-acaxfONfyC2obiCvAikaaErVi09Pk8NOfayKU2wLUsZKMACSTwQIvBza3lNyTiWuPHq1uTOzMhbCUA==
fundingchoicesmessages.google.com/f/ 		403 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXx6ZWNPTUTUazp2HuYhATV-DtU2zBs1ddCjElbLOspS8uzuKqsRruMiFV-acaxfONfyC2obiCvAikaaErVi09Pk8NOfayKU2wLUsZKMACSTwQIvBza3lNyTiWuPHq1uTOzMhbCUA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3NTkxNjgxLDQ5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jaGRrLnNldGVwb250b3MuY29tL2luZGV4LnBocCIsbnVsbCxbWzgsIlNaLVhRdUpvM0hNIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyOTg0M10sbnVsbCw4XSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SZ-XQuJo3HM.es5.O/am=AAM/d=1/rs=AJlcJMy_fmkVf_zXVyTZCAgL1nGwPU1ZMA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25b46cc8097acca91874bcec99778bbd2a1bb60cc0489dec8546d922775c5537
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jgPeALg2gQArDC1dtsbIww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-jgPeALg2gQArDC1dtsbIww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj8tDikmLw05BiOO90h-k6EBtoPGeyAGKJry-ZNIDYKX0GaxAQ-9TPYI0B4tab51inAnHSv_OsRUDc_vkC63QgFuLhaNzbuJlN4MXzj3OZlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzAyM9QyM4wsMAABdMxM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SZ-XQuJo3HM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyDcv6lUwOaDM87LBSgpBhTbYfujw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11904530b1336ffc595e931bec74bfae902a8bd03ebdd4633111ccb87c5602c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jun 2024 12:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 12:48:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jun 2024 12:48:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Origin
https://chdk.setepontos.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 00:50:53 GMT
x-content-type-options
nosniff
age
129428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: chdk.setepontos.com
URL: https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/
Origin
https://chdk.setepontos.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:10:34 GMT
x-content-type-options
nosniff
age
81447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:10:34 GMT
AGSKWxXzJ9iWdWgAjIyc2DVT8-_VwL8aiQ1rGf-XBYM74gJzS7Pxei8us1Y9KBhmov3ieMVfF1EO-WaA9R8idBkuD3HyhCE_6_35-qKY6yeRpmXRFrIme0gfhm2QNl-qf_66awYTil8SDg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXzJ9iWdWgAjIyc2DVT8-_VwL8aiQ1rGf-XBYM74gJzS7Pxei8us1Y9KBhmov3ieMVfF1EO-WaA9R8idBkuD3HyhCE_6_35-qKY6yeRpmXRFrIme0gfhm2QNl-qf_66awYTil8SDg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SZ-XQuJo3HM.es5.O/am=AAM/d=1/rs=AJlcJMy_fmkVf_zXVyTZCAgL1nGwPU1ZMA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-udhf6CYmHkEfu3oM7OYTqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jun 2024 12:48:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-udhf6CYmHkEfu3oM7OYTqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBicEqfwRoCxEI8HI17GzezCdzY1NLCrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDMwMjPUMTOILDACNGCH5"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://chdk.setepontos.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXzJ9iWdWgAjIyc2DVT8-_VwL8aiQ1rGf-XBYM74gJzS7Pxei8us1Y9KBhmov3ieMVfF1EO-WaA9R8idBkuD3HyhCE_6_35-qKY6yeRpmXRFrIme0gfhm2QNl-qf_66awYTil8SDg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXzJ9iWdWgAjIyc2DVT8-_VwL8aiQ1rGf-XBYM74gJzS7Pxei8us1Y9KBhmov3ieMVfF1EO-WaA9R8idBkuD3HyhCE_6_35-qKY6yeRpmXRFrIme0gfhm2QNl-qf_66awYTil8SDg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SZ-XQuJo3HM.es5.O/am=AAM/d=1/rs=AJlcJMy_fmkVf_zXVyTZCAgL1nGwPU1ZMA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Fn0G1muWGVNG2KsfuD4ssg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://chdk.setepontos.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jun 2024 12:48:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Fn0G1muWGVNG2KsfuD4ssg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoCxEI8HI17GzezCXzY_6uFWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGJgZGOsZmMQXGAAAs-gihQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://chdk.setepontos.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
chdk.setepontos.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://chdk.setepontos.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef7a97bdb914ec7e08fd77dc5950a9d399d7acfe5e1a7c6bb934db36f4c6a51

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://chdk.setepontos.com/index.php?thememode=full%3Bredirect%3Dhttp%3A%2F%2Flandsurveyor.co.nz%2Fch4RAI1AD5Qm3ToTxfoTx4RAoTxD5Q-anQ3ED5Qm3TI1AD5Qz01zoTxumaD5Q2APQ3EnQ3ExW4G4RAoTxuP21z01W4G4RA
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:48:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343218
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 12 Jan 2008 00:11:41 GMT
server
cloudflare
etag
W/"57e-478805bd-dde2fb48d3f90c3a;br"
vary
Accept-Encoding,User-Agent,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHcn0gcx86fRqVqdxZHwpvDtBDdVqwRKWaeFnyVFbcu%2Bvi6NHco%2ByfXMJB0p17Bb8T740C0OkuwkmmfDNw1ck8Ho702mdfvn3XjSadNfisCliD5md51S8DALnZmjsVH%2FDA3bgDJv"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
88f0464c7cad1d92-FRA
expires
Sat, 08 Jun 2024 13:27:44 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| Eager object| CloudflareApps object| dataLayer undefined| $openPopup undefined| $xhr object| $scrollTo function| displayImageFix function| $ function| jQuery object| jQuery110205673735116413863 string| a boolean| is_ios boolean| is_android string| smf_scripturl object| adsbygoogle object| __cfBeacon object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| googletag object| gaGlobal object| gaplugins object| gaData function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZWM2ODM3NGMyMWVlM2FmOGxvYWRlcl9qcw== string| ZWM2ODM3NGMyMWVlM2FmOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

7 Cookies

Domain/Path Name / Value
.setepontos.com/ Name: PHPSESSID
Value: 65be18b08561b2ad312ed50328a57994
chdk.setepontos.com/ Name: smf4m_mode
Value: mobile
.setepontos.com/ Name: _ga_DMQR0P81LB
Value: GS1.1.1717591681.1.0.1717591681.60.0.0
.setepontos.com/ Name: _ga
Value: GA1.2.1821041443.1717591681
.setepontos.com/ Name: _gid
Value: GA1.2.1567676038.1717591681
.setepontos.com/ Name: _gat_gtag_UA_25368391_1
Value: 1
.setepontos.com/ Name: cf_clearance
Value: Zug51CtzWRbcVBdtDmFqLRpNqylFeq9vplrN6lQ9PvU-1717591681-1.0.1.1-_q6HuRj7fi4fet1TwrGdbhebYYooVOYIIu6XoNSA_LiqBxOqtBgjLd6kZd5ZgyGKwG0ODqpq9r7U_LhP75MAyg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chdk.setepontos.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
142.250.186.35
172.217.18.14
172.217.18.2
172.67.134.77
2001:4860:4802:32::36
216.58.206.68
2606:4700::6810:5049
2a00:1450:4001:803::200e
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c0d::9a
00191d89141f4cae39443eaf9eebcef2cb59dae750d22b72d8ec25aba362b1b7
0467516fad3da4583d87c44e6383e8764a5d5f8c24edeefcaaa4de5983fc492e
0568ac3ae2f69d6918d950e8aaf7a693f4cab04827732caeac923efa7a1e0f92
0ba4ae58f40f7474ed34314043588b316e9e60a32a2ad85fc6db56bbef626621
11904530b1336ffc595e931bec74bfae902a8bd03ebdd4633111ccb87c5602c5
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2552228d61dfc5e523b5a91e041ee1e9e039af89512baf8fac01e2eef32c5400
25b46cc8097acca91874bcec99778bbd2a1bb60cc0489dec8546d922775c5537
3138c069174ccc21a50ec59725f76f3faf454254367d906db04ece644db001b2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
4ef7a97bdb914ec7e08fd77dc5950a9d399d7acfe5e1a7c6bb934db36f4c6a51
4ef9a262317771bbcfa93ef44d3f2ee5b8e1cea0ef2f2fe34837547319ccce90
642aff235fab8d0f59d68d579d67cb9657fcae53e7cf555fb025a20ed78a6e3b
7130cfe48edc87770df04c7d95d42d24dd8860994ff479ffccb8136b3f459202
819e7c536dda1c67939a96c4d1d46af21250bffafa019bdc5585737ae6af012a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8622e1f17df8a7a194267367f4dea76e8cb649eca75c5d470d201d8cc7680f71
8e75905124060d02a2f1830befcfe39d528873da36d7720830c1ef87b013da39
c03307c558f21d32f363203a2f9c55a8833b6231bf211c6da09444793765c7ed
d410b7db02d09c9e9989062aa144764bcd3e0c6df3b042066ea44e224678504d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83f88fae7b3411ca6bb283929420804681a59b2cbc22709e1284920d2e80d36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629